Skip to content

Bump Envoy to 1.34.1 #7033

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 8, 2025
Merged

Bump Envoy to 1.34.1 #7033

merged 1 commit into from
May 8, 2025

Conversation

tsaarni
Copy link
Member

@tsaarni tsaarni commented May 8, 2025
edited
Loading

This PR updates Envoy to version 1.34.1 and addresses GHSA-c7cm-838g-6g67 / CVE-2025-46821.

Contour was not affected by this vulnerability because it does not use uri_template permissions with Envoy's HTTP RBAC extension.

@tsaarni tsaarni requested a review from a team as a code owner May 8, 2025 17:32
@tsaarni tsaarni added the release-note/small A small change that needs one line of explanation in the release notes. label May 8, 2025
@tsaarni tsaarni requested review from skriss and sunjayBhatia and removed request for a team May 8, 2025 17:32
@sunjayBhatia sunjayBhatia requested review from a team, wilsonwu and davinci26 and removed request for a team May 8, 2025 17:32
@tsaarni
Bump Envoy to 1.34.1
f0cda4f 
Signed-off-by: Tero Saarni <tero.saarni@est.tech>
@tsaarni tsaarni force-pushed the bump-envoy-1.34.1 branch from a50edd0 to f0cda4f Compare May 8, 2025 17:32
@codecov Codecov
Copy link

codecov bot commented May 8, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 81.04%. Comparing base (81ebf8a) to head (f0cda4f).
Report is 2 commits behind head on main.

Additional details and impacted files

Impacted file tree graph

@@           Coverage Diff           @@
##             main    #7033   +/-   ##
=======================================
  Coverage   81.04%   81.04%           
=======================================
  Files         130      130           
  Lines       19659    19659           
=======================================
  Hits        15932    15932           
  Misses       3442     3442           
  Partials      285      285
Files with missing lines Coverage Δ
cmd/contour/gatewayprovisioner.go 43.87% <100.00%> (ø)
🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@sunjayBhatia sunjayBhatia merged commit 768dffc into projectcontour:main May 8, 2025
26 checks passed
YashNandwana pushed a commit to YashNandwana/contour that referenced this pull request Jul 13, 2025
@tsaarni @YashNandwana
Bump Envoy to 1.34.1 (projectcontour#7033)
26d507b 
Signed-off-by: Tero Saarni <tero.saarni@est.tech>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sunjayBhatia sunjayBhatia sunjayBhatia approved these changes

@skriss skriss Awaiting requested review from skriss skriss is a code owner automatically assigned from projectcontour/maintainers

@wilsonwu wilsonwu Awaiting requested review from wilsonwu wilsonwu was automatically assigned from projectcontour/contour-reviewers

@davinci26 davinci26 Awaiting requested review from davinci26 davinci26 was automatically assigned from projectcontour/contour-reviewers

Assignees
No one assigned
Labels
release-note/small A small change that needs one line of explanation in the release notes.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@tsaarni @sunjayBhatia