1.34.12 (December 10, 2025)

Bug fixes

Changes expected to improve the state of the world and are unlikely to have negative effects

• dns: Update c-ares to version 1.34.6 to resolve CVE-2025-0913.

  Use-after-free in c-ares can crash Envoy via compromised or malfunctioning DNS.

  advisory: https://github.com/envoyproxy/envoy/security/advisories/GHSA-fg9g-pvc4-776f.