v1.2.7

Date: March 06, 2025

Security updates

• Fixed CVE-2025-25294: log injection vulnerability in Envoy Gateway when using default access log.

Bug fixes

• Fixed translating of backendSettings for extAuth.
• Fixed allowing weights to be zero on endpoints for backendRefs in TCPRoute and UDPRoute.
• Fixed validation of all xDS resources before sending them to the Envoy fleet.
• Added support for Secret and ConfigMap parsing in Standalone mode.

Other changes

• Bumped the version of the ratelimit image to ae4cee11.