Release v1.1.6 · hashicorp/consul-dataplane

1.1.6 (November 1, 2023)

SECURITY:

Update Envoy version to 1.25.11 to address CVE-2023-44487 [GH-312]
Upgrade google.golang.org/grpc to 1.56.3.
This resolves vulnerability CVE-2023-44487. [GH-323]
Upgrade to use Go 1.20.10 and x/net 0.17.0.
This resolves CVE-2023-39325
/ CVE-2023-44487. [GH-299]
Upgrade to use Go 1.20.8. This resolves CVEs
CVE-2023-39320 (cmd/go),
CVE-2023-39318 (html/template),
CVE-2023-39319 (html/template),
CVE-2023-39321 (crypto/tls), and
CVE-2023-39322 (crypto/tls) [GH-261]