repo: Release v1.25.10

Summary of changes:

- Resolve CVE-2023-44487 (GHSA-jhv4-f7mr-xx76)
- Update Docker images to resolve glibc vulnerabilites

**Full Changelog**: v1.25.9...v1.25.10

Docker images: https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.25.10
Docs: https://www.envoyproxy.io/docs/envoy/v1.25.10/
Release notes: https://www.envoyproxy.io/docs/envoy/v1.25.10/version_history/v1.25/v1.25.10

Signed-off-by: Ryan Northey <[email protected]>

VERSION.txt

@@ -1 +1 @@
-1.25.10-dev
+1.25.10

changelogs/1.24.11.yaml

@@ -0,0 +1,19 @@
+date: October 10, 2023
+
+behavior_changes:
+- area: http
+  change: |
+    Close HTTP/2 and HTTP/3 connections that prematurely reset streams. The runtime key
+    ``overload.premature_reset_min_stream_lifetime_seconds`` determines the interval where received stream
+    reset is considered premature (with 1 second default). The runtime key ``overload.premature_reset_total_stream_count``,
+    with the default value of 500, determines the number of requests received from a connection before the check for premature
+    resets is applied. The connection is disconnected if more than 50% of resets are premature.
+    Setting the runtime key ``envoy.restart_features.send_goaway_for_premature_rst_streams`` to ``false`` completely disables
+    this check.
+- area: http
+  change: |
+    Add runtime flag ``http.max_requests_per_io_cycle`` for setting the limit on the number of HTTP requests processed
+    from a single connection in a single I/O cycle. Requests over this limit are processed in subsequent I/O cycles. This
+    mitigates CPU starvation by connections that simultaneously send high number of requests by allowing requests from other
+    connections to make progress. This runtime value can be set to 1 in the presence of abusive HTTP/2 or HTTP/3 connections.
+    By default this limit is disabled.

changelogs/current.yaml

@@ -1,7 +1,6 @@
-date: Pending
+date: October 10, 2023
 
 behavior_changes:
-# *Changes that are expected to cause an incompatibility if applicable; deployment changes are likely required*
 - area: http
   change: |
     Close HTTP/2 and HTTP/3 connections that prematurely reset streams. The runtime key
@@ -18,19 +17,18 @@ behavior_changes:
     mitigates CPU starvation by connections that simultaneously send high number of requests by allowing requests from other
     connections to make progress. This runtime value can be set to 1 in the presence of abusive HTTP/2 or HTTP/3 connections.
     By default this limit is disabled.
-
-minor_behavior_changes:
-# *Changes that may cause incompatibilities for some users, but should not for most*
+- area: http
+  change: |
+    Add runtime flag ``http.max_requests_per_io_cycle`` for setting the limit on the number of HTTP requests processed
+    from a single connection in a single I/O cycle. Requests over this limit are processed in subsequent I/O cycles. This
+    mitigates CPU starvation by connections that simultaneously send high number of requests by allowing requests from other
+    connections to make progress. This runtime value can be set to 1 in the presence of abusive HTTP/2 or HTTP/3 connections.
+    By default this limit is disabled.
 
 bug_fixes:
-# *Changes expected to improve the state of the world and are unlikely to have negative effects*
 - area: tls
   change: |
     fixed a bug where handshake may fail when both private key provider and cert validation are set.
-
-removed_config_or_runtime:
-# *Normally occurs at the end of the* :ref:`deprecation period <deprecated>`
-
-new_features:
-
-deprecated:
+- area: docker/publishing
+  change: |
+    Update base images to resolve various glibc vulnerabilities.

docs/versions.yaml

@@ -17,5 +17,5 @@
 "1.21": 1.21.6
 "1.22": 1.22.11
 "1.23": 1.23.12
-"1.24": 1.24.10
-"1.25": 1.25.8
+"1.24": 1.24.11
+"1.25": 1.25.9