Announcing Istio 1.13.9
Istio 1.13.9 patch release.
This release contains a fix for CVE-2022-39278 and bug fixes to improve robustness. This release note describes what is different between Istio 1.13.8 and Istio 1.13.9.
BEFORE YOU UPGRADE
Things to know and prepare before upgrading.
Download and install this release.
Visit the documentation for this release.
Inspect the full set of source code changes.
- Patch for CVE-2022-41715. Replaces all uses of
regexpwith the Go 1.19.2
stdlibimplementation. This will guard against DOS via malformed regular expressions.
Fixed an issue where the user can not delete the Istio Operator resource with revision if istiod is not running. (Issue #40796)
Fixed a bug where the return dynamically generated by
jwkswas not base64 encoded, causing Envoy to fail to parse it.
Fixed an issue where a root namespace
Sidecarconfiguration would be ignored.
Fixed the gateway API integration to not fail when the
v1alpha2version is removed.