Skip to content

Commit

Permalink
changelogs: Add changelog for CVE-2024-30255
Browse files Browse the repository at this point in the history 
GHSA-j654-3ccm-vfmm

Signed-off-by: Ryan Northey <ryan@synca.io>
  • Loading branch information
@phlax
phlax committed Apr 4, 2024
1 parent fb27db4 commit 0f7336b
Showing 1 changed file with 3 additions and 0 deletions.
3 changes: 3 additions & 0 deletions changelogs/current.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,9 @@ bug_fixes:
- area: jwt_authn
change: |
Fixed JWT extractor, which concatenated headers with a comma, resultig in invalid tokens.
- area: http2
change: |
Update nghttp2 to resolve CVE-2024-30255 (https://github.com/envoyproxy/envoy/security/advisories/GHSA-j654-3ccm-vfmm).
removed_config_or_runtime:
# *Normally occurs at the end of the* :ref:`deprecation period <deprecated>`
Expand Down

0 comments on commit 0f7336b

Please sign in to comment.