v1.6.4

  less than a minute  

Date: February 11, 2026

Breaking changes

  • Gateway API CRD has been updated, more details could be found here.

Security updates

  • Bump golang to 1.25.7 for security fixes to the go command and the crypto/tls package.

New features

Bug fixes

  • Fixes an issue where shutdown manager didn’t ignore ready and stats listener metrics in connection calculation.
  • Fixed an issue where BackendTLSPolicy ResolvedRefs status reason was not aligned with Gateway API specification.
  • Fixed an issue where shutdown manager incorrectly counted ready and stats listener connections, preventing timely shutdown.
  • Fixed an issue where custom response filters were not properly positioned in the filter chain, causing redirect functionality to fail in OAuth2 flows.
  • Fixed an issue where route-level idle timeout prevented users from configuring listener-level idle timeout.
  • Fixed an issue where the message package did not adopt the configured logging level.
  • Fixed an issue where TCPRoute with mTLS did not work due to incorrect auto HTTP protocol detection on TCP clusters.
  • Fixed an issue where invalid EnvoyPatchPolicy prevented processing of remaining xDS resources.
  • Fixed an issue where the controller reported ready before cache synced.

Performance improvements

Deprecations

Other changes


Last modified February 12, 2026: chore: update v1.6 compatibility matrix versions (#8260) (fb96ef4)