v1.4.2
less than a minute
Date: July 4, 2025
Security Updates
- Disabled
automountServiceAccountToken
for proxy and ratelimit deployments and serviceAccounts.
Bug Fixes
- Fixed issue where
EnvoyExtensionPolicy
ExtProc body processing mode was set to FullDuplexStreamed, but trailers were not sent. - Fixed validation issue where
EnvoyExtensionPolicy
ExtProc with failOpen set to true did not reject the FullDuplexStreamed body processing mode. - Fixed issue where
EnvoyPatchPolicy
could not replace the telemetry cluster. - Added validation for section names in Gateway listeners.
- Added ConfigMap indexers for
EnvoyExtensionPolicies
to reconcile Lua changes. - Fixed issue where the default access log format was not working.
- Fixed bug where backendRequestTimeout was incorrectly set when retries were enabled.
- Fixed certificate SANs overlap detection in listeners.
- Fixed issue where telemetry did not work when using host port.
- Fixed bug where
BackendTLSPolicy
incorrectly referenced ConfigMaps or Secrets across namespaces.
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.