From 9929075f4b75063003970772616ef954a81df880 Mon Sep 17 00:00:00 2001 From: Ryan Northey Date: Wed, 18 Dec 2024 17:08:52 +0000 Subject: [PATCH] repo: Release v1.32.3 - [CVE-2024-53269](https://github.com/envoyproxy/envoy/security/advisories/GHSA-mfqp-7mmj-rm53): Happy Eyeballs: Validate that additional_address are IP addresses instead of crashing when sorting. - [CVE-2024-53270](https://github.com/envoyproxy/envoy/security/advisories/GHSA-q9qv-8j52-77p3): HTTP/1: sending overload crashes when the request is reset beforehand - [CVE-2024-53271](https://github.com/envoyproxy/envoy/security/advisories/GHSA-rmm5-h2wv-mg4f): HTTP/1.1 multiple issues with envoy.reloadable_features.http1_balsa_delay_reset **Docker images**: https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.32.3 **Docs**: https://www.envoyproxy.io/docs/envoy/v1.32.3/ **Release notes**: https://www.envoyproxy.io/docs/envoy/v1.32.3/version_history/v1.32/v1.32.3 **Full changelog**: https://github.com/envoyproxy/envoy/compare/v1.32.2...v1.32.3 Signed-off-by: Ryan Northey --- VERSION.txt | 2 +- changelogs/current.yaml | 16 +--------------- docs/inventories/v1.32/objects.inv | Bin 178614 -> 178695 bytes docs/versions.yaml | 2 +- 4 files changed, 3 insertions(+), 17 deletions(-) diff --git a/VERSION.txt b/VERSION.txt index 98773de2fad7a..00b225209fa4e 100644 --- a/VERSION.txt +++ b/VERSION.txt @@ -1 +1 @@ -1.32.3-dev +1.32.3 diff --git a/changelogs/current.yaml b/changelogs/current.yaml index 981e449d60d30..4dec346231fa5 100644 --- a/changelogs/current.yaml +++ b/changelogs/current.yaml @@ -1,13 +1,6 @@ -date: Pending - -behavior_changes: -# *Changes that are expected to cause an incompatibility if applicable; deployment changes are likely required* - -minor_behavior_changes: -# *Changes that may cause incompatibilities for some users, but should not for most* +date: December 18, 2024 bug_fixes: -# *Changes expected to improve the state of the world and are unlikely to have negative effects* - area: http/1 change: | Fixes sending overload crashes when HTTP/1 request is reset. @@ -18,10 +11,3 @@ bug_fixes: change: | Fix incorrect handling of non-101 1xx responses. This fix can be temporarily reverted by setting runtime guard ``envoy.reloadable_features.wait_for_first_byte_before_balsa_msg_done`` to false. - -removed_config_or_runtime: -# *Normally occurs at the end of the* :ref:`deprecation period ` - -new_features: - -deprecated: diff --git a/docs/inventories/v1.32/objects.inv b/docs/inventories/v1.32/objects.inv index e153081b64936cf62c1f0081284d9ba875d043a0..764eb2afedd97807f9480978223c39dfad9b8d55 100644 GIT binary patch delta 4425 zcmXYyc{tSF8^$9FMH-AEykf>aj5W(^3)z?OS_h4cT_#(F_nT!fLdiCU7%IkCvJ*lX zOEnYOvMpQwdC`qpLU8)=tITc&z9ZQK=$twz09q06!hg)O$?}u{>Q3 z3zSb!gQu*=SV07x`1ixG{qbhc14KNW1Vh|s>^Hk!Kd^|xXWf{*)Fb|b$j{&L%&JA@ zfR1qgt3}H^en+fEm9by^hC)(k0Kn|5t0#UHnZSZ4#bv@16E0uvDk2qlN6Uk{44;(v zc;O0T(=WzZ*T=;f#a)$;>miH=dSyRP$Q8cpnHlX8bT4mA?$en(_U5&iOb!IU;-}cp z5rv)Jfh_!q$=}%kgaKTQ1~CzR9dUWLe1h;K2b#cM0Z5rUM0+uIspm z`jM>SQ0Li`Myqbcg031QJb|m%Ct2xHIN|cB?o8H1!%J7Ay1$QT=&MT1z1YDC;625~ z+;h)s7(Gr7N`IbfHFS+&Kte=nZK7YkGbi+iF!N)~2uS?s& zYVk;juVddpA@R&Mu$@frm-370iWKSpGnRrTE~K=1m49N4=kOv+A0PXB)5l0BU$Q$HLG>p zpN;-DPc6Q(;M39Rxvj}KN9iDR8T&2kt)RjDwK{VyJquhis~BNF;=t|| zSuooQj4u-=IwEcpGT#jeYzzNQYT*j~~xi(NX`>~Jgh#(?ULABJjKFLD(f z6c^_6do}RAo%uik+pCUco=`JwV;)Ij zFG~tnfEyoRnx5inK#VsSuQ7ULlBF{_6~P2}QG+NAsEfs6+fB7+A@BhRlNqyDqJ$jw zwX84-Dp#X)(-e7Rocf(lI`Uf&hoh;V5yguYozZSfpg+aUfuemFNbp?KMcVnQ*| z<*@hVguSG--A$huQIc5UTv6F&Rwz)Ahwe9oT^+smn()uX#=s1uiL5U z&j1uIR@4(xj?)bA^L*st0EL@C$u^AEQG2GyDN_~_GqEccPd3GKDu8eoi6f%4;aEb| zsbu&P6h00mn=+xQ4LXb{ZLF!*QMq4{=12qcgdEn1^R^+N8lOa)FQrS*p`o?VJ}?R0Z{1ge{4p7GfK#+LNvP#o(@DdS*;M(O3ucRc0mJYqx{WJQZa@fWaJAXm*3_|6Sp zN_zmRxvxvnbAwjW(r~HP@@eGOQmpO9SoTZEzs5A)4BWvVw zDuIX>p*y0etyo-Dd(y3WF}QkhLdapRreDBgalLUP$`@9v3~gItPa5tmSD{Z7$*N8a zUM!}U%;XdMUK8t}DU6bqbGJV>qU^KYvS!Gs;EVn zfo(Vfv>vWIV%TmVMa~DvN%@@D!0m7nBZPJeL&R#E$*GE)DO<2E?P&b1y|2XNwkrz# z#vN7hbRfRg)%#YFIWqA-7iL#Qp(}q}Smsf-K=N6zTw$GI*$fA9h3gL56S{Ce({OYy zB$QEsL4ZL1md~lkLy+)dh7_H~5VB8EwJpTqFN;}#ke7Ly#6!(X!I7Y}2wi7L;1Jus z7<@&HX_(RexuzxZs$~Kn>mZ9lEXX=WmtybMMNmk`NpnX-85J313dtJSBF$;lx3^kYqMJY|eFf*#KI$L)p`P394#Tu!0GnLL}6loJKa`vkP1S*ap7(bL8aW-~#NJPJ! zBKcaPj3U~ivWX>j)IvBwG*HC(kufEn4ecJq zKUZjjjI&9|VVSs%QOm$7@GurLUeos=k)=tTN?gRtL^}x07DIS_ifT102_KNun`9Ye zC%HjTCOjn-vO_oOROk=+Y>`Jc38hRG?>b53WYQ&jdR3DFqLd6Ny<`u3uXZeOh0qX~ zKF7a&oqLQaWVS!;Ty9wl3aZhau|L&Ktj)lc^AtiEl^B#N$Oq*oASFW~s9+2+TbpV* zBn9u5(xWo_q`Y^d_ zw8^$6g`NeZy1?P({}A1)W|;my)|R3@J|Z%^zlN*D!`3$oNRp=h7eQDF=|P4dP%+}0;9r*7)3Bx9bq zWa8|=g_2Pu%UNmofVAEaqpdreBNAA3NVv>OVM*@?)qK|Nvwzq{D9Xg;ga7o`+s-<2 zQXQuXPoqRdHH21)Y0Pe?2ELYom&%Z-%mEzq0BpARZ-t`Y3jR3>)tR_baI_=?DG)0I z50@biG1|>JIw3Wk68KpsSa>Hv3KO~$_A_0Cy-eKtiGYqrBS4mJZ25#>XT2zx=b6)aawC`;#bf*A0xQV&5j2fE*qwWrEHANPM- z&S+1m`Vv#Oohcn2fdwSO^z)=9H!rRTY(9CEg^T4qVWch#mytbT)arsPbU8t!xC64@ z{twYW7LLOE2a$vOE~IE1(^H~t{^cHkWd(%qLZ2v1FqxV%oc}YRa{+EhKG)Rc#E3}e za22hu+Ysp1pQ$7%b-5x*t_fuTbG6IdDJb+9)03*55-24H7my<-GY2GvM`I--^(&+{ zH_zJojTz!vcr`Bk;8ipuUUK4<2rb zXd1?wq_zEXRqc$^?<&_A9{799k1?7m_1fT;G6lI|g`4jL$7;NqN3$FYnnqs_lFZ6m zO6=@CJZr)-q<|$U=ZczL|J|cKyAeIl^<`Mw7R_~5IF~9EvMX}ui05k6=m9!Q>-S-S z0G^s3yvub5IO67gN1<6XAC#y7amzZWbx*_*B}c1!h`nZa9R{pY+uj0QS~~qcI{l6UeEOzJ zbY3<3hbaRpN?vP&1iJ|i<(#%0zS=OKK0qp<3P;V~%c?E%7C_c?{r%_x|8YNd;}jyud^u(J>5Zw*9xq3U^Ly<`<^4K<8IB*8imq_- zT$eglGf|hKqH0`G66tkI^GY3;6F5Bc;xE*T&n&H9>8xpqJRk8f@rB{7eGd(kL zAdmj5sO;lheQ;Wi+3fY;y7Cm2{qfR*&YkwFamN_{jr2w9`~z`6x0J6x6T zHU-{eYo->AUKz`cT!}9xjDv78It}v+Yl2~(3hION8QG9TlOVgHecDpD^%wT~$`no% z?@;Qmi0Q-in2xd4u)3t|t1cjW-#fqPM^j1Nq5sG{Hha@21k?g&>AiH>_A6D7*`Fmg zUCYh-A?qF)Xkj2U#+1>$l_YGPk9otS**oW+J!_Ak`%65ZAZESrbP(m7v>Shydj?M6 z|NFwfnYPmHxl!$_)s_s@U+94F2hAk9|K~Fe$9TR+&$4YSY$tbiwbM#CM73TO-&f19 zi{E0`aR`fdzrXehKq~iDyV}ObWXn%$F^=8w5tn(AMUTP_C=dTH(X8Yg36WV=W&b2JQu!o2`+I0NoZbmHGHD54IJF6)w*C zi9woQ(ye=bz(zN%m zZFft_`eWQu(0=bnDZvhP*E(TDt?Hd|6+>EfA2}ZJ+|}jq-_5LDE^Zoozns8Xnd*P*|Z=PriD}S*8ien5vt~@ zncuK^6tv5p8)*Ei02t)(55l#sJua?!1QRkf;|)UJc6n3tI!`5Q)MD#rMQuFQZgpB1 z-2;m61+^`?GlIDq;Q@7X;pyr@hnpD~c2(V+xd!?pRq{u-@HUlBrUmQQ{=Fg#GanJ3 zlb-(oCRTM7P_RvOQQ_8y;s`(Ws{O8}u}3e2t;26kw?52Y{ornizswp?czGgPhF5mpZDYa$NQY~dOXiLuXp?gZ|yqoqLmDYhJGq^o4SZ#KKd_u} zGxzI^>^TpKA4iIiS89h=en>p!6AvH1{z2`_Vq9~cOYtXO;CG=C1&aN$s0lGrU~k}e3Qbnp?SYV}-cFn-^1Vob zP8wl;zS~m22c)55{7cbR7S{@r_glTUsc|LZg{a5T<5tVVDgp5od}3U(%DMR9z=f6_ zTypra&F74tS)u$x_Kc>04n}2Fzn9$Dqg#zt_B2C*BmD)>5u%B3p+S#$nwT3A-`1;} zFDWLL?kw{5Ok^()-}S3wH(eqNmNW0SaPV6_T|N>QP*lVx2J5B?cH4}`|H^Qme(B5lLHPu; z^Vl`%WX&%`$7!w~h6Npl<&Hl~?QXzyKhYTD+o^=_{!Yjz3iQ|2H3bYeDB(ZzmL0yk zQE+^5aYI`H8G{%zoowK9JE&ofuKfj>QTlD?^VFZ5=RnXn;R+GWoM-;X?TOV3;Y zAoE^hT{^k6&9h}j`Py^<~NMbJ`6i|~=$ZD1`J5x;1P`Sbs z213&oDrh9`T>viIoVaxsoF;`pLv@9{O&~O*n9A$TgwGUXl)o%4vcrYDY+R;|70)b= z2ifx2$BuzWo*=1;6ZK(Hr&Gux0swJ#Z(Y~3aO_#284w?>Aw=pBlyZk%!1R_Hqn>f= zDYIw0j|=FJD)Jb?Hs1y?FuAirjQ>Cob>=`+`thaGyOTBV4LcLJrRif1M6^KpVlbpPVZ>o=T=$7VoUJfmDOusK$nQ zC2rU_eG_png+4LDg&8Hh;C$sc6$z1vhzQ#B!u0D5YWJ`)KV7*g3=YwCJ+Po2!XA3-6W}TYt_lGT0qlx;jB&4w69~Z4 zw+gAujTDfw0GVeg146qeRMiN)7~{|&&Fg;^oQ5DGtf6ROLK1{ViYd8HB@CW6K}qmf zChMw_EmO%zFir-b93`2?oJj?#3095(77z6lb8iZ#NUe@aw%*f7C0_(b!`MrmGa+yi zBt{i5q)=%J9zY@{_1Vsq_@$EZ;6fTewUs|z1ttwGK9|hTHa-lxhfF2^vIOo-v=c%7 zkxyg4pCR2jBlQAYNr*a=N)`nJyx3oyl$9nmoRz8+Xy(c=23H#)2KA{jWSdm71sF#I zD03R5G5OO#DuPtel03*`?eR zL>~*lx*(BLN=SZKc^TbMF@yOlUBu4bfip>-Bq}ded7@s-`WiUE4uO`|Jt|uVaj%J? zlGx02$D#0#P@owno|o?eDeJtHw~TW&ClW=(DWSM?_$DPXZ-T2`5v+`62gP1@@VXmf zvWCsE=&Tv8$24W(#`&w(TW5}(ZGpJIjiDm%!R#KHu#!mrPiwHlRCroFOmI3;{so#O z;~y@=H3YURax}vs%o5~XRDDMww9hg1hLd8fHzp|hziFIQGslUUCs24g~(0 znP~o7+qw|&a4^odsF6VsJR-Vrc%m)o~+gCSpAW>|* zQG)C_RChEEi9TEi;-FAqEI2I&(Tlq0UZRywRud|m1E?BB7Bckq z#1&fpmB4khm^oMk8stXb*EAt@7)ue(q6K@ckSGgYq8^4lyKuq^_s%LIn`e+;H4BU( zBL?lMbL6pf^59`z;2iJkT<|~+qPK?4;r;;zS864&(22Z?-g1_jxd4?pA6tT?!UhRQ zln1Y6jqWG%w{-HP5KipSSk~p>vvPlp1wcoWOwdwzm@bC(5Q$3S^;eFfd~LMG6%wrz zD10o5OC?~;vwz)>GRNX}FaisF=)(%1Wu^?EGWxN9Th2;HqEdMMYnngRU(O(_2>-Q* zTND^P8OAgN`T};aBog*tg~56xs)pB6IV#)bmrhI7Ighr&kSw zKZX58NBmlW#ie2s$~Y^ymdlv0%l=W?u_KY}{!!}cMWVWS;h3nb=pGx~D;w@?o?dTK zYX-Sd`0O`;hSO9Kl;$kl(HNtuAN-O1zON0=$|j)9i<2`GzJAU?PBADD@SET5$tg0cHG%~ zy%OoI;A$qKH-pVVv9BGx-iDZ|(RDm8@Sz`nFQYk+L+xJB$B-_H3(3UZAn&FBQGs#H z^5gLg@{n*LEUFa!MIPQKum1^vb>*_dE!ZY_0%`2ImCT!!AQb^B51vSZ(&A(PE`DaH zD~ZQd>bA_|YN*UL9PhP+9KIQekWTPGbE3TyP<)DhZcIQ&0S;FHVgc5Q@HQ}}6>(GX z@h@<^0{o7Gz8YX;(&ictV3)Ee?|jvMYgH8=2c^Zt)*~ljEMe0k7WQ3O*f86mRy)AN z$@BGVr2fYNu`@*a4?H|vKADc?`Oag@VY~$e7P>s`qrlj;0tjsL+C9LCQk86L_Pp#l zx!y`-5f}>yvl?XUjojmSZsi$BIn3fKc7`r)+j|FDv@GOY>PdU2P_jY2W#S3i?9IVu zw-yZYVpGhY+L#f9QE!^nHM8E7+sB$ZO>XCO{rGU4INa2%qLJlPw;goh55Q>r=G}q0 zOKW+|<~f_Ta=O0!|6ON@ znBDb5%_4MHArwTsNW82vKiNw?d8J_gTx!=Y9bBOt(gO0tj)dz7ZJ$+n}c4}Ef$vj5#DQbA7f80~_ZNZ#i zQkzB!Rs46y((u=YRD8}KPC7BC>*c$3;=5k;pWJ~>YFSS4=O6_~W;}+xxgMd{AnN5u zw9e?z+yi`Lte(9ksn4@-cc@Sx(&?IfJvn+UFHSTo_E;}mQ6J$viZNijq>OoP`&JZ! zC$re=?~{>lf&;W8B(}6c^q-)988%Bi#6jt%{WO&RfptZIo~3 zV*2Q^IGG%iX$~j$Clrz#8E$>~;};!2cds-m$!iW9I4CJ5)2x!uQ(72A4vz_rJ<3>X0$G*SXRVZQFs=`Rl7-^cDrR0M`pmIcbLh);YE zRnP2PjLbrm(2qYfa;)6cRuY@aD{r1sSMIat5nKDtz!@jz7C5p1{Uyf(f6 zX8BQf$@NnU1oy~yee8I3uX?s{ruI-EtQ1GgYiW9L^euNTQvkB_;ZZ94&@ z^0vFFwhiZXNTPaLKlPf8tn{-zke= zzSqhs`<4>E=UaV5BmXRPpVrZL7^pV>a%!t}<(_b}tHaULA3i*MXIVWPo@4CQQ@;6M zFn!R2f4eZMZl#-~9yX>#6s}?j8ZJ&t%q(BV=h8Dp-tq;Ln~pOm4h_i%OLk5Fh0CwO z7@4LI+7Ob9k?UNqZLoK4Xh)~RUl*zP>81xbj8wzpzE+L*4L2$u&0e;5>U)lO+@J*> z6(l;0o;M!dx^F@u)@>r_bZ>&jR_A;FTi{o4Sz!usX|-Yd+pHw<(QNL^?8j=Od3EEQ zsgdVufBKKjXWBM7?YsTakA0)N5I? zg&kfi#u=IoZTV>vBfRSjD2+}t&}X>t1DGyLWp8$KC|HwWI5z)lct`vScA#e2WvB6SUXM0C zqEgjisXJvn+#_7a&#yY4wdnKx8096aF>;CweV7luJJ706RFGM7-6O<%rC$#J^D86v zmj*6#x^DVpctU31++B|(QqQy7135-LeVL5HQ(<2lMq+9|+LyNI8+7MdY=3^i+!S9V z_@?flx|1WTIdsM|;!7$o|NLS)qBI}kv9W_s+U=asdgGam5(?4qaf;xss;^Koxq(zp z9KGx^c3FCB69@b}aesxf)0E8e5VfI)x5STHHYjA*eXrH@*;xtPiE|BoFLFuLRcAW> zZh?5-f3bI6g7$;%J0EiT{qwla*z9UD2dBmA)++s43T2@_UrbiXapqDqMM!(c_Vhl{ J4gMtj{{Z-i9^C){ diff --git a/docs/versions.yaml b/docs/versions.yaml index 327c6a0fd7549..c812cce1053ac 100644 --- a/docs/versions.yaml +++ b/docs/versions.yaml @@ -25,4 +25,4 @@ "1.29": 1.29.11 "1.30": 1.30.8 "1.31": 1.31.4 -"1.32": 1.32.1 +"1.32": 1.32.2