.. _version_history_1.35.4:

1.35.4 (October 14, 2025)
==========================






Bug fixes
---------

*Changes expected to improve the state of the world and are unlikely to have negative effects*



* **dependency**: Resolve dependency CVEs:
  - CVE-2025-0913: fips/go
  - CVE-2024-25176: luajit
  - CVE-2024-25177: luajit
  - CVE-2024-25178: luajit
  - CVE-2025-27817: kafka
  - CVE-2025-27818: kafka.
* **tls_inspector**: Fixed regression in tls_inspector that caused plain text connections to be closed if more than 16Kb is read at once.
  This behavior can be reverted by setting the runtime guard ``envoy.reloadable_features.tls_inspector_no_length_check_on_error``
  to false.




New features
------------


* **tls_inspector**: Added dynamic metadata when failing to parse the ``ClientHello``.