Skip to content

Latest commit

 

History

History
1087 lines (1061 loc) · 99.8 KB

version_history.rst

File metadata and controls

1087 lines (1061 loc) · 99.8 KB

Version history

1.13.0 (pending)

1.12.2 (December 10, 2019)

  • http: fixed CVE-2019-18801 by allocating sufficient memory for request headers.
  • http: fixed CVE-2019-18802 by implementing stricter validation of HTTP/1 headers.
  • http: trim LWS at the end of header keys, for correct HTTP/1.1 header parsing.
  • http: added strict authority checking. This can be reversed temporarily by setting the runtime feature envoy.reloadable_features.strict_authority_validation to false.
  • route config: fixed CVE-2019-18838 by checking for presence of host/path headers.

1.12.1 (November 8, 2019)

  • listener: fixed CVE-2019-18836 by clearing accept filters before connection creation.

1.12.0 (October 31, 2019)

1.11.2 (October 8, 2019)

1.11.1 (August 13, 2019)

1.11.0 (July 11, 2019)

1.10.0 (Apr 5, 2019)

1.9.1 (Apr 2, 2019)

1.9.0 (Dec 20, 2018)

1.8.0 (Oct 4, 2018)

1.7.0 (Jun 21, 2018)

1.6.0 (March 20, 2018)

1.5.0 (December 4, 2017)

1.4.0 (August 24, 2017)

1.3.0 (May 17, 2017)

1.2.0 (March 7, 2017)

1.1.0 (November 30, 2016)

1.0.0 (September 12, 2016)

Initial open source release.