Security
- This release fixes a bug whereby specially crafted requests could result in incorrect authorization decisions made by Pomerium. CVE-2023-33189.
What's Changed
- fix WillHaveCertificateForServerName check to be strict match for derived cert name by @backport-actions-token in #4169
- improve certificate matching performance by @backport-actions-token in #4188
- envoy: set re2 limits very high by @backport-actions-token in #4189
- databroker: sort configs by @backport-actions-token in #4191
- databroker: fix fast forward by @backport-actions-token in #4194
Full Changelog: v0.22.1...v0.22.2