Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Bump envoy to v1.31.3 #5208

Merged
merged 1 commit into from
Nov 13, 2024
Merged

Bump envoy to v1.31.3 #5208

merged 1 commit into from
Nov 13, 2024

Conversation

twz123
Copy link
Member

@twz123 twz123 commented Nov 11, 2024

Description

https://github.com/envoyproxy/envoy/releases/tag/v1.31.2
https://github.com/envoyproxy/envoy/releases/tag/v1.31.3

Fixes CVE-2024-45806, CVE-2024-45807, CVE-2024-45808, CVE-2024-45809 and CVE-2024-45810.

Type of change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • Documentation update

How Has This Been Tested?

  • Manual test
  • Auto test added

Checklist:

  • My code follows the style guidelines of this project
  • My commit messages are signed-off
  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • My changes generate no new warnings
  • I have added tests that prove my fix is effective or that my feature works
  • New and existing unit tests pass locally with my changes
  • Any dependent changes have been merged and published in downstream modules
  • I have checked my code and corrected any misspellings

@twz123
Bump envoy to v1.31.3
e8533c8 
https://github.com/envoyproxy/envoy/releases/tag/v1.31.2
https://github.com/envoyproxy/envoy/releases/tag/v1.31.3

Fixes CVE-2024-45806, CVE-2024-45807, CVE-2024-45808, CVE-2024-45809
and CVE-2024-45810.

Signed-off-by: Tom Wieczorek <twieczorek@mirantis.com>
@twz123 twz123 added security fix area/worker backport/release-1.31 PR that needs to be backported/cherrypicked to the release-1.31 branch labels Nov 11, 2024
@twz123 twz123 marked this pull request as ready for review November 13, 2024 14:00
@twz123 twz123 requested review from a team as code owners November 13, 2024 14:00
@twz123 twz123 merged commit f017ea5 into k0sproject:main Nov 13, 2024
94 checks passed
@twz123 twz123 deleted the bump-envoy branch November 13, 2024 16:42
@k0s-bot
Copy link

k0s-bot commented Nov 13, 2024

Successfully created backport PR for release-1.31:

@k0s-bot k0s-bot mentioned this pull request Nov 13, 2024
Merged
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@ncopa ncopa ncopa approved these changes

@kke kke Awaiting requested review from kke kke is a code owner automatically assigned from k0sproject/k0s-maintainers

@juanluisvaladas juanluisvaladas Awaiting requested review from juanluisvaladas juanluisvaladas is a code owner automatically assigned from k0sproject/k0s-maintainers

Assignees
No one assigned
Labels
area/worker backport/release-1.31 PR that needs to be backported/cherrypicked to the release-1.31 branch security fix
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@twz123 @k0s-bot @ncopa