repo: Release v1.27.6

**Summary of changes:** - [CVE-2024-34362: Crash (use-after-free) in EnvoyQuicServerStream](GHSA-hww5-43gv-35jv) - [CVE-2024-34364: Envoy OOM vector from HTTP async client with unbounded response buffer for mirror response, and other components](GHSA-xcj3-h7vf-fw26) - [CVE-2024-32974: Crash in EnvoyQuicServerStream::OnInitialHeadersComplete()](GHSA-mgxp-7hhp-8299) - [CVE-2024-32975: Crash in QuicheDataReader::PeekVarInt62Length()](GHSA-g9mq-6v96-cpqc) - [CVE-2024-32976: Endless loop while decompressing Brotli data with extra input](GHSA-7wp5-c2vq-4f8m) - [CVE-2024-23326: Envoy incorrectly accepts HTTP 200 response for entering upgrade mode](GHSA-vcf8-7238-v74c) **Docker images**: https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.27.6 **Docs**: https://www.envoyproxy.io/docs/envoy/v1.27.6/ **Release notes**: https://www.envoyproxy.io/docs/envoy/v1.27.6/version_history/v1.27/v1.27.6 **Full changelog**: v1.27.5...v1.27.6 Signed-off-by: Ryan Northey <[email protected]>
envoyproxy · Jun 4, 2024 · 84d6d3a · 84d6d3a
1 parent 56b4de5
commit 84d6d3a
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 9 deletions.
diff --git a/VERSION.txt b/VERSION.txt
@@ -1 +1 @@
-1.27.6-dev
+1.27.6
diff --git a/changelogs/current.yaml b/changelogs/current.yaml
@@ -1,13 +1,6 @@
-date: Pending
-
-behavior_changes:
-# *Changes that are expected to cause an incompatibility if applicable; deployment changes are likely required*
-
-minor_behavior_changes:
-# *Changes that may cause incompatibilities for some users, but should not for most*
+date: June 4, 2024
 
 bug_fixes:
-# *Changes expected to improve the state of the world and are unlikely to have negative effects*
 - area: router
   change: |
     Fix a timing issue when upstream requests are empty when decoding data and send local reply when that happends. This is