Changes that are expected to cause an incompatibility if applicable; deployment changes are likely required
Changes that may cause incompatibilities for some users, but should not for most
Changes expected to improve the state of the world and are unlikely to have negative effects
- http: fixed a crash upon receiving empty HTTP/2 metadata frames. Received empty metadata frames are now counted in the HTTP/2 codec stat :ref:`metadata_empty_frames <v1.17:config_http_conn_man_stats_per_codec>`.
- http: fixed a remotely exploitable integer overflow via a very large grpc-timeout value causes undefined behavior.
- http: reverting a behavioral change where upstream connect timeouts were temporarily treated differently from other connection failures. The change back to the original behavior can be temporarily reverted by setting
envoy.reloadable_features.treat_upstream_connect_timeout_as_connect_failureto false. - tls: fix a crash when peer sends a TLS Alert with an unknown code.
Normally occurs at the end of the :ref:`deprecation period <v1.17:deprecated>`
- dispatcher: supports a stack of
Envoy::ScopeTrackedObjectinstead of a single tracked object. This will allow Envoy to dump more debug information on crash.