1.37.2 (April 10, 2026)

Bug fixes

Changes expected to improve the state of the world and are unlikely to have negative effects

  • access_log: Fixed a crash on listener removal with a process-level access log rate limiter ProcessRateLimitFilter.

    Note: Release notes show this to be fixed on 1.37.1 branch, but it was not backported in that release.

  • contrib: Fixed segfault from timer thread-safety violation, a ring buffer overflow and alpha calculation in peak_ewma loadbalancer.

  • docker: Updates/fixes for release images.

  • dynamic_modules: Fixed a bug where dynamic module filter may result in a incomplete body being sent to upstream or downstream when some filters before or after the dynamic module filter in the chain buffered the body and the dynamic module filter did not.

  • http: Fixed a bug where the internal redirect logic may hang up a request when the request buffer is overflowed.

New features

  • stats: Added support for cluster-level stats matcher, allowing more granular control over which stats are enabled and reported at the cluster level. This the stats matcher could be configured via the xDS API dynamically on a per-cluster basis. See envoy.stats_matcher for more details.

  • stats: Added support to limit the number of stats stored in each stats scope in the stats libarary.