Smtp v1.32.0 #41
Open
Smtp v1.32.0 #41
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…voyproxy#35413) 1.31 Backport of envoyproxy#35265 Commit Message: Add %RAW_UPSTREAM_CLUSTER% access log formatter Additional Description: Risk Level: low Testing: unit Signed-off-by: Keith Mattix II <keithmattix@microsoft.com>
…roxy#35487) (envoyproxy#35511) Signed-off-by: Adi Suissa-Peleg <adip@google.com>
using the CI diskspace hack Signed-off-by: Ryan Northey <ryan@synca.io>
Signed-off-by: Ryan Northey <ryan@synca.io>
…y#35781) Signed-off-by: Adi Suissa-Peleg <adip@google.com> Signed-off-by: Adi (Suissa) Peleg <adip@google.com>
Signed-off-by: Ryan Northey <ryan@synca.io>
Signed-off-by: Ryan Northey <ryan@synca.io> Signed-off-by: phlax <phlax@users.noreply.github.com>
Fix envoyproxy#35686 and resolve related CVE ```console CVE-2024-7264 (com_github_curl@8.4.0) CVSS v3 score: 6.5 Severity: MEDIUM Published date: 2024-07-31 Last modified date: 2024-08-12 Description: libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field, the parser might end up using -1 for the length of the *time fraction*, leading to a `strlen()` getting performed on a pointer to a heap buffer area that is not (purposely) null terminated. This flaw most likely leads to a crash, but can also lead to heap contents getting returned to the application when [CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used. Affected CPEs: - cpe:2.3:a:haxx:libcurl:* ``` Signed-off-by: Ryan Northey <ryan@synca.io>
Commit Message: aws: fix test flake when no IMDS can be found Additional Description: Lack of IMDS (169.254.169.254 address) can cause a race condition and crash during testing due to the shutdown of cluster manager. This scenario should not occur normally, as cluster manager will still exist and the lack of IMDS is handled gracefully. Signed-off-by: Nigel Brittain <nbaws@amazon.com> Signed-off-by: Dario Cillerai <dcillera@redhat.com>
Signed-off-by: Ryan Northey <ryan@synca.io> Signed-off-by: phlax <phlax@users.noreply.github.com>
Fix envoyproxy#35954 Signed-off-by: Ryan Northey <ryan@synca.io>
…35967) Signed-off-by: Ryan Northey <ryan@synca.io>
Signed-off-by: Ryan Northey <ryan@synca.io>
Signed-off-by: Ryan Northey <ryan@synca.io>
…nvoyproxy#35328) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…nvoyproxy#35585) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…nvoyproxy#35618) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…nvoyproxy#35636) Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Ryan Northey <ryan@synca.io> Signed-off-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…b10a97` in /ci (envoyproxy#35982) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Ryan Northey <ryan@synca.io> Signed-off-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
There are multiple files named config.h and in some build environments it causes the build postscript to fail Commit Message: Additional Description: Risk Level: Testing: Docs Changes: Release Notes: Platform Specific Features: [Optional Runtime guard:] [Optional Fixes #Issue] [Optional Fixes commit #PR or SHA] [Optional Deprecated:] [Optional [API Considerations](https://github.com/envoyproxy/envoy/blob/main/api/review_checklist.md):] Signed-off-by: Ryan Northey <ryan@synca.io>
Signed-off-by: Ryan Northey <ryan@synca.io>
**Summary of changes**: - Update curl lib to resolve CVE-2024-7264 - Assorted fixes - Updated container images **Docker images**: https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.31.1 **Docs**: https://www.envoyproxy.io/docs/envoy/v1.31.1/ **Release notes**: https://www.envoyproxy.io/docs/envoy/v1.31.1/version_history/v1.31/v1.31.1 **Full changelog**: envoyproxy/envoy@v1.31.0...v1.31.1 Signed-off-by: Ryan Northey <ryan@synca.io> Signed-off-by: publish-envoy[bot] <140627008+publish-envoy[bot]@users.noreply.github.com> Signed-off-by: publish-envoy[bot] <140627008+publish-envoy[bot]@users.noreply.github.com>
Signed-off-by: Ryan Northey <ryan@synca.io>
Signed-off-by: Ryan Northey <ryan@synca.io>
Signed-off-by: Ryan Northey <ryan@synca.io>
Signed-off-by: Ryan Northey <ryan@synca.io>
…cc93c5` in /ci (envoyproxy#36206) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Ryan Northey <ryan@synca.io>
Change-Id: If54c7143ecb1bf936e88fbb3371d9c47f6d8f671 Signed-off-by: Kuat Yessenov <kuat@google.com> Signed-off-by: Ryan Northey <ryan@synca.io>
…vice mesh environments Signed-off-by: Alyssa Wilk <alyssar@chromium.org> Signed-off-by: Boteng Yao <boteng@google.com> Signed-off-by: Ryan Northey <ryan@synca.io>
Signed-off-by: Boteng Yao <boteng@google.com> Signed-off-by: Ryan Northey <ryan@synca.io>
Signed-off-by: Boteng Yao <boteng@google.com> Signed-off-by: Ryan Northey <ryan@synca.io>
Signed-off-by: tyxia <tyxia@google.com> Signed-off-by: Boteng Yao <boteng@google.com> Signed-off-by: Ryan Northey <ryan@synca.io>
[CVE-2024-45807](GHSA-qc52-r4x5-9w37): oghttp2 crash on OnBeginHeadersForStream [CVE-2024-45808](GHSA-p222-xhp9-39rc): Malicious log injection via access logs [CVE-2024-45806](GHSA-ffhv-fvxq-r6mf): Potential manipulate `x-envoy` headers from external sources [CVE-2024-45809](GHSA-wqr5-qmq7-3qw3): Jwt filter crash in the clear route cache with remote JWKs [CVE-2024-45810](GHSA-qm74-x36m-555q): Envoy crashes for LocalReply in http async client **Docker images**: https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.31.2 **Docs**: https://www.envoyproxy.io/docs/envoy/v1.31.2/ **Release notes**: https://www.envoyproxy.io/docs/envoy/v1.31.2/version_history/v1.31/v1.31.2 **Full changelog**: envoyproxy/envoy@v1.31.1...v1.31.2 Signed-off-by: Boteng Yao <boteng@google.com> Signed-off-by: Ryan Northey <ryan@synca.io> Signed-off-by: publish-envoy[bot] <140627008+publish-envoy[bot]@users.noreply.github.com>
Signed-off-by: VishalDamgude <vishal.damgude@freshworks.com>
Signed-off-by: VishalDamgude <vishal.damgude@freshworks.com>
Signed-off-by: VishalDamgude <vishal.damgude@freshworks.com>
Signed-off-by: VishalDamgude <vishal.damgude@freshworks.com>
Signed-off-by: VishalDamgude <vishal.damgude@freshworks.com>
Signed-off-by: VishalDamgude <vishal.damgude@freshworks.com>
Signed-off-by: VishalDamgude <vishal.damgude@freshworks.com>
Signed-off-by: VishalDamgude <vishal.damgude@freshworks.com>
Signed-off-by: VishalDamgude <vishal.damgude@freshworks.com>
Signed-off-by: VishalDamgude <vishal.damgude@freshworks.com>
Signed-off-by: VishalDamgude <vishal.damgude@freshworks.com>
Signed-off-by: VishalDamgude <vishal.damgude@freshworks.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Commit Message:
Additional Description:
Risk Level:
Testing:
Docs Changes:
Release Notes:
Platform Specific Features:
[Optional Runtime guard:]
[Optional Fixes #Issue]
[Optional Fixes commit #PR or SHA]
[Optional Deprecated:]
[Optional API Considerations:]