1.11.2 (October 8, 2019)
Changes
http: fixed CVE-2019-15226 by adding a cached byte size in HeaderMap.
http: added max headers count for http connections. The default limit is 100.
upstream: runtime feature envoy.reloadable_features.max_response_headers_count overrides the default limit for upstream max headers count
http: added common_http_protocol_options Runtime feature envoy.reloadable_features.max_request_headers_count overrides the default limit for downstream max headers count
regex: backported safe regex matcher fix for CVE-2019-15225.
Deprecated
- Use of idle_timeout is deprecated. Use common_http_protocol_options instead.
当前内容版权归 servicemesher 或其关联方所有,如需对内容或内容相关联开源项目进行关注与资助,请访问 servicemesher .