1.17.2 (April 15, 2021)
Bug fixes
Changes expected to improve the state of the world and are unlikely to have negative effects
http: fixed a crash upon receiving empty HTTP/2 metadata frames. Received empty metadata frames are now counted in the HTTP/2 codec stat metadata_empty_frames.
http: fixed a remotely exploitable integer overflow via a very large grpc-timeout value causes undefined behavior.
http: reverting a behavioral change where upstream connect timeouts were temporarily treated differently from other connection failures. The change back to the original behavior can be temporarily reverted by setting
envoy.reloadable_features.treat_upstream_connect_timeout_as_connect_failure
to false.tls: fix a crash when peer sends a TLS Alert with an unknown code.
New features
dispatcher: supports a stack of
Envoy::ScopeTrackedObject
instead of a single tracked object. This will allow Envoy to dump more debug information on crash.