From faf24adf1f21b9f1e70dec70404ed7e2777d3fc4 Mon Sep 17 00:00:00 2001 From: phlax Date: Tue, 13 Feb 2024 14:20:59 +0000 Subject: [PATCH] repo: Dev v1.29.2 (#32328) Signed-off-by: Ryan Northey --- VERSION.txt | 2 +- changelogs/1.29.1.yaml | 35 ++++++++++++++++++++++++++++++++ changelogs/current.yaml | 44 ++++++++++++----------------------------- 3 files changed, 49 insertions(+), 32 deletions(-) create mode 100644 changelogs/1.29.1.yaml diff --git a/VERSION.txt b/VERSION.txt index 83cf0d951b0c..cfd5d279ac19 100644 --- a/VERSION.txt +++ b/VERSION.txt @@ -1 +1 @@ -1.29.1 +1.29.2-dev diff --git a/changelogs/1.29.1.yaml b/changelogs/1.29.1.yaml new file mode 100644 index 000000000000..31831f89848b --- /dev/null +++ b/changelogs/1.29.1.yaml @@ -0,0 +1,35 @@ +date: February 9, 2024 + +bug_fixes: +- area: tracing + change: | + Added support for configuring resource detectors on the OpenTelemetry tracer. +- area: proxy protocol + change: | + Fixed a crash when Envoy is configured for PROXY protocol on both a listener and cluster, and the listener receives + a PROXY protocol header with address type LOCAL (typically used for health checks). +- area: url matching + change: | + Fixed excessive CPU utilization when using regex URL template matcher. +- area: http + change: | + Fixed crash when HTTP request idle and per try timeouts occurs within backoff interval. +- area: proxy_protocol + change: | + Fix crash due to uncaught exception when the operating system does not support an address type (such as IPv6) that is + received in a proxy protocol header. Connections will instead be dropped/reset. +- area: proxy_protocol + change: | + Fixed a bug where TLVs with non utf8 characters were inserted as protobuf values into filter metadata circumventing + ext_authz checks when ``failure_mode_allow`` is set to ``true``. +- area: tls + change: | + Fix crash due to uncaught exception when the operating system does not support an address type (such as IPv6) that is + received in an mTLS client cert IP SAN. These SANs will be ignored. This applies only when using formatter + ``%DOWNSTREAM_PEER_IP_SAN%``. + +removed_config_or_runtime: +- area: postgres proxy + change: | + Fix a race condition that may result from upstream servers refusing to switch to TLS/SSL. + This fix first appeared in ``v1.29.0`` release. diff --git a/changelogs/current.yaml b/changelogs/current.yaml index 31831f89848b..9ecf0d6e48ce 100644 --- a/changelogs/current.yaml +++ b/changelogs/current.yaml @@ -1,35 +1,17 @@ -date: February 9, 2024 +date: Pending + +behavior_changes: +# *Changes that are expected to cause an incompatibility if applicable; deployment changes are likely required* + +minor_behavior_changes: +# *Changes that may cause incompatibilities for some users, but should not for most* bug_fixes: -- area: tracing - change: | - Added support for configuring resource detectors on the OpenTelemetry tracer. -- area: proxy protocol - change: | - Fixed a crash when Envoy is configured for PROXY protocol on both a listener and cluster, and the listener receives - a PROXY protocol header with address type LOCAL (typically used for health checks). -- area: url matching - change: | - Fixed excessive CPU utilization when using regex URL template matcher. -- area: http - change: | - Fixed crash when HTTP request idle and per try timeouts occurs within backoff interval. -- area: proxy_protocol - change: | - Fix crash due to uncaught exception when the operating system does not support an address type (such as IPv6) that is - received in a proxy protocol header. Connections will instead be dropped/reset. -- area: proxy_protocol - change: | - Fixed a bug where TLVs with non utf8 characters were inserted as protobuf values into filter metadata circumventing - ext_authz checks when ``failure_mode_allow`` is set to ``true``. -- area: tls - change: | - Fix crash due to uncaught exception when the operating system does not support an address type (such as IPv6) that is - received in an mTLS client cert IP SAN. These SANs will be ignored. This applies only when using formatter - ``%DOWNSTREAM_PEER_IP_SAN%``. +# *Changes expected to improve the state of the world and are unlikely to have negative effects* removed_config_or_runtime: -- area: postgres proxy - change: | - Fix a race condition that may result from upstream servers refusing to switch to TLS/SSL. - This fix first appeared in ``v1.29.0`` release. +# *Normally occurs at the end of the* :ref:`deprecation period ` + +new_features: + +deprecated: