Tags · DigiCore-Services/envoy

v1.31.0

repo: Release v1.31.0

**Summary of changes**:

* Added new `access_log` command operators to retrieve upstream connection information.
* Enhanced ext_authz to be configured to ignore dynamic metadata in ext_authz responses.
* Ext_authz: added a block list for headers that should never be send to the external auth service.
* Ext_authz: added the ability to configure what decoder header mutations are allowed from the ext_authz with the option to fail if disallowed mutations are requested.
* Ext_proc support for observability mode which is "Send and Go" mode that can be used by external processor to observe Envoy data and status.
* Added support for flow control in Envoy gRPC side stream.
* TCP Healthchecks can now leverage ProxyProtocol.
* Hot restart: Added new command-line flag to skip hot restart stats transfer.
* HTTP: Added the ability when request mirroring to disable appending of the `-shadow` suffix to the shadowed `host`/`authority` header.
* HTTP: Added the ability to set the downstream request `:scheme` to match the upstream transport protocol.
* HTTP: Envoy now supports proxying `104` headers from upstream.
* Added the ability to bypass the overload manager for a listener.
* Added support for local cluster rate limit shared across all Envoy instances in the local cluster.
* Added Filter State Input for matching HTTP input based on filter state objects.
* Oauth: Added an option to disable setting the ID Token cookie.
* OpenTelemetry enhancements to support extension formatter and stats prefix configuration for the OpenTelemetry logger.
* QUIC stream reset errors are now captured in transport failure reason. Added support for QUIC server preferred address when there is a DNAT between the client and Envoy.
* Added support for Redis inline commands, Bloom 1.0.0 commands, among other commands.
* Added a new retry policy: `reset-before-request`.
* Added support for dynamic direct response for files.
* Added TLS support to match against `OtherName` SAN-type under `match_typed_subject_alt_names`.
* Upstream: Added a new field to `LocalityLbEndpoints`, `LocalityLbEndpoints.Metadata`, that may be used for transport socket matching groups of endpoints.
* Update WASM filter to support use as an upstream filter.
* Disabled OpenCensus by default as it is no longer maintained upstream.
* Ext_proc support for `route_cache_action` which specifies the route action to be taken when an external processor response is received in response to request headers.
* Golang: Move `Continue`, `SendLocalReply` and `RecoverPanic` to `DecoderFilterCallbacks` and `EncoderFilterCallbacks`, to support full-duplex processing.
* Http2 uses Oghttp2 by default.
* Added a "happy eyeballs" feature to HTTP/3 upstream, where it assuming happy eyeballs sorting results in alternating address families will attempt the first v4 and v6 address before giving up on HTTP/3.
* Populate typed metadata by default in ProxyProtocol listener.
* Datadog: Disabled remote configuration by default.
* Reject invalid runtime YAML instead of supporting corner cases of bad YAML.

**Docker images**:
https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.31.0
**Docs**:
https://www.envoyproxy.io/docs/envoy/v1.31.0/
**Release notes**:
https://www.envoyproxy.io/docs/envoy/v1.31.0/version_history/v1.31/v1.31.0
**Full changelog**:
envoyproxy/envoy@v1.30.0...v1.31.0

Jul 19, 2024
7b8baff
zip
tar.gz

v1.30.4

repo: Release v1.30.4

**Summary of changes**:

- [CVE-2024-39305](GHSA-fp35-g349-h66f) Fix a bug where additional cookie attributes are not sent properly to clients.

**Docker images**:
    https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.30.4
**Docs**:
    https://www.envoyproxy.io/docs/envoy/v1.30.4/
**Release notes**:
    https://www.envoyproxy.io/docs/envoy/v1.30.4/version_history/v1.30/v1.30.4
**Full changelog**:
    envoyproxy/envoy@v1.30.3...v1.30.4

Signed-off-by: Ryan Northey <ryan@synca.io>

Jul 1, 2024
3211331
zip
tar.gz

v1.29.7

repo: Release v1.29.7

**Summary of changes**:

- [CVE-2024-39305](GHSA-fp35-g349-h66f) Fix a bug where additional cookie attributes are not sent properly to clients.

**Docker images**:
    https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.29.7
**Docs**:
    https://www.envoyproxy.io/docs/envoy/v1.29.7/
**Release notes**:
    https://www.envoyproxy.io/docs/envoy/v1.29.7/version_history/v1.29/v1.29.7
**Full changelog**:
    envoyproxy/envoy@v1.29.6...v1.29.7

Signed-off-by: Ryan Northey <ryan@synca.io>

Jun 30, 2024
7ec45b6
zip
tar.gz

v1.28.5

repo: Release v1.28.5

**Summary of changes**:

- [CVE-2024-39305](GHSA-fp35-g349-h66f) Fix a bug where additional cookie attributes are not sent properly to clients.

**Docker images**:
    https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.28.5
**Docs**:
    https://www.envoyproxy.io/docs/envoy/v1.28.5/
**Release notes**:
    https://www.envoyproxy.io/docs/envoy/v1.28.5/version_history/v1.28/v1.28.5
**Full changelog**:
    envoyproxy/envoy@v1.28.4...v1.28.5

Signed-off-by: Ryan Northey <ryan@synca.io>

Jun 30, 2024
1d7aa73
zip
tar.gz

v1.27.7

repo: Release v1.27.7

*Docker images*:
    https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.27.7
*Docs*:
    https://www.envoyproxy.io/docs/envoy/v1.27.7/
*Release notes*:
    https://www.envoyproxy.io/docs/envoy/v1.27.7/version_history/v1.27/v1.27.7
*Full changelog*:
    envoyproxy/envoy@v1.27.6...v1.27.7

Signed-off-by: Ryan Northey <ryan@synca.io>

Jun 29, 2024
66d96c5
zip
tar.gz

v1.30.3

repo: Release v1.30.3

**Summary of changes**:

- Bumped the version of datadog to resolve a crashing bug in earlier versions of the library.

**Docker images**:
    https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.30.3
**Docs**:
    https://www.envoyproxy.io/docs/envoy/v1.30.3/
**Release notes**:
    https://www.envoyproxy.io/docs/envoy/v1.30.3/version_history/v1.30/v1.30.3
**Full changelog**:
    envoyproxy/envoy@v1.30.2...v1.30.3

Signed-off-by: Ryan Northey <ryan@synca.io>

Jun 26, 2024
12a6a79
zip
tar.gz

v1.29.6

repo: Release v1.29.6

**Summary of changes**:

- Bumped the version of datadog to resolve a crashing bug in earlier versions of the library.

**Docker images**:
    https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.29.6
**Docs**:
    https://www.envoyproxy.io/docs/envoy/v1.29.6/
**Release notes**:
    https://www.envoyproxy.io/docs/envoy/v1.29.6/version_history/v1.29/v1.29.6
**Full changelog**:
    envoyproxy/envoy@v1.29.5...v1.29.6

Signed-off-by: Ryan Northey <ryan@synca.io>

Jun 26, 2024
aabd346
zip
tar.gz

v1.30.2

repo: Release v1.30.2

**Summary of changes:**

- [CVE-2024-34362: Crash (use-after-free) in EnvoyQuicServerStream](GHSA-hww5-43gv-35jv)
- [CVE-2024-34363: Crash due to uncaught nlohmann JSON exception](GHSA-g979-ph9j-5gg4)
- [CVE-2024-34364: Envoy OOM vector from HTTP async client with unbounded response buffer for mirror response, and other components](GHSA-xcj3-h7vf-fw26)
- [CVE-2024-32974: Crash in EnvoyQuicServerStream::OnInitialHeadersComplete()](GHSA-mgxp-7hhp-8299)
- [CVE-2024-32975: Crash in QuicheDataReader::PeekVarInt62Length()](GHSA-g9mq-6v96-cpqc)
- [CVE-2024-32976: Endless loop while decompressing Brotli data with extra input](GHSA-7wp5-c2vq-4f8m)
- [CVE-2024-23326: Envoy incorrectly accepts HTTP 200 response for entering upgrade mode](GHSA-vcf8-7238-v74c)

**Docker images**:
    https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.30.2
**Docs**:
    https://www.envoyproxy.io/docs/envoy/v1.30.2/
**Release notes**:
    https://www.envoyproxy.io/docs/envoy/v1.30.2/version_history/v1.30/v1.30.2
**Full changelog**:
    envoyproxy/envoy@v1.30.1...v1.30.2

Signed-off-by: publish-envoy[bot] <140627008+publish-envoy[bot]@users.noreply.github.com>
Signed-off-by: Ryan Northey <ryan@synca.io>

Signed-off-by: publish-envoy[bot] <140627008+publish-envoy[bot]@users.noreply.github.com>

Jun 5, 2024
d79f6e8
zip
tar.gz

Previous Next

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

v1.29.8

v1.28.6