diff --git a/VERSION.txt b/VERSION.txt index 27fdfb7168b3..bf4df28efca7 100644 --- a/VERSION.txt +++ b/VERSION.txt @@ -1 +1 @@ -1.28.2-dev +1.28.2 diff --git a/changelogs/1.26.8.yaml b/changelogs/1.26.8.yaml new file mode 100644 index 000000000000..a59f0acb0ad0 --- /dev/null +++ b/changelogs/1.26.8.yaml @@ -0,0 +1,13 @@ +date: April 4, 2024 + +bug_fixes: +- area: http2 + change: | + Update nghttp2 to resolve CVE-2024-30255 (https://github.com/envoyproxy/envoy/security/advisories/GHSA-j654-3ccm-vfmm). + +new_features: +- area: google_grpc + change: | + Added an off-by-default runtime flag + ``envoy.reloadable_features.google_grpc_disable_tls_13`` to disable TLSv1.3 + usage by gRPC SDK for ``google_grpc`` services. diff --git a/changelogs/1.27.4.yaml b/changelogs/1.27.4.yaml new file mode 100644 index 000000000000..73d73f7b7a33 --- /dev/null +++ b/changelogs/1.27.4.yaml @@ -0,0 +1,20 @@ +date: April 4, 2024 + +behavior_changes: +- area: http2 + change: | + Discard the ``Host`` header if the ``:authority`` header was received to bring Envoy into compliance with + https://www.rfc-editor.org/rfc/rfc9113#section-8.3.1 This behavioral change can be reverted by setting runtime flag + ``envoy.reloadable_features.http2_discard_host_header`` to false. + +bug_fixes: +- area: http2 + change: | + Update nghttp2 to resolve CVE-2024-30255 (https://github.com/envoyproxy/envoy/security/advisories/GHSA-j654-3ccm-vfmm). + +new_features: +- area: google_grpc + change: | + Added an off-by-default runtime flag + ``envoy.reloadable_features.google_grpc_disable_tls_13`` to disable TLSv1.3 + usage by gRPC SDK for ``google_grpc`` services. diff --git a/changelogs/current.yaml b/changelogs/current.yaml index 426455be866b..e176c9f62693 100644 --- a/changelogs/current.yaml +++ b/changelogs/current.yaml @@ -1,7 +1,6 @@ -date: Pending +date: April 4, 2024 behavior_changes: -# *Changes that are expected to cause an incompatibility if applicable; deployment changes are likely required* - area: http2 change: | Discard the ``Host`` header if the ``:authority`` header was received to bring Envoy into compliance with @@ -9,14 +8,12 @@ behavior_changes: ``envoy.reloadable_features.http2_discard_host_header`` to false. minor_behavior_changes: -# *Changes that may cause incompatibilities for some users, but should not for most* - area: http change: | Enable obsolete line folding in BalsaParser (for behavior parity with http-parser, the previously used HTTP/1 parser). bug_fixes: -# *Changes expected to improve the state of the world and are unlikely to have negative effects* - area: jwt_authn change: | Fixed JWT extractor, which concatenated headers with a comma, resultig in invalid tokens. @@ -24,14 +21,9 @@ bug_fixes: change: | Update nghttp2 to resolve CVE-2024-30255 (https://github.com/envoyproxy/envoy/security/advisories/GHSA-j654-3ccm-vfmm). -removed_config_or_runtime: -# *Normally occurs at the end of the* :ref:`deprecation period ` - new_features: - area: google_grpc change: | Added an off-by-default runtime flag ``envoy.reloadable_features.google_grpc_disable_tls_13`` to disable TLSv1.3 usage by gRPC SDK for ``google_grpc`` services. - -deprecated: diff --git a/docs/inventories/v1.26/objects.inv b/docs/inventories/v1.26/objects.inv index 26b06951df94..e8c220301cff 100644 Binary files a/docs/inventories/v1.26/objects.inv and b/docs/inventories/v1.26/objects.inv differ diff --git a/docs/inventories/v1.27/objects.inv b/docs/inventories/v1.27/objects.inv index 4eee783c0fd4..d2997321e462 100644 Binary files a/docs/inventories/v1.27/objects.inv and b/docs/inventories/v1.27/objects.inv differ diff --git a/docs/inventories/v1.28/objects.inv b/docs/inventories/v1.28/objects.inv index c454862b2315..19b5b89f7d8e 100644 Binary files a/docs/inventories/v1.28/objects.inv and b/docs/inventories/v1.28/objects.inv differ diff --git a/docs/versions.yaml b/docs/versions.yaml index 033db70e08ca..2e3ea0c02b69 100644 --- a/docs/versions.yaml +++ b/docs/versions.yaml @@ -19,6 +19,6 @@ "1.23": 1.23.12 "1.24": 1.24.12 "1.25": 1.25.11 -"1.26": 1.26.7 -"1.27": 1.27.3 -"1.28": 1.28.0 +"1.26": 1.26.8 +"1.27": 1.27.4 +"1.28": 1.28.1