-
Notifications
You must be signed in to change notification settings - Fork 4.8k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- [CVE-2024-53269](GHSA-mfqp-7mmj-rm53): Happy Eyeballs: Validate that additional_address are IP addresses instead of crashing when sorting. - [CVE-2024-53270](GHSA-q9qv-8j52-77p3): HTTP/1: sending overload crashes when the request is reset beforehand - [CVE-2024-53271](GHSA-rmm5-h2wv-mg4f): HTTP/1.1 multiple issues with envoy.reloadable_features.http1_balsa_delay_reset **Docker images**: https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.32.3 **Docs**: https://www.envoyproxy.io/docs/envoy/v1.32.3/ **Release notes**: https://www.envoyproxy.io/docs/envoy/v1.32.3/version_history/v1.32/v1.32.3 **Full changelog**: v1.32.2...v1.32.3 Signed-off-by: Ryan Northey <ryan@synca.io> Signed-off-by: Boteng Yao <boteng@google.com>
- Loading branch information
Showing
10 changed files
with
34 additions
and
20 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
1.32.3-dev | ||
1.32.3 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
date: December 18, 2024 | ||
|
||
bug_fixes: | ||
- area: http/1 | ||
change: | | ||
Fixes sending overload crashes when HTTP/1 request is reset. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
date: December 18, 2024 | ||
|
||
bug_fixes: | ||
- area: http/1 | ||
change: | | ||
Fixes sending overload crashes when HTTP/1 request is reset. | ||
- area: happy_eyeballs | ||
change: | | ||
Validate that ``additional_address`` are IP addresses instead of crashing when sorting. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
date: December 18, 2024 | ||
|
||
bug_fixes: | ||
- area: http/1 | ||
change: | | ||
Fixes sending overload crashes when HTTP/1 request is reset. | ||
- area: happy_eyeballs | ||
change: | | ||
Validate that ``additional_address`` are IP addresses instead of crashing when sorting. | ||
- area: balsa | ||
change: | | ||
Fix incorrect handling of non-101 1xx responses. This fix can be temporarily reverted by setting runtime guard | ||
``envoy.reloadable_features.wait_for_first_byte_before_balsa_msg_done`` to false. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters