v1.4.1
less than a minute
Date: June 4, 2025
New Features
- Added support for configuring Subject Alternative Names (SANs) for upstream TLS validation via
BackendTLSPolicy.validation.subjectAltNames. - Added support for setting ownerreference to infra resources when Gateway Namespace mode is enabled.
Bug Fixes
- Fixed OverlappingTLSConfig condition for merged Gateways.
- Fixed an issue with shared rules in the rate limit translator when
clientSelectoris not specified. - Fixed an issue with handling integer values in zone annotations.
- Fixed an issue where routes without WASM in their EnvoyExtensionPolicies returned HTTP 500 responses when WASM cache initialization failed.
- Fixed an issue where UDP listeners were not created in the Envoy proxy’s xDS configuration.
- Fixed broken rate limit merging for
BackendTrafficPolicywhen the Gateway target defines rate limiting but the Route target does not. - Fixed an issue that preserves ALPN configuration for listeners with overlapping certificates when ALPN is explicitly set in
ClientTrafficPolicy. - Replaced static UID with a dynamic UID for the global rate limit Grafana dashboard.
Other changes
- Fixed backend TLS e2e test.
- Bumped go version to 1.24.3.
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.