v1.4.2
less than a minute
Date: July 4, 2025
Security Updates
- Disabled
automountServiceAccountTokenfor proxy and ratelimit deployments and serviceAccounts.
Bug Fixes
- Fixed issue where
EnvoyExtensionPolicyExtProc body processing mode was set to FullDuplexStreamed, but trailers were not sent. - Fixed validation issue where
EnvoyExtensionPolicyExtProc with failOpen set to true did not reject the FullDuplexStreamed body processing mode. - Fixed issue where
EnvoyPatchPolicycould not replace the telemetry cluster. - Added validation for section names in Gateway listeners.
- Added ConfigMap indexers for
EnvoyExtensionPoliciesto reconcile Lua changes. - Fixed issue where the default access log format was not working.
- Fixed bug where backendRequestTimeout was incorrectly set when retries were enabled.
- Fixed certificate SANs overlap detection in listeners.
- Fixed issue where telemetry did not work when using host port.
- Fixed bug where
BackendTLSPolicyincorrectly referenced ConfigMaps or Secrets across namespaces.
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.