v2.10.5

Github Advisory GHSA-7v4p-328v-8v5g
Related to CVE-2023-39325

Bug fixes:

• [accesslogs] Move origin fields capture to service level (#10126 by rtribotte)
• [accesslogs] Fix preflight response status in access logs (#10142 by rtribotte)
• [acme] Update go-acme/lego to v4.14.0 (#10087 by ldez)
• [acme] Update go-acme/lego to v4.13.3 (#10077 by ldez)
• [http3] Update quic-go to v0.37.5 (#10083 by ldez)
• [http3] Update quic-go to v0.39.0 (#10137 by ldez)
• [http3] Update quic-go to v0.37.6 (#10085 by ldez)
• [http3] Update quic-go to v0.38.0 (#10086 by ldez)
• [http3] Update quic-go to v0.38.1 (#10090 by ldez)
• [kv] Ignore ErrKeyNotFound error for the KV provider (#10082 by sunyakun)
• [middleware,authentication] Adjust forward auth to avoid connection leak (#10096 by wdhongtw)
• [middleware,server] Improve CNAME flattening to avoid unnecessary error logging (#10128 by niallnsec)
• [middleware] Allow X-Forwarded-For delete operation (#10132 by rtribotte)
• [server] Update x/net and grpc/grpc-go (#10161 by rtribotte)
• [webui] Add missing accessControlAllowOriginListRegex to middleware view (#10157 by DBendit)
• Fix false positive in url anonymization (#10138 by jspdown)

Documentation:

• [acme] Change Arvancloud URL (#10115 by sajjadjafaribojd)
• [acme] Correct minor typo in crd-acme docs (#10067 by ayyron-lmao)
• [healthcheck] Remove healthcheck interval configuration warning (#10068 by rtribotte)
• [kv,redis] Docs describe the missing db parameter in redis provider (#10052 by tokers)
• [middleware] Doc fix accessControlAllowHeaders examples (#10121 by ebuildy)
• Updates business callout in the documentation (#10122 by tomatokoolaid)