Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[release/1.26] repo: Release v1.26.7 #32220

Merged
merged 6 commits into from
Feb 9, 2024
Merged

[release/1.26] repo: Release v1.26.7 #32220

merged 6 commits into from
Feb 9, 2024

Commits on Feb 9, 2024

  1. Fix crash from AWS NLB healthchecks when proxy protocol is enabled 

    Fix: [CVE-2024-23327](GHSA-4h5x-x9vh-m29j)

Signed-off-by: Jacob Neil Taylor <me@jacobtaylor.id.au>
Signed-off-by: Greg Greenway <ggreenway@apple.com>
Signed-off-by: Ryan Northey <ryan@synca.io>
    @jacobneiltaylor @phlax
    jacobneiltaylor authored and phlax committed Feb 9, 2024
    Configuration menu
    Copy the full SHA
    d3e6360 View commit details
    Browse the repository at this point in the history

  2. Fix crash when idle and per try timeouts occurs within backoff interval 

    Fix [CVE-2024-23322](GHSA-6p83-mfmh-qv38)

Signed-off-by: yavlasov <yavlasov@google.com>
Signed-off-by: Ryan Northey <ryan@synca.io>

Signed-off-by: yanavlasov <yavlasov@google.com>
    @yanavlasov @phlax
    yanavlasov authored and phlax committed Feb 9, 2024
    Configuration menu
    Copy the full SHA
    02c1503 View commit details
    Browse the repository at this point in the history

  3. Cache RE object in uri template matcher. 

    Fix [CVE-2024-23323](GHSA-x278-4w4x-r7ch)

Signed-off-by: yavlasov <yavlasov@google.com>
Signed-off-by: Ryan Northey <ryan@synca.io>

Signed-off-by: yanavlasov <yavlasov@google.com>
    @yanavlasov @phlax
    yanavlasov authored and phlax committed Feb 9, 2024
    Configuration menu
    Copy the full SHA
    dccbaab View commit details
    Browse the repository at this point in the history

  4. Fix crashes when proxyproto receives address type not supported by th… 

    …e OS

Fix [CVE-2024-23325](GHSA-5m7c-mrwr-pm26)

Signed-off-by: Greg Greenway <ggreenway@apple.com>
Signed-off-by: Ryan Northey <ryan@synca.io>
    @ggreenway @phlax
    ggreenway authored and phlax committed Feb 9, 2024
    Configuration menu
    Copy the full SHA
    52a5364 View commit details
    Browse the repository at this point in the history

  5. Proxy protocol: sanitise non utf8 chars in TLVs 

    Fix [CVE-2024-23324](GHSA-gq3v-vvhj-96j6)

Signed-off-by: Kateryna Nezdolii <nezdolik@spotify.com>
Signed-off-by: Ryan Northey <ryan@synca.io>
    @phlax
    Kateryna Nezdolii authored and phlax committed Feb 9, 2024
    Configuration menu
    Copy the full SHA
    c815cbd View commit details
    Browse the repository at this point in the history

  6. repo: Release v1.26.7 

    Summary of changes:

- Fix [CVE-2024-23324](GHSA-gq3v-vvhj-96j6)
- Fix [CVE-2024-23325](GHSA-5m7c-mrwr-pm26)
- Fix [CVE-2024-23322](GHSA-6p83-mfmh-qv38)
- Fix [CVE-2024-23323](GHSA-x278-4w4x-r7ch)
- Fix [CVE-2024-23327](GHSA-4h5x-x9vh-m29j)

*Docker images*:
    https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.26.7
*Docs*:
    https://www.envoyproxy.io/docs/envoy/v1.26.7/
*Release notes*:
    https://www.envoyproxy.io/docs/envoy/v1.26.7/version_history/v1.26/v1.26.7
*Full changelog*:
    envoyproxy/envoy@v1.26.6...v1.26.7

Signed-off-by: Ryan Northey <ryan@synca.io>
    @phlax
    phlax committed Feb 9, 2024
    Configuration menu
    Copy the full SHA
    0d48236 View commit details
    Browse the repository at this point in the history