Dependency Bumps
- envoyproxy/go-control-plane has been upgraded to v0.9.9-0.20210511190911-87d352569d55.
- solo-io/solo-kit has been upgraded to v0.17.5.
- solo-io/envoy-gloo has been upgraded to v1.17.3.
- dgrijalva/jwt-go has been upgraded to v4.0.0-preview1.
- linux/alpine has been upgraded to 3.13.5.
Fixes
- Expose hcm options needed for CVE-2021-29492 (GHSA-4987-27fx-x6cf). By default, Envoy's behavior does not change to address this vulnerability. The desired Http Connection Manager
PathWithEscapedSlashesActionsetting option must be defined on gateways. (#4727)