1.17.2 (April 15, 2021)

Bug fixes

Changes expected to improve the state of the world and are unlikely to have negative effects

  • http: fixed a crash upon receiving empty HTTP/2 metadata frames. Received empty metadata frames are now counted in the HTTP/2 codec stat metadata_empty_frames.

  • http: fixed a remotely exploitable integer overflow via a very large grpc-timeout value causes undefined behavior.

  • http: reverting a behavioral change where upstream connect timeouts were temporarily treated differently from other connection failures. The change back to the original behavior can be temporarily reverted by setting envoy.reloadable_features.treat_upstream_connect_timeout_as_connect_failure to false.

  • tls: fix a crash when peer sends a TLS Alert with an unknown code.

New features

  • dispatcher: supports a stack of Envoy::ScopeTrackedObject instead of a single tracked object. This will allow Envoy to dump more debug information on crash.