1.16.3 (April 15, 2021)

Incompatible Behavior Changes

Changes that are expected to cause an incompatibility if applicable; deployment changes are likely required

Minor Behavior Changes

Changes that may cause incompatibilities for some users, but should not for most

Bug Fixes

Changes expected to improve the state of the world and are unlikely to have negative effects

  • aggregate cluster: fixed a crash due to a TLS initialization issue.

  • http: fixed a crash upon receiving empty HTTP/2 metadata frames. Received empty metadata frames are now counted in the HTTP/2 codec stat metadata_empty_frames.

  • http: fixed a remotely exploitable integer overflow via a very large grpc-timeout value causes undefined behavior.

  • http: reverting a behavioral change where upstream connect timeouts were temporarily treated differently from other connection failures. The change back to the original behavior can be temporarily reverted by setting envoy.reloadable_features.treat_upstream_connect_timeout_as_connect_failure to false.

  • lua: fixed crash when Lua script contains streamInfo():downstreamSslConnection().

  • overload: fix a bug that can cause use-after-free when one scaled timer disables another one with the same duration.

  • tls: fix a crash when peer sends a TLS Alert with an unknown code.

  • tls: fix detection of the upstream connection close event.

Removed Config or Runtime

Normally occurs at the end of the deprecation period

New Features