Skip to content

Latest commit

 

History

History
1175 lines (1148 loc) · 110 KB

version_history.rst

File metadata and controls

1175 lines (1148 loc) · 110 KB

Version history

1.14.0 (Pending)

1.13.0 (January 20, 2020)

1.12.2 (December 10, 2019)

  • http: fixed CVE-2019-18801 by allocating sufficient memory for request headers.
  • http: fixed CVE-2019-18802 by implementing stricter validation of HTTP/1 headers.
  • http: trim LWS at the end of header keys, for correct HTTP/1.1 header parsing.
  • http: added strict authority checking. This can be reversed temporarily by setting the runtime feature envoy.reloadable_features.strict_authority_validation to false.
  • route config: fixed CVE-2019-18838 by checking for presence of host/path headers.

1.12.1 (November 8, 2019)

  • listener: fixed CVE-2019-18836 by clearing accept filters before connection creation.

1.12.0 (October 31, 2019)

1.11.2 (October 8, 2019)

1.11.1 (August 13, 2019)

1.11.0 (July 11, 2019)

1.10.0 (Apr 5, 2019)

1.9.1 (Apr 2, 2019)

1.9.0 (Dec 20, 2018)

1.8.0 (Oct 4, 2018)

1.7.0 (Jun 21, 2018)

1.6.0 (March 20, 2018)

1.5.0 (December 4, 2017)

1.4.0 (August 24, 2017)

1.3.0 (May 17, 2017)

1.2.0 (March 7, 2017)

1.1.0 (November 30, 2016)

1.0.0 (September 12, 2016)

Initial open source release.