Pomerium v0.10.6 Release Notes
Release Date: 2020-10-01 // over 3 years ago-
🔒 Security
🚀 Envoy released a security update to addresses the following CVE(s):
- CVE-2020-25017 (CVSS score 6.5, Medium): Incorrect handling of duplicate HTTP headers
⚡️ This patch updates the underlying embedded version of Envoy to
1.15.1
. If you instead are using the Envoy from your local$PATH
you are encouraged to upgrade that binary as well.- deps: envoy 1.15.1 @desimone GH-1473
- ⚡️ deps: update envoy arm64 to v1.15.1 @travisgroth GH-1475