Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

changelog and version #21104

Merged
merged 4 commits into from
May 15, 2024
Merged

changelog and version #21104

merged 4 commits into from
May 15, 2024

Conversation

wangxinyi7
Copy link
Member

Description

Testing & Reproduction steps

Links

PR Checklist

  • updated test coverage
  • external facing docs updated
  • appropriate backport labels added
  • not a security concern

@wangxinyi7 wangxinyi7 self-assigned this May 14, 2024
@wangxinyi7 wangxinyi7 changed the base branch from release/1.17.x to release/1.17.5 May 14, 2024 18:57
@wangxinyi7 wangxinyi7 changed the base branch from release/1.17.5 to release/1.17.x May 14, 2024 23:45
sarahalsmiller
sarahalsmiller reviewed May 15, 2024
View reviewed changes
CHANGELOG.md Outdated
Comment on lines 11 to 14
* Upgrade to support Envoy `1.26.8 and 1.27.4`. This resolves CVE
[CVE-2024-27919](https://nvd.nist.gov/vuln/detail/CVE-2024-27919) (`http2`). [[GH-20956](https://github.com/hashicorp/consul/issues/20956)]
* Upgrade to support Envoy `1.27.5 and 1.28.3`. This resolves CVE
[CVE-2024-32475](https://nvd.nist.gov/vuln/detail/CVE-2024-32475) (`auto_sni`). [[GH-21033](https://github.com/hashicorp/consul/issues/21033)]
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
* Upgrade to support Envoy `1.26.8 and 1.27.4`. This resolves CVE
[CVE-2024-27919](https://nvd.nist.gov/vuln/detail/CVE-2024-27919) (`http2`). [[GH-20956](https://github.com/hashicorp/consul/issues/20956)]
* Upgrade to support Envoy `1.27.5 and 1.28.3`. This resolves CVE
[CVE-2024-32475](https://nvd.nist.gov/vuln/detail/CVE-2024-32475) (`auto_sni`). [[GH-21033](https://github.com/hashicorp/consul/issues/21033)]
* Upgrade to support Envoy `1.26.8, 1.27.4, 1.27.5, 1.28.2 and 1.28.3`. This resolves CVEs
[CVE-2024-27919](https://nvd.nist.gov/vuln/detail/CVE-2024-27919) (`http2`). [[GH-20956](https://github.com/hashicorp/consul/issues/20956)] and [CVE-2024-32475](https://nvd.nist.gov/vuln/detail/CVE-2024-32475) (`auto_sni`). [[GH-21030](https://github.com/hashicorp/consul/issues/21030)]

@wangxinyi7 wangxinyi7 enabled auto-merge (squash) May 15, 2024 17:00
@wangxinyi7 wangxinyi7 merged commit 3e5b145 into release/1.17.x May 15, 2024
97 checks passed
@wangxinyi7 wangxinyi7 deleted the xw/changelog-1.17.5 branch May 15, 2024 17:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sarahalsmiller sarahalsmiller sarahalsmiller left review comments

@blake blake blake approved these changes

@david-yu david-yu Awaiting requested review from david-yu

Assignees

@wangxinyi7 wangxinyi7

Labels
pr/no-backport
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@wangxinyi7 @blake @sarahalsmiller