Tags: evacchi/envoy
Tags
repo: Release v1.30.2 **Summary of changes:** - [CVE-2024-34362: Crash (use-after-free) in EnvoyQuicServerStream](GHSA-hww5-43gv-35jv) - [CVE-2024-34363: Crash due to uncaught nlohmann JSON exception](GHSA-g979-ph9j-5gg4) - [CVE-2024-34364: Envoy OOM vector from HTTP async client with unbounded response buffer for mirror response, and other components](GHSA-xcj3-h7vf-fw26) - [CVE-2024-32974: Crash in EnvoyQuicServerStream::OnInitialHeadersComplete()](GHSA-mgxp-7hhp-8299) - [CVE-2024-32975: Crash in QuicheDataReader::PeekVarInt62Length()](GHSA-g9mq-6v96-cpqc) - [CVE-2024-32976: Endless loop while decompressing Brotli data with extra input](GHSA-7wp5-c2vq-4f8m) - [CVE-2024-23326: Envoy incorrectly accepts HTTP 200 response for entering upgrade mode](GHSA-vcf8-7238-v74c) **Docker images**: https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.30.2 **Docs**: https://www.envoyproxy.io/docs/envoy/v1.30.2/ **Release notes**: https://www.envoyproxy.io/docs/envoy/v1.30.2/version_history/v1.30/v1.30.2 **Full changelog**: envoyproxy/envoy@v1.30.1...v1.30.2 Signed-off-by: publish-envoy[bot] <140627008+publish-envoy[bot]@users.noreply.github.com> Signed-off-by: Ryan Northey <[email protected]> Signed-off-by: publish-envoy[bot] <140627008+publish-envoy[bot]@users.noreply.github.com>
repo: Release v1.29.5 **Summary of changes:** - [CVE-2024-34362: Crash (use-after-free) in EnvoyQuicServerStream](GHSA-hww5-43gv-35jv) - [CVE-2024-34363: Crash due to uncaught nlohmann JSON exception](GHSA-g979-ph9j-5gg4) - [CVE-2024-34364: Envoy OOM vector from HTTP async client with unbounded response buffer for mirror response, and other components](GHSA-xcj3-h7vf-fw26) - [CVE-2024-32974: Crash in EnvoyQuicServerStream::OnInitialHeadersComplete()](GHSA-mgxp-7hhp-8299) - [CVE-2024-32975: Crash in QuicheDataReader::PeekVarInt62Length()](GHSA-g9mq-6v96-cpqc) - [CVE-2024-32976: Endless loop while decompressing Brotli data with extra input](GHSA-7wp5-c2vq-4f8m) - [CVE-2024-23326: Envoy incorrectly accepts HTTP 200 response for entering upgrade mode](GHSA-vcf8-7238-v74c) **Docker images**: https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.29.5 **Docs**: https://www.envoyproxy.io/docs/envoy/v1.29.5/ **Release notes**: https://www.envoyproxy.io/docs/envoy/v1.29.5/version_history/v1.29/v1.29.5 **Full changelog**: envoyproxy/envoy@v1.29.4...v1.29.5 Signed-off-by: publish-envoy[bot] <140627008+publish-envoy[bot]@users.noreply.github.com> Signed-off-by: Ryan Northey <[email protected]>
repo: Release v1.28.4 **Summary of changes:** - [CVE-2024-34362: Crash (use-after-free) in EnvoyQuicServerStream](GHSA-hww5-43gv-35jv) - [CVE-2024-34363: Crash due to uncaught nlohmann JSON exception](GHSA-g979-ph9j-5gg4) - [CVE-2024-34364: Envoy OOM vector from HTTP async client with unbounded response buffer for mirror response, and other components](GHSA-xcj3-h7vf-fw26) - [CVE-2024-32974: Crash in EnvoyQuicServerStream::OnInitialHeadersComplete()](GHSA-mgxp-7hhp-8299) - [CVE-2024-32975: Crash in QuicheDataReader::PeekVarInt62Length()](GHSA-g9mq-6v96-cpqc) - [CVE-2024-32976: Endless loop while decompressing Brotli data with extra input](GHSA-7wp5-c2vq-4f8m) - [CVE-2024-23326: Envoy incorrectly accepts HTTP 200 response for entering upgrade mode](GHSA-vcf8-7238-v74c) **Docker images**: https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.28.4 **Docs**: https://www.envoyproxy.io/docs/envoy/v1.28.4/ **Release notes**: https://www.envoyproxy.io/docs/envoy/v1.28.4/version_history/v1.28/v1.28.4 **Full changelog**: envoyproxy/envoy@v1.28.3...v1.28.4 Signed-off-by: Ryan Northey <[email protected]>
repo: Release v1.27.6 **Summary of changes:** - [CVE-2024-34362: Crash (use-after-free) in EnvoyQuicServerStream](GHSA-hww5-43gv-35jv) - [CVE-2024-34364: Envoy OOM vector from HTTP async client with unbounded response buffer for mirror response, and other components](GHSA-xcj3-h7vf-fw26) - [CVE-2024-32974: Crash in EnvoyQuicServerStream::OnInitialHeadersComplete()](GHSA-mgxp-7hhp-8299) - [CVE-2024-32975: Crash in QuicheDataReader::PeekVarInt62Length()](GHSA-g9mq-6v96-cpqc) - [CVE-2024-32976: Endless loop while decompressing Brotli data with extra input](GHSA-7wp5-c2vq-4f8m) - [CVE-2024-23326: Envoy incorrectly accepts HTTP 200 response for entering upgrade mode](GHSA-vcf8-7238-v74c) **Docker images**: https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.27.6 **Docs**: https://www.envoyproxy.io/docs/envoy/v1.27.6/ **Release notes**: https://www.envoyproxy.io/docs/envoy/v1.27.6/version_history/v1.27/v1.27.6 **Full changelog**: envoyproxy/envoy@v1.27.5...v1.27.6 Signed-off-by: Ryan Northey <[email protected]>
repo: Release v1.30.1 **Summary of changes**: * Fix for potential TLS/SNI (`auto_sni`) crash [CVE-2024-32475](GHSA-3mh5-6q8v-25wj). **Docker images**: https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.30.1 **Docs**: https://www.envoyproxy.io/docs/envoy/v1.30.1/ **Release notes**: https://www.envoyproxy.io/docs/envoy/v1.30.1/version_history/v1.30/v1.30.1 **Full changelog**: envoyproxy/envoy@v1.30.0...v1.30.1
repo: Release v1.29.4 **Summary of changes**: * Fix for potential TLS/SNI (`auto_sni`) crash [CVE-2024-32475](GHSA-3mh5-6q8v-25wj). * Fix for `config_dump` in admin UI. **Docker images**: https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.29.4 **Docs**: https://www.envoyproxy.io/docs/envoy/v1.29.4/ **Release notes**: https://www.envoyproxy.io/docs/envoy/v1.29.4/version_history/v1.29/v1.29.4 **Full changelog**: envoyproxy/envoy@v1.29.3...v1.29.4 Signed-off-by: Ryan Northey <[email protected]>
repo: Release v1.28.3 **Summary of changes**: * Fix for potential TLS/SNI (`auto_sni`) crash [CVE pending](GHSA-3mh5-6q8v-25wj). **Docker images**: https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.28.3 **Docs**: https://www.envoyproxy.io/docs/envoy/v1.28.3/ **Release notes**: https://www.envoyproxy.io/docs/envoy/v1.28.3/version_history/v1.28/v1.28.3 **Full changelog**: envoyproxy/envoy@v1.28.2...v1.28.3 Signed-off-by: Ryan Northey <[email protected]>
repo: Release v1.27.5 **Summary of changes**: * Fix for potential TLS/SNI (`auto_sni`) crash [CVE pending](GHSA-3mh5-6q8v-25wj). **Docker images**: https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.27.5 **Docs**: https://www.envoyproxy.io/docs/envoy/v1.27.5/ **Release notes**: https://www.envoyproxy.io/docs/envoy/v1.27.5/version_history/v1.27/v1.27.5 **Full changelog**: envoyproxy/envoy@v1.27.4...v1.27.5 Signed-off-by: Ryan Northey <[email protected]>
repo: Release v1.30.0 (envoyproxy#33573) **Summary of changes**: * Removed the Swift/C++ interop layer in Envoy Mobile. * Add retry policy to ext_proc. * Added HTTP downstream remote reset response flag. * Added support for the Fluentd access logger. * Introduced `MemoryAllocatorManager` to configure heap memory release rate. * Envoy Mobile added `CONNECT` Proxy support for iOS. * Redis: support echo command. * Envoy Mobile setting QUIC newtork idle timeout to 30 seconds. * Sending server preferred address to non-QUICHE clients. * Avoid concatenation of JWT duplicated headers. * HTTP: Keep `Transfer-Encoding` header for `trailers`. * Envoy Mobile setting the socket receive buffer to 1MB for QUIC. * Added `FULL_SCAN` support to least-request load-balancing algorithm. * aws_lambda and ext_proc filters can be used as an upstream filter. * Hosts marked as draining in and EDS update are now excluded. * Envoy Mobile supports log-levels. * Added support for URI tempate matching for RBAC. * Fixed load balancing initialization bug. * Supporting `%UPSTREAM_CONNECTION_ID%` in access logs. * Added request and response attributes support to ext_proc. * Added support sending dynamic metadata to ext_proc. * Re-enable the nghttp2 codec for HTTP/2 connections by default. **Docker images**: https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.30.0 **Docs**: https://www.envoyproxy.io/docs/envoy/v1.30.0/ **Release notes**: https://www.envoyproxy.io/docs/envoy/v1.30.0/version_history/v1.30/v1.30.0 **Full changelog**: envoyproxy/envoy@v1.29.0...v1.30.0 Co-authored-by: publish-envoy[bot] <140627008+publish-envoy[bot]@users.noreply.github.com>
repo: Release v1.29.3 **Summary of changes**: - Patch nghttp2 to resolve [CVE-2024-30255](GHSA-j654-3ccm-vfmm) - Assorted fixes **Docker images**: https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.29.3 **Docs**: https://www.envoyproxy.io/docs/envoy/v1.29.3/ **Release notes**: https://www.envoyproxy.io/docs/envoy/v1.29.3/version_history/v1.29/v1.29.3 **Full changelog**: envoyproxy/envoy@v1.29.2...v1.29.3 Signed-off-by: Ryan Northey <[email protected]> Signed-off-by: Yan Avlasov <[email protected]> Signed-off-by: Ryan Northey <[email protected]>
PreviousNext