Skip to content

Releases: envoyproxy/envoy

v1.30.7

29 Oct 14:50
Compare
Choose a tag to compare

repo: Release v1.30.7

Summary of changes

  • Minor tracing bug fix
  • CI and release container updates

Docker images:
https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.30.7
Docs:
https://www.envoyproxy.io/docs/envoy/v1.30.7/
Release notes:
https://www.envoyproxy.io/docs/envoy/v1.30.7/version_history/v1.30/v1.30.7
Full changelog:
v1.30.6...v1.30.7

Signed-off-by: Kateryna Nezdolii kateryna.nezdolii@gmail.com
Signed-off-by: Ryan Northey ryan@synca.io

v1.29.10

29 Oct 12:13
Compare
Choose a tag to compare

repo: Release v1.29.10

Summary of changes

  • Minor tracing bug fix
  • CI and release container updates

Docker images:
https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.29.10
Docs:
https://www.envoyproxy.io/docs/envoy/v1.29.10/
Release notes:
https://www.envoyproxy.io/docs/envoy/v1.29.10/version_history/v1.29/v1.29.10
Full changelog:
v1.29.9...v1.29.10

Signed-off-by: Ryan Northey ryan@synca.io
Signed-off-by: Kateryna Nezdolii kateryna.nezdolii@gmail.com

v1.32.0

15 Oct 16:33
86dc7ef
Compare
Choose a tag to compare

repo: Release v1.32.0 (#36597)

Summary of changes:

  • Envoy now logs warnings when internal_address_config is not set.  If
    you see this logged warning and wish to retain trusted status for
    internal addresses you must explicitly configure
    internal_address_config (which will turn off the warning) before the
    next Envoy release.
  • Removed support for (long deprecated) opentracing. 
  • Added a configuration setting for the maximum size of response headers
    in responses.
  • Added support for connection_pool_per_downstream_connection flag in
    tcp connection pool.
  • For the strict DNS and logical DNS cluster types, the dns_jitter
    field allows spreading out DNS refresh requests
  • Added dynamic metadata matcher support dynamic metadata input and
    dynamic metadata input matcher.
  • The xff original IP detection method now supports using a list of
    trusted CIDRs when parsing x-forwarded-for.
  • QUIC server and client support certificate compression, which can in
    some cases reduce the number of round trips required to setup a
    connection.
  • Added the ability to monitor CPU utilization in Linux based systems
    via cpu utilization monitor in overload manager.
  • Added new access log command operators (%START_TIME_LOCAL% and
    %EMIT_TIME_LOCAL%) formatters (%UPSTREAM_CLUSTER_RAW%
    %DOWNSTREAM_PEER_CHAIN_FINGERPRINTS_256%, and
    %DOWNSTREAM_PEER_CHAIN_SERIALS%) as well as significant boosts to json
    parsing.  See release notes for details
  • Added support for %BYTES_RECEIVED%, %BYTES_SENT%,
    %UPSTREAM_HEADER_BYTES_SENT%, %UPSTREAM_HEADER_BYTES_RECEIVED%,
    %UPSTREAM_WIRE_BYTES_SENT%, %UPSTREAM_WIRE_BYTES_RECEIVED% and
    access log substitution strings for UDP tunneling flows.
  • Added ECDS support for UDP session filters.

Docker images:
https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.32.0
Docs:
https://www.envoyproxy.io/docs/envoy/v1.32.0/
Release notes:

https://www.envoyproxy.io/docs/envoy/v1.32.0/version_history/v1.32/v1.32.0
Full changelog:
v1.31.0...v1.32.0

Signed-off-by: Alyssa Wilk alyssar@chromium.org

v1.31.2

19 Sep 21:55
Compare
Choose a tag to compare

CVE-2024-45807: oghttp2 crash on OnBeginHeadersForStream
CVE-2024-45808: Malicious log injection via access logs
CVE-2024-45806: Potential manipulate x-envoy headers from external sources
CVE-2024-45809: Jwt filter crash in the clear route cache with remote JWKs
CVE-2024-45810: Envoy crashes for LocalReply in http async client

Docker images:
https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.31.2
Docs:
https://www.envoyproxy.io/docs/envoy/v1.31.2/
Release notes:
https://www.envoyproxy.io/docs/envoy/v1.31.2/version_history/v1.31/v1.31.2
Full changelog:
v1.31.1...v1.31.2

Signed-off-by: Boteng Yao boteng@google.com
Signed-off-by: Ryan Northey ryan@synca.io

v1.30.6

19 Sep 20:42
Compare
Choose a tag to compare

Summary of changes

CVE-2024-45808: Malicious log injection via access logs
CVE-2024-45806: Potential manipulate x-envoy headers from external sources
CVE-2024-45809: Jwt filter crash in the clear route cache with remote JWKs
CVE-2024-45810: Envoy crashes for LocalReply in http async client

Docker images:
https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.30.6
Docs:
https://www.envoyproxy.io/docs/envoy/v1.30.6/
Release notes:
https://www.envoyproxy.io/docs/envoy/v1.30.6/version_history/v1.30/v1.30.6
Full changelog:
v1.30.5...v1.30.6

Signed-off-by: Boteng Yao boteng@google.com
Signed-off-by: Ryan Northey ryan@synca.io

v1.29.9

19 Sep 18:30
Compare
Choose a tag to compare

Summary of changes

CVE-2024-45808: Malicious log injection via access logs
CVE-2024-45806: Potential manipulate x-envoy headers from external sources
CVE-2024-45809: Jwt filter crash in the clear route cache with remote JWKs
CVE-2024-45810: Envoy crashes for LocalReply in http async client

Docker images:
https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.29.9
Docs:
https://www.envoyproxy.io/docs/envoy/v1.29.9/
Release notes:
https://www.envoyproxy.io/docs/envoy/v1.29.9/version_history/v1.29/v1.29.9
Full changelog:
v1.29.8...v1.29.9

Signed-off-by: Boteng Yao boteng@google.com
Signed-off-by: Ryan Northey ryan@synca.io

v1.28.7

19 Sep 17:02
Compare
Choose a tag to compare

Summary of changes

CVE-2024-45808: Malicious log injection via access logs
CVE-2024-45806: Potential manipulate x-envoy headers from external sources
CVE-2024-45810: Envoy crashes for LocalReply in http async client

Docker images:
https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.28.7
Docs:
https://www.envoyproxy.io/docs/envoy/v1.28.7/
Release notes:
https://www.envoyproxy.io/docs/envoy/v1.28.7/version_history/v1.28/v1.28.7
Full changelog:
v1.28.6...v1.28.7

Signed-off-by: Boteng Yao boteng@google.com
Signed-off-by: Ryan Northey ryan@synca.io

v1.31.1

14 Sep 17:42
Compare
Choose a tag to compare

repo: Release v1.31.1

Summary of changes:

  • Update curl lib to resolve CVE-2024-7264
  • Assorted fixes
  • Updated container images

Docker images:
https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.31.1
Docs:
https://www.envoyproxy.io/docs/envoy/v1.31.1/
Release notes:
https://www.envoyproxy.io/docs/envoy/v1.31.1/version_history/v1.31/v1.31.1
Full changelog:
v1.31.0...v1.31.1

Signed-off-by: Raven Black ravenblack@dropbox.com
Signed-off-by: Ryan Northey ryan@synca.io

v1.30.5

14 Sep 14:47
Compare
Choose a tag to compare

repo: Release v1.30.5

Summary of changes:

  • Update curl lib to resolve CVE-2024-7264
  • Assorted fixes
  • Updated container images

Docker images:
https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.30.5
Docs:
https://www.envoyproxy.io/docs/envoy/v1.30.5/
Release notes:
https://www.envoyproxy.io/docs/envoy/v1.30.5/version_history/v1.30/v1.30.5
Full changelog:
v1.30.4...v1.30.5

Signed-off-by: Raven Black ravenblack@dropbox.com
Signed-off-by: Ryan Northey ryan@synca.io

v1.29.8

14 Sep 11:40
Compare
Choose a tag to compare

repo: Release v1.29.8

Summary of changes:

  • Update curl lib to resolve CVE-2024-7264
  • Assorted fixes
  • Updated container images

Docker images:
https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.29.8
Docs:
https://www.envoyproxy.io/docs/envoy/v1.29.8/
Release notes:
https://www.envoyproxy.io/docs/envoy/v1.29.8/version_history/v1.29/v1.29.8
Full changelog:
v1.29.7...v1.29.8

Signed-off-by: Raven Black ravenblack@dropbox.com
Signed-off-by: Ryan Northey ryan@synca.io