Announcing Istio 1.2.7
Istio 1.2.7 patch release.
We’re pleased to announce the availability of Istio 1.2.7. Please see below for what’s changed.
BEFORE YOU UPGRADE
Things to know and prepare before upgrading.
Download and install this release.
Visit the documentation for this release.
Inspect the full set of source code changes.
This release contains fixes for the security vulnerability described in our October 8th, 2019 news post. Specifically:
ISTIO-SECURITY-2019-005: A DoS vulnerability has been discovered by the Envoy community.
- CVE-2019-15226: After investigation, the Istio team has found that this issue could be leveraged for a DoS attack in Istio if an attacker uses a high quantity of very small headers.
- Fix a bug where
nodeagentwas failing to start when using citadel (Issue 15876)