Announcing Istio 1.4.9

Istio 1.4.9 patch release.

May 12, 2020

This release contains bug fixes to improve robustness and fixes for the security vulnerabilities described in our May 12th, 2020 news post. This release note describes what’s different between Istio 1.4.9 and Istio 1.4.8.

Security update

CVE-2020-10739: By sending a specially crafted packet, an attacker could trigger a Null Pointer Exception resulting in a Denial of Service. This could be sent to the ingress gateway or a sidecar.

Bug Fixes