1.5.4 (November 4, 2023)
SECURITY:
- Upgrade Go to use 1.22.7. This addresses CVE
CVE-2024-34155 [GH-4313] - crd: Add
contains
andignoreCase
to the Intentions CRD to support configuring L7 Header intentions resilient to variable casing and multiple header values. [GH-4385] - crd: Add
http.incoming.requestNormalization
to the Mesh CRD to support configuring service traffic request normalization. [GH-4385]
IMPROVEMENTS:
- connect-inject: remove unnecessary resource permissions from connect-inject ClusterRole [GH-4307]
- helm: Exclude gke namespaces from being connect-injected when the connect-inject: default: true value is set. [GH-4333]
BUG FIXES:
- api-gateway:
global.imagePullSecrets
are now configured on theServiceAccount
forGateways
.
Note: the referenced image pull Secret(s) must be present in the same namespace the Gateway
is deployed to. [GH-4316]