Hello Envoy Community,
The Envoy security team would like to add additional information regarding the recent announcement: "Security fix of Envoy main branch (that includes
7d03b62)".
The additional information is as follows:
1. The defect introduced in
7d03b62 was landed in the main branch 16 days ago (5 August 2020).
2. The defect introduced in
7d03b62 is not part of any Envoy stable releases.
3. The fix (
7b88015) is merged into the main branch on 20 August 2020.
Thank you to Antonio Vicente who gave the suggestion to clarify these aspects of the issue.
Thanks,
Dhi Aurrahman (on behalf Envoy security team and maintainers)