{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":65214191,"defaultBranch":"main","name":"envoy","ownerLogin":"envoyproxy","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2016-08-08T15:07:24.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/30125649?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1726782927.0","currentOid":""},"activityList":{"items":[{"before":"5f777dce0a6c629573b1821e232fb70713f3698b","after":"cc4a75482810de4b84c301d13deb551bd3147339","ref":"refs/heads/release/v1.31","pushedAt":"2024-09-19T21:35:38.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"phlax","name":null,"path":"/phlax","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/454682?s=80&v=4"},"commit":{"message":"repo: Release v1.31.2\n\n[CVE-2024-45807](https://github.com/envoyproxy/envoy/security/advisories/GHSA-qc52-r4x5-9w37): oghttp2 crash on OnBeginHeadersForStream\n[CVE-2024-45808](https://github.com/envoyproxy/envoy/security/advisories/GHSA-p222-xhp9-39rc): Malicious log injection via access logs\n[CVE-2024-45806](https://github.com/envoyproxy/envoy/security/advisories/GHSA-ffhv-fvxq-r6mf): Potential manipulate `x-envoy` headers from external sources\n[CVE-2024-45809](https://github.com/envoyproxy/envoy/security/advisories/GHSA-wqr5-qmq7-3qw3): Jwt filter crash in the clear route cache with remote JWKs\n[CVE-2024-45810](https://github.com/envoyproxy/envoy/security/advisories/GHSA-qm74-x36m-555q): Envoy crashes for LocalReply in http async client\n\n**Docker images**:\n    https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.31.2\n**Docs**:\n    https://www.envoyproxy.io/docs/envoy/v1.31.2/\n**Release notes**:\n    https://www.envoyproxy.io/docs/envoy/v1.31.2/version_history/v1.31/v1.31.2\n**Full changelog**:\n    https://github.com/envoyproxy/envoy/compare/v1.31.1...v1.31.2\n\nSigned-off-by: Boteng Yao <boteng@google.com>\nSigned-off-by: Ryan Northey <ryan@synca.io>\n\nSigned-off-by: publish-envoy[bot] <140627008+publish-envoy[bot]@users.noreply.github.com>","shortMessageHtmlLink":"repo: Release v1.31.2"}},{"before":"7a050936e45e21701a22e21402fc1c9b02896ded","after":"f3436f79d8b0444ea3331de1ba85aaf3127ac188","ref":"refs/heads/release/create/v1.31","pushedAt":"2024-09-19T21:32:35.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"phlax","name":null,"path":"/phlax","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/454682?s=80&v=4"},"commit":{"message":"repo: Release v1.31.2\n\n[CVE-2024-45807](https://github.com/envoyproxy/envoy/security/advisories/GHSA-qc52-r4x5-9w37): oghttp2 crash on OnBeginHeadersForStream\n[CVE-2024-45808](https://github.com/envoyproxy/envoy/security/advisories/GHSA-p222-xhp9-39rc): Malicious log injection via access logs\n[CVE-2024-45806](https://github.com/envoyproxy/envoy/security/advisories/GHSA-ffhv-fvxq-r6mf): Potential manipulate `x-envoy` headers from external sources\n[CVE-2024-45809](https://github.com/envoyproxy/envoy/security/advisories/GHSA-wqr5-qmq7-3qw3): Jwt filter crash in the clear route cache with remote JWKs\n[CVE-2024-45810](https://github.com/envoyproxy/envoy/security/advisories/GHSA-qm74-x36m-555q): Envoy crashes for LocalReply in http async client\n\n**Docker images**:\n    https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.31.2\n**Docs**:\n    https://www.envoyproxy.io/docs/envoy/v1.31.2/\n**Release notes**:\n    https://www.envoyproxy.io/docs/envoy/v1.31.2/version_history/v1.31/v1.31.2\n**Full changelog**:\n    https://github.com/envoyproxy/envoy/compare/v1.31.1...v1.31.2\n\nSigned-off-by: Boteng Yao <boteng@google.com>\nSigned-off-by: Ryan Northey <ryan@synca.io>\n\nSigned-off-by: publish-envoy[bot] <140627008+publish-envoy[bot]@users.noreply.github.com>","shortMessageHtmlLink":"repo: Release v1.31.2"}},{"before":"52d8f340a7da76b647f4802328bfc848a4aece2f","after":"d6120f3c769e70c988ddcc5c7e9cbc2737b5f63c","ref":"refs/heads/main","pushedAt":"2024-09-19T20:09:57.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"phlax","name":null,"path":"/phlax","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/454682?s=80&v=4"},"commit":{"message":"docs: fix install commands for linux distribution (#36226)\n\n\r\nSigned-off-by: Akshay Gupta <akshaysngupta@gmail.com>\r\nSigned-off-by: Akshay Gupta <aksgupta@microsoft.com>","shortMessageHtmlLink":"docs: fix install commands for linux distribution (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2537006358\" data-permission-text=\"Title is private\" data-url=\"https://github.com/envoyproxy/envoy/issues/36226\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/envoyproxy/envoy/pull/36226/hovercard\" href=\"https://github.com/envoyproxy/envoy/pull/36226\">#36226</a>)"}},{"before":"ecddba7ec0faf8fa82b3ee21f101bcc4f12fdb5e","after":"810bfcb8cae456e3a5e6541a0ee853185e2586f7","ref":"refs/heads/release/v1.30","pushedAt":"2024-09-19T20:04:16.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"phlax","name":null,"path":"/phlax","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/454682?s=80&v=4"},"commit":{"message":"repo: Release v1.30.6\n\n**Summary of changes**\n\n[CVE-2024-45808](https://github.com/envoyproxy/envoy/security/advisories/GHSA-p222-xhp9-39rc): Malicious log injection via access logs\n[CVE-2024-45806](https://github.com/envoyproxy/envoy/security/advisories/GHSA-ffhv-fvxq-r6mf): Potential manipulate `x-envoy` headers from external sources\n[CVE-2024-45809](https://github.com/envoyproxy/envoy/security/advisories/GHSA-wqr5-qmq7-3qw3): Jwt filter crash in the clear route cache with remote JWKs\n[CVE-2024-45810](https://github.com/envoyproxy/envoy/security/advisories/GHSA-qm74-x36m-555q): Envoy crashes for LocalReply in http async client\n\n**Docker images**:\n    https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.30.6\n**Docs**:\n    https://www.envoyproxy.io/docs/envoy/v1.30.6/\n**Release notes**:\n    https://www.envoyproxy.io/docs/envoy/v1.30.6/version_history/v1.30/v1.30.6\n**Full changelog**:\n    https://github.com/envoyproxy/envoy/compare/v1.30.5...v1.30.6\n\nSigned-off-by: Boteng Yao <boteng@google.com>\nSigned-off-by: Ryan Northey <ryan@synca.io>","shortMessageHtmlLink":"repo: Release v1.30.6"}},{"before":"249414d0d1215c22ebe62e3a0d8965e86196fb7a","after":"9d9a260114e52c20076e195df75f8c457a12549f","ref":"refs/heads/release/create/v1.30","pushedAt":"2024-09-19T19:19:26.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"phlax","name":null,"path":"/phlax","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/454682?s=80&v=4"},"commit":{"message":"repo: Release v1.30.6\n\n**Summary of changes**\n\n[CVE-2024-45808](https://github.com/envoyproxy/envoy/security/advisories/GHSA-p222-xhp9-39rc): Malicious log injection via access logs\n[CVE-2024-45806](https://github.com/envoyproxy/envoy/security/advisories/GHSA-ffhv-fvxq-r6mf): Potential manipulate `x-envoy` headers from external sources\n[CVE-2024-45809](https://github.com/envoyproxy/envoy/security/advisories/GHSA-wqr5-qmq7-3qw3): Jwt filter crash in the clear route cache with remote JWKs\n[CVE-2024-45810](https://github.com/envoyproxy/envoy/security/advisories/GHSA-qm74-x36m-555q): Envoy crashes for LocalReply in http async client\n\n**Docker images**:\n    https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.30.6\n**Docs**:\n    https://www.envoyproxy.io/docs/envoy/v1.30.6/\n**Release notes**:\n    https://www.envoyproxy.io/docs/envoy/v1.30.6/version_history/v1.30/v1.30.6\n**Full changelog**:\n    https://github.com/envoyproxy/envoy/compare/v1.30.5...v1.30.6\n\nSigned-off-by: Boteng Yao <boteng@google.com>\nSigned-off-by: Ryan Northey <ryan@synca.io>","shortMessageHtmlLink":"repo: Release v1.30.6"}},{"before":"7762848d3d0300b6e4bfd1ca8722753d3abc063e","after":"7a050936e45e21701a22e21402fc1c9b02896ded","ref":"refs/heads/release/create/v1.31","pushedAt":"2024-09-19T19:12:29.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"phlax","name":null,"path":"/phlax","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/454682?s=80&v=4"},"commit":{"message":"repo: Release v1.31.2\n\n[CVE-2024-45807](https://github.com/envoyproxy/envoy/security/advisories/GHSA-qc52-r4x5-9w37): oghttp2 crash on OnBeginHeadersForStream\n[CVE-2024-45808](https://github.com/envoyproxy/envoy/security/advisories/GHSA-p222-xhp9-39rc): Malicious log injection via access logs\n[CVE-2024-45806](https://github.com/envoyproxy/envoy/security/advisories/GHSA-ffhv-fvxq-r6mf): Potential manipulate `x-envoy` headers from external sources\n[CVE-2024-45809](https://github.com/envoyproxy/envoy/security/advisories/GHSA-wqr5-qmq7-3qw3): Jwt filter crash in the clear route cache with remote JWKs\n[CVE-2024-45810](https://github.com/envoyproxy/envoy/security/advisories/GHSA-qm74-x36m-555q): Envoy crashes for LocalReply in http async client\n\n**Docker images**:\n    https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.31.2\n**Docs**:\n    https://www.envoyproxy.io/docs/envoy/v1.31.2/\n**Release notes**:\n    https://www.envoyproxy.io/docs/envoy/v1.31.2/version_history/v1.31/v1.31.2\n**Full changelog**:\n    https://github.com/envoyproxy/envoy/compare/v1.31.1...v1.31.2\n\nSigned-off-by: Boteng Yao <boteng@google.com>\nSigned-off-by: Ryan Northey <ryan@synca.io>\n\nSigned-off-by: publish-envoy[bot] <140627008+publish-envoy[bot]@users.noreply.github.com>","shortMessageHtmlLink":"repo: Release v1.31.2"}},{"before":"f65347c13a92fb9aa09a27462c84defcc09cb966","after":"249414d0d1215c22ebe62e3a0d8965e86196fb7a","ref":"refs/heads/release/create/v1.30","pushedAt":"2024-09-19T18:17:10.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"phlax","name":null,"path":"/phlax","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/454682?s=80&v=4"},"commit":{"message":"repo: Release v1.30.6\n\n**Summary of changes**\n\n[CVE-2024-45808](https://github.com/envoyproxy/envoy/security/advisories/GHSA-p222-xhp9-39rc): Malicious log injection via access logs\n[CVE-2024-45806](https://github.com/envoyproxy/envoy/security/advisories/GHSA-ffhv-fvxq-r6mf): Potential manipulate `x-envoy` headers from external sources\n[CVE-2024-45809](https://github.com/envoyproxy/envoy/security/advisories/GHSA-wqr5-qmq7-3qw3): Jwt filter crash in the clear route cache with remote JWKs\n[CVE-2024-45810](https://github.com/envoyproxy/envoy/security/advisories/GHSA-qm74-x36m-555q): Envoy crashes for LocalReply in http async client\n\n**Docker images**:\n    https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.30.6\n**Docs**:\n    https://www.envoyproxy.io/docs/envoy/v1.30.6/\n**Release notes**:\n    https://www.envoyproxy.io/docs/envoy/v1.30.6/version_history/v1.30/v1.30.6\n**Full changelog**:\n    https://github.com/envoyproxy/envoy/compare/v1.30.5...v1.30.6\n\nSigned-off-by: Boteng Yao <boteng@google.com>\nSigned-off-by: Ryan Northey <ryan@synca.io>\n\nSigned-off-by: publish-envoy[bot] <140627008+publish-envoy[bot]@users.noreply.github.com>","shortMessageHtmlLink":"repo: Release v1.30.6"}},{"before":"0b2054bc2fda8ec183d8a32d4319512bdd51ba51","after":"ecddba7ec0faf8fa82b3ee21f101bcc4f12fdb5e","ref":"refs/heads/release/v1.30","pushedAt":"2024-09-19T18:11:35.000Z","pushType":"pr_merge","commitsCount":4,"pusher":{"login":"phlax","name":null,"path":"/phlax","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/454682?s=80&v=4"},"commit":{"message":"escape invalid host name\n\nSigned-off-by: tyxia <tyxia@google.com>\nSigned-off-by: Boteng Yao <boteng@google.com>\nSigned-off-by: Ryan Northey <ryan@synca.io>","shortMessageHtmlLink":"escape invalid host name"}},{"before":"30c7d6cda5d4afafeeecb0ccb85b91c7c86b010c","after":"52d8f340a7da76b647f4802328bfc848a4aece2f","ref":"refs/heads/main","pushedAt":"2024-09-19T18:07:59.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"RyanTheOptimist","name":"Ryan Hamilton","path":"/RyanTheOptimist","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/19561162?s=80&v=4"},"commit":{"message":"Update QUICHE from 9808dac40 to 42b2e66c7 (#36208)\n\nhttps://github.com/google/quiche/compare/9808dac40..42b2e66c7\r\n\r\nRisk Level: Low\r\nTesting: Existing tests pass\r\nDocs Changes: N/A\r\nRelease Notes: N/A\r\nPlatform Specific Features: N/A\r\n\r\n---------\r\n\r\nSigned-off-by: Ricardo Perez <ripere@google.com>","shortMessageHtmlLink":"Update QUICHE from 9808dac40 to 42b2e66c7 (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2535469695\" data-permission-text=\"Title is private\" data-url=\"https://github.com/envoyproxy/envoy/issues/36208\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/envoyproxy/envoy/pull/36208/hovercard\" href=\"https://github.com/envoyproxy/envoy/pull/36208\">#36208</a>)"}},{"before":"bd17b989d6b069660c228ef59317eb706c82d2fd","after":"94aa5f7f82fb543e7fbc011ea398ac12cc396817","ref":"refs/heads/release/v1.29","pushedAt":"2024-09-19T18:05:15.000Z","pushType":"pr_merge","commitsCount":5,"pusher":{"login":"phlax","name":null,"path":"/phlax","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/454682?s=80&v=4"},"commit":{"message":"repo: Release v1.29.9\n\n**Summary of changes**\n\n[CVE-2024-45808](https://github.com/envoyproxy/envoy/security/advisories/GHSA-p222-xhp9-39rc): Malicious log injection via access logs\n[CVE-2024-45806](https://github.com/envoyproxy/envoy/security/advisories/GHSA-ffhv-fvxq-r6mf): Potential manipulate `x-envoy` headers from external sources\n[CVE-2024-45809](https://github.com/envoyproxy/envoy/security/advisories/GHSA-wqr5-qmq7-3qw3): Jwt filter crash in the clear route cache with remote JWKs\n[CVE-2024-45810](https://github.com/envoyproxy/envoy/security/advisories/GHSA-qm74-x36m-555q): Envoy crashes for LocalReply in http async client\n\n**Docker images**:\n    https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.29.9\n**Docs**:\n    https://www.envoyproxy.io/docs/envoy/v1.29.9/\n**Release notes**:\n    https://www.envoyproxy.io/docs/envoy/v1.29.9/version_history/v1.29/v1.29.9\n**Full changelog**:\n    https://github.com/envoyproxy/envoy/compare/v1.29.8...v1.29.9\n\nSigned-off-by: Boteng Yao <boteng@google.com>\nSigned-off-by: Ryan Northey <ryan@synca.io>\n\nSigned-off-by: publish-envoy[bot] <140627008+publish-envoy[bot]@users.noreply.github.com>","shortMessageHtmlLink":"repo: Release v1.29.9"}},{"before":"be3c6958e109362ba444334d5b4ed22ce3804606","after":"f9dd1fc04bc39d4ab3eca0f64abaac809455335d","ref":"refs/heads/release/create/v1.29","pushedAt":"2024-09-19T17:59:40.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"phlax","name":null,"path":"/phlax","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/454682?s=80&v=4"},"commit":{"message":"repo: Release v1.29.9\n\n**Summary of changes**\n\n[CVE-2024-45808](https://github.com/envoyproxy/envoy/security/advisories/GHSA-p222-xhp9-39rc): Malicious log injection via access logs\n[CVE-2024-45806](https://github.com/envoyproxy/envoy/security/advisories/GHSA-ffhv-fvxq-r6mf): Potential manipulate `x-envoy` headers from external sources\n[CVE-2024-45809](https://github.com/envoyproxy/envoy/security/advisories/GHSA-wqr5-qmq7-3qw3): Jwt filter crash in the clear route cache with remote JWKs\n[CVE-2024-45810](https://github.com/envoyproxy/envoy/security/advisories/GHSA-qm74-x36m-555q): Envoy crashes for LocalReply in http async client\n\n**Docker images**:\n    https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.29.9\n**Docs**:\n    https://www.envoyproxy.io/docs/envoy/v1.29.9/\n**Release notes**:\n    https://www.envoyproxy.io/docs/envoy/v1.29.9/version_history/v1.29/v1.29.9\n**Full changelog**:\n    https://github.com/envoyproxy/envoy/compare/v1.29.8...v1.29.9\n\nSigned-off-by: Boteng Yao <boteng@google.com>\nSigned-off-by: Ryan Northey <ryan@synca.io>\n\nSigned-off-by: publish-envoy[bot] <140627008+publish-envoy[bot]@users.noreply.github.com>","shortMessageHtmlLink":"repo: Release v1.29.9"}},{"before":"f3ff3306f53fc0ebb6314ffad947896b56b23d29","after":"30c7d6cda5d4afafeeecb0ccb85b91c7c86b010c","ref":"refs/heads/main","pushedAt":"2024-09-19T17:40:48.000Z","pushType":"pr_merge","commitsCount":5,"pusher":{"login":"phlax","name":null,"path":"/phlax","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/454682?s=80&v=4"},"commit":{"message":"escape invalid host name\n\nSigned-off-by: tyxia <tyxia@google.com>\nSigned-off-by: Boteng Yao <boteng@google.com>\nSigned-off-by: Ryan Northey <ryan@synca.io>","shortMessageHtmlLink":"escape invalid host name"}},{"before":"136d20a92bf75f24de209b089dd3fd8741d7b42c","after":"5f777dce0a6c629573b1821e232fb70713f3698b","ref":"refs/heads/release/v1.31","pushedAt":"2024-09-19T17:20:21.000Z","pushType":"pr_merge","commitsCount":5,"pusher":{"login":"phlax","name":null,"path":"/phlax","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/454682?s=80&v=4"},"commit":{"message":"escape invalid host name\n\nSigned-off-by: tyxia <tyxia@google.com>\nSigned-off-by: Boteng Yao <boteng@google.com>\nSigned-off-by: Ryan Northey <ryan@synca.io>","shortMessageHtmlLink":"escape invalid host name"}},{"before":"4cbb5806a37e3ed5ea126faaa09d3636fdffc64d","after":"f3ff3306f53fc0ebb6314ffad947896b56b23d29","ref":"refs/heads/main","pushedAt":"2024-09-19T17:03:32.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"wbpcode","name":"code","path":"/wbpcode","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/12389633?s=80&v=4"},"commit":{"message":"basic_auth: support authorization header override (#36046)\n\n<!--\n!!!ATTENTION!!!\n\nIf you are fixing *any* crash or *any* potential security issue, *do\nnot*\nopen a pull request in this repo. Please report the issue via emailing\nenvoy-security@googlegroups.com where the issue will be triaged\nappropriately.\nThank you in advance for helping to keep Envoy secure.\n\n!!!ATTENTION!!!\n\nFor an explanation of how to fill out the fields, please see the\nrelevant section\nin\n[PULL_REQUESTS.md](https://github.com/envoyproxy/envoy/blob/main/PULL_REQUESTS.md)\n-->\n\nCommit Message: basic_auth: support authorization header override\n\nAdditional Description: provide a way to do basic authorization on\nheaders other than `:Authorization`. Say we are doing two level of basic\nauthorization. One at the proxy level with header name\n`Proxy-Authorization` and the other one at the application level with\nheader name `Authorization`.\n\nRisk Level: low\nTesting: unit test\nDocs Changes: changelog\nRelease Notes:\nPlatform Specific Features:\n[Optional Runtime guard:]\n[Optional Fixes #Issue]\n[Optional Fixes commit #PR or SHA]\n[Optional Deprecated:]\n[Optional [API\nConsiderations](https://github.com/envoyproxy/envoy/blob/main/api/review_checklist.md):]\n\n---------\n\nSigned-off-by: Networking team <networking@lyft.com>\nCo-authored-by: Networking team <networking@lyft.com>","shortMessageHtmlLink":"basic_auth: support authorization header override (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2514959324\" data-permission-text=\"Title is private\" data-url=\"https://github.com/envoyproxy/envoy/issues/36046\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/envoyproxy/envoy/pull/36046/hovercard\" href=\"https://github.com/envoyproxy/envoy/pull/36046\">#36046</a>)"}},{"before":"3710369d4ea0abb2503c047f8ca53e31380f90ec","after":"be3c6958e109362ba444334d5b4ed22ce3804606","ref":"refs/heads/release/create/v1.29","pushedAt":"2024-09-19T16:42:00.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"phlax","name":null,"path":"/phlax","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/454682?s=80&v=4"},"commit":{"message":"repo: Release v1.29.9\n\n**Summary of changes**\n\n[CVE-2024-45808](https://github.com/envoyproxy/envoy/security/advisories/GHSA-p222-xhp9-39rc): Malicious log injection via access logs\n[CVE-2024-45806](https://github.com/envoyproxy/envoy/security/advisories/GHSA-ffhv-fvxq-r6mf): Potential manipulate `x-envoy` headers from external sources\n[CVE-2024-45809](https://github.com/envoyproxy/envoy/security/advisories/GHSA-wqr5-qmq7-3qw3): Jwt filter crash in the clear route cache with remote JWKs\n[CVE-2024-45810](https://github.com/envoyproxy/envoy/security/advisories/GHSA-qm74-x36m-555q): Envoy crashes for LocalReply in http async client\n\n**Docker images**:\n    https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.29.9\n**Docs**:\n    https://www.envoyproxy.io/docs/envoy/v1.29.9/\n**Release notes**:\n    https://www.envoyproxy.io/docs/envoy/v1.29.9/version_history/v1.29/v1.29.9\n**Full changelog**:\n    https://github.com/envoyproxy/envoy/compare/v1.29.8...v1.29.9\n\nSigned-off-by: publish-envoy[bot] <140627008+publish-envoy[bot]@users.noreply.github.com>\nSigned-off-by: Ryan Northey <ryan@synca.io>\n\nSigned-off-by: publish-envoy[bot] <140627008+publish-envoy[bot]@users.noreply.github.com>","shortMessageHtmlLink":"repo: Release v1.29.9"}},{"before":"d1777ee164c687f2411c2d37bfc9010d335009d6","after":"4848d6d548438b50d6d78187a7cfbe61e02d8b85","ref":"refs/heads/release/v1.28","pushedAt":"2024-09-19T16:32:34.000Z","pushType":"pr_merge","commitsCount":4,"pusher":{"login":"phlax","name":null,"path":"/phlax","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/454682?s=80&v=4"},"commit":{"message":"repo: Release v1.28.7\n\n**Summary of changes**\n\n[CVE-2024-45808](https://github.com/envoyproxy/envoy/security/advisories/GHSA-p222-xhp9-39rc): Malicious log injection via access logs\n[CVE-2024-45806](https://github.com/envoyproxy/envoy/security/advisories/GHSA-ffhv-fvxq-r6mf): Potential manipulate `x-envoy` headers from external sources\n[CVE-2024-45810](https://github.com/envoyproxy/envoy/security/advisories/GHSA-qm74-x36m-555q): Envoy crashes for LocalReply in http async client\n\n**Docker images**:\n    https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.28.7\n**Docs**:\n    https://www.envoyproxy.io/docs/envoy/v1.28.7/\n**Release notes**:\n    https://www.envoyproxy.io/docs/envoy/v1.28.7/version_history/v1.28/v1.28.7\n**Full changelog**:\n    https://github.com/envoyproxy/envoy/compare/v1.28.6...v1.28.7\n\nSigned-off-by: Boteng Yao <boteng@google.com>\nSigned-off-by: Ryan Northey <ryan@synca.io>","shortMessageHtmlLink":"repo: Release v1.28.7"}},{"before":"1ed74915585ccd6ab2ec69aace940d115c39d8c2","after":"7c8ad8674ff7cfe87f2be544d8ffb947bb2e0d41","ref":"refs/heads/release/create/v1.28","pushedAt":"2024-09-19T15:21:08.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"phlax","name":null,"path":"/phlax","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/454682?s=80&v=4"},"commit":{"message":"repo: Release v1.28.7\n\n**Summary of changes**\n\n[CVE-2024-45808](https://github.com/envoyproxy/envoy/security/advisories/GHSA-p222-xhp9-39rc): Malicious log injection via access logs\n[CVE-2024-45806](https://github.com/envoyproxy/envoy/security/advisories/GHSA-ffhv-fvxq-r6mf): Potential manipulate `x-envoy` headers from external sources\n[CVE-2024-45810](https://github.com/envoyproxy/envoy/security/advisories/GHSA-qm74-x36m-555q): Envoy crashes for LocalReply in http async client\n\n**Docker images**:\n    https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.28.7\n**Docs**:\n    https://www.envoyproxy.io/docs/envoy/v1.28.7/\n**Release notes**:\n    https://www.envoyproxy.io/docs/envoy/v1.28.7/version_history/v1.28/v1.28.7\n**Full changelog**:\n    https://github.com/envoyproxy/envoy/compare/v1.28.6...v1.28.7\n\nSigned-off-by: Boteng Yao <boteng@google.com>\nSigned-off-by: Ryan Northey <ryan@synca.io>","shortMessageHtmlLink":"repo: Release v1.28.7"}},{"before":"bf6012177c4b54d31f40f8edeaed72957c8dfd33","after":"4cbb5806a37e3ed5ea126faaa09d3636fdffc64d","ref":"refs/heads/main","pushedAt":"2024-09-19T14:44:16.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"phlax","name":null,"path":"/phlax","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/454682?s=80&v=4"},"commit":{"message":"sec-release: update the Q3 actual security release date (#35909)\n\n\r\nSigned-off-by: Boteng Yao <boteng@google.com>","shortMessageHtmlLink":"sec-release: update the Q3 actual security release date (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2495174835\" data-permission-text=\"Title is private\" data-url=\"https://github.com/envoyproxy/envoy/issues/35909\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/envoyproxy/envoy/pull/35909/hovercard\" href=\"https://github.com/envoyproxy/envoy/pull/35909\">#35909</a>)"}},{"before":"ec92cc38c6304d524fca818f732f3c435e7abab7","after":"bf6012177c4b54d31f40f8edeaed72957c8dfd33","ref":"refs/heads/main","pushedAt":"2024-09-19T14:39:53.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"ravenblackx","name":"Raven Black","path":"/ravenblackx","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1923229?s=80&v=4"},"commit":{"message":"MockDispatcher to not accidentally run on other threads (#36134)\n\nCommit Message: MockDispatcher to not accidentally run on other threads\r\nAdditional Description: Several issues have been found recently where\r\nthe MockDispatcher's default behavior of just running the callback\r\nimmediately causes tests to pass, but asan/tsan/release tests fail,\r\nbecause it ends up running the callback on a different thread, exactly\r\nthe opposite of almost the whole point of posting things on a dispatcher\r\nwhich is to put them on a specific thread. This change makes\r\nMockDispatcher insist on being on whichever thread created the\r\ndispatcher, most likely the main thread in tests. This is still not\r\ngreat because the behavior of running the callback immediately is still\r\nquite different from the behavior of a dispatcher in production, e.g.\r\n```\r\nauto x = std::make_shared<int>(0);\r\nthis_thread_dispatcher.post([x]() { *x += 5; });\r\n*x += 1;\r\nstd::cerr << *x << std::endl;\r\n```\r\nwould always output 6 with a default MockDispatcher, and would always\r\noutput 1 with a production dispatcher, but at least cases like that can\r\nbe debugged linearly and will be the same in all test environments,\r\nversus the running on a different (and incorrect) thread problem is very\r\ndifficult to debug and sometimes only shows up (and sometimes flakily)\r\nin the harder to run test contexts.\r\n(But still pretty bad in that test coverage would say a thing works,\r\nthen in production it could do a different thing than it did in tests.)\r\n\r\nSince it's a mock the behavior can also be manually overridden to be the\r\nold way. Arguably it should have just always required explicit manual\r\ninterception because it's supposed to be a mock not a fake.\r\n\r\nRisk Level: Should be safe since it's test-only.\r\nTesting: This is test-only.\r\nDocs Changes: n/a\r\nRelease Notes: n/a\r\nPlatform Specific Features: n/a\r\n\r\n---------\r\n\r\nSigned-off-by: Raven Black <ravenblack@dropbox.com>","shortMessageHtmlLink":"MockDispatcher to not accidentally run on other threads (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2525523468\" data-permission-text=\"Title is private\" data-url=\"https://github.com/envoyproxy/envoy/issues/36134\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/envoyproxy/envoy/pull/36134/hovercard\" href=\"https://github.com/envoyproxy/envoy/pull/36134\">#36134</a>)"}},{"before":"322cda13fc491aeac9852f693b15ebc204710b1b","after":"ec92cc38c6304d524fca818f732f3c435e7abab7","ref":"refs/heads/main","pushedAt":"2024-09-19T13:16:22.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"alyssawilk","name":null,"path":"/alyssawilk","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/18220477?s=80&v=4"},"commit":{"message":"dns: rename `Success` to `Completed` (#36143)\n\n\r\nSigned-off-by: chenyuliang5 <chenyuliang@jd.com>","shortMessageHtmlLink":"dns: rename <code>Success</code> to <code>Completed</code> (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2526337830\" data-permission-text=\"Title is private\" data-url=\"https://github.com/envoyproxy/envoy/issues/36143\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/envoyproxy/envoy/pull/36143/hovercard\" href=\"https://github.com/envoyproxy/envoy/pull/36143\">#36143</a>)"}},{"before":"75a68771d3d478ca1fc859b2deabaf40eb4449b8","after":"d1777ee164c687f2411c2d37bfc9010d335009d6","ref":"refs/heads/release/v1.28","pushedAt":"2024-09-19T12:40:09.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"phlax","name":null,"path":"/phlax","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/454682?s=80&v=4"},"commit":{"message":"build(deps): bump distroless/base-nossl-debian12 from `fb10a97` to `4cc93c5` in /ci (#36206)\n\n\r\nSigned-off-by: dependabot[bot] <support@github.com>\r\nCo-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>\nSigned-off-by: Ryan Northey <ryan@synca.io>","shortMessageHtmlLink":"build(deps): bump distroless/base-nossl-debian12 from <code>fb10a97</code> to `4…"}},{"before":"0c66376afeaba8f86172b7f8f14252b1f3d009f2","after":"bd17b989d6b069660c228ef59317eb706c82d2fd","ref":"refs/heads/release/v1.29","pushedAt":"2024-09-19T12:40:01.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"phlax","name":null,"path":"/phlax","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/454682?s=80&v=4"},"commit":{"message":"build(deps): bump distroless/base-nossl-debian12 from `fb10a97` to `4cc93c5` in /ci (#36206)\n\n\r\nSigned-off-by: dependabot[bot] <support@github.com>\r\nCo-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>\nSigned-off-by: Ryan Northey <ryan@synca.io>","shortMessageHtmlLink":"build(deps): bump distroless/base-nossl-debian12 from <code>fb10a97</code> to `4…"}},{"before":"a797bd172f0a9de4c165a43e343322952a0fa0f0","after":"0b2054bc2fda8ec183d8a32d4319512bdd51ba51","ref":"refs/heads/release/v1.30","pushedAt":"2024-09-19T12:39:53.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"phlax","name":null,"path":"/phlax","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/454682?s=80&v=4"},"commit":{"message":"build(deps): bump distroless/base-nossl-debian12 from `fb10a97` to `4cc93c5` in /ci (#36206)\n\n\r\nSigned-off-by: dependabot[bot] <support@github.com>\r\nCo-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>\nSigned-off-by: Ryan Northey <ryan@synca.io>","shortMessageHtmlLink":"build(deps): bump distroless/base-nossl-debian12 from <code>fb10a97</code> to `4…"}},{"before":"3db8bf2502c471f8acc8de76c1466971c5b1884d","after":"136d20a92bf75f24de209b089dd3fd8741d7b42c","ref":"refs/heads/release/v1.31","pushedAt":"2024-09-19T12:39:45.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"phlax","name":null,"path":"/phlax","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/454682?s=80&v=4"},"commit":{"message":"build(deps): bump distroless/base-nossl-debian12 from `fb10a97` to `4cc93c5` in /ci (#36206)\n\n\r\nSigned-off-by: dependabot[bot] <support@github.com>\r\nCo-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>\nSigned-off-by: Ryan Northey <ryan@synca.io>","shortMessageHtmlLink":"build(deps): bump distroless/base-nossl-debian12 from <code>fb10a97</code> to `4…"}},{"before":"6cdd693b589f35a00dee09f31772bdcd5f2c6922","after":null,"ref":"refs/heads/dependabot/pip/tools/base/protobuf-5.28.2","pushedAt":"2024-09-19T09:39:30.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"}},{"before":"8d74446c8a3d219572380731bae42ab328426996","after":"322cda13fc491aeac9852f693b15ebc204710b1b","ref":"refs/heads/main","pushedAt":"2024-09-19T09:39:23.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"phlax","name":null,"path":"/phlax","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/454682?s=80&v=4"},"commit":{"message":"build(deps): bump protobuf from 5.28.1 to 5.28.2 in /tools/base (#36207)\n\n\r\nSigned-off-by: dependabot[bot] <support@github.com>\r\nCo-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>","shortMessageHtmlLink":"build(deps): bump protobuf from 5.28.1 to 5.28.2 in /tools/base (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2535407509\" data-permission-text=\"Title is private\" data-url=\"https://github.com/envoyproxy/envoy/issues/36207\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/envoyproxy/envoy/pull/36207/hovercard\" href=\"https://github.com/envoyproxy/envoy/pull/36207\">#36207</a>)"}},{"before":"fdfdad004bc71f6db1fab2360546362bc1c2880a","after":"8d74446c8a3d219572380731bae42ab328426996","ref":"refs/heads/main","pushedAt":"2024-09-19T09:35:10.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"phlax","name":null,"path":"/phlax","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/454682?s=80&v=4"},"commit":{"message":"Fewer external deps (#36187)\n\nCommit Message: Remove the native.bind entries for the following\r\nlibraries:\r\n\r\n- libcircllhist\r\n- uring\r\n- ares\r\n- xxhash\r\n- sqlparser\r\n- tclap\r\n- fmtlib\r\n- spdlog\r\n- benchmark\r\n- libsxg\r\n- yaml_cpp\r\n- event\r\n- colm\r\n- ragel\r\n- zlib\r\n- brotlienc\r\n- brotlidec\r\n- zstd\r\n- msgpack\r\n- opentelemetry_api\r\n- dd_trace_cpp\r\n- cpp2sky\r\n- json\r\n- http_parser\r\n- hessian2_codec_object_codec_lib\r\n- hessian2_codec_codec_impl\r\n- su-exec\r\n- googletest\r\n- protoc\r\n- opencensus_trace\r\n- opencensus_trace_b3\r\n- opencensus_trace_cloud_trace_context\r\n- opencensus_trace_grpc_trace_bin\r\n- opencensus_trace_trace_context\r\n- opencensus_exporter_ocagent\r\n- opencensus_exporter_stdout\r\n- opencensus_exporter_stackdriver\r\n- opencensus_exporter_zipkin\r\n- quiche_common_platform\r\n- quiche_http2_adapter\r\n- quiche_http2_protocol\r\n- quiche_http2_test_tools\r\n- quiche_quic_platform\r\n- quiche_quic_platform_base\r\n- quiche_http2_hpack\r\n- quiche_http2_hpack_decoder\r\n- jwt_verify_lib\r\n- simple_lru_cache_lib\r\n- luajit\r\n- tcmalloc\r\n- tcmalloc_profile_marshaler\r\n- tcmalloc_malloc_extension\r\n- gperftools\r\n- librdkafka\r\n\r\nUpdate `external_deps` that used them to `deps` of their actual\r\nlocations.\r\nSome examples:\r\n- `zlib` → `//bazel/foreign_cc:zlib`\r\n- `json` → `@com_github_nlohmann_json//:json`\r\n\r\nThe bindings that remain are either used by dependencies that need to be\r\nupdated or have uses in some envoy bazel rules that make removing them\r\ntrickier. These are the easy ones.\r\n\r\n\r\nRisk Level: low\r\nTesting: Building envoy and running integration test suites. Existing\r\ntests pass.\r\n\r\n---------\r\n\r\nSigned-off-by: Alejandro R Sedeño <asedeno@google.com>","shortMessageHtmlLink":"Fewer external deps (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2532259504\" data-permission-text=\"Title is private\" data-url=\"https://github.com/envoyproxy/envoy/issues/36187\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/envoyproxy/envoy/pull/36187/hovercard\" href=\"https://github.com/envoyproxy/envoy/pull/36187\">#36187</a>)"}},{"before":null,"after":"7762848d3d0300b6e4bfd1ca8722753d3abc063e","ref":"refs/heads/release/create/v1.31","pushedAt":"2024-09-19T09:17:20.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"publish-envoy[bot]","name":null,"path":"/apps/publish-envoy","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/30125649?s=80&v=4"},"commit":{"message":"repo: Release v1.31.2\n\n**Docker images**:\n    https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.31.2\n**Docs**:\n    https://www.envoyproxy.io/docs/envoy/v1.31.2/\n**Release notes**:\n    https://www.envoyproxy.io/docs/envoy/v1.31.2/version_history/v1.31/v1.31.2\n**Full changelog**:\n    https://github.com/envoyproxy/envoy/compare/v1.31.1...v1.31.2","shortMessageHtmlLink":"repo: Release v1.31.2"}},{"before":null,"after":"f65347c13a92fb9aa09a27462c84defcc09cb966","ref":"refs/heads/release/create/v1.30","pushedAt":"2024-09-19T09:17:13.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"publish-envoy[bot]","name":null,"path":"/apps/publish-envoy","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/30125649?s=80&v=4"},"commit":{"message":"repo: Release v1.30.6\n\n**Docker images**:\n    https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.30.6\n**Docs**:\n    https://www.envoyproxy.io/docs/envoy/v1.30.6/\n**Release notes**:\n    https://www.envoyproxy.io/docs/envoy/v1.30.6/version_history/v1.30/v1.30.6\n**Full changelog**:\n    https://github.com/envoyproxy/envoy/compare/v1.30.5...v1.30.6","shortMessageHtmlLink":"repo: Release v1.30.6"}},{"before":null,"after":"3710369d4ea0abb2503c047f8ca53e31380f90ec","ref":"refs/heads/release/create/v1.29","pushedAt":"2024-09-19T09:17:10.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"publish-envoy[bot]","name":null,"path":"/apps/publish-envoy","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/30125649?s=80&v=4"},"commit":{"message":"repo: Release v1.29.9\n\n**Docker images**:\n    https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.29.9\n**Docs**:\n    https://www.envoyproxy.io/docs/envoy/v1.29.9/\n**Release notes**:\n    https://www.envoyproxy.io/docs/envoy/v1.29.9/version_history/v1.29/v1.29.9\n**Full changelog**:\n    https://github.com/envoyproxy/envoy/compare/v1.29.8...v1.29.9","shortMessageHtmlLink":"repo: Release v1.29.9"}}],"hasNextPage":true,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAAEu1b-KwA","startCursor":null,"endCursor":null}},"title":"Activity · envoyproxy/envoy"}