bazel: update to a newer version of envoy-fork with http2 continuatio…

…n cve (#323) * bazel: update to a newer version of envoy-fork with http2 continuation cve * move changelogs
solo-io · Apr 10, 2024 · 20a560d · 20a560d
1 parent b0da7f3
commit 20a560d
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 2 deletions.
diff --git a/bazel/repository_locations.bzl b/bazel/repository_locations.bzl
@@ -2,8 +2,8 @@ REPOSITORY_LOCATIONS = dict(
     # can't have more than one comment between envoy line and commit line in 
     # order to accommodate `check_extensions_build_config.sh`
     envoy = dict(
-        # envoy 1.29.2 with backported ext_proc updates
-        commit = "07d43f271290583b3019a1172420d4b33bd52153", # v1.29.2-fork1
+        # envoy 1.29.3 with backported ext_proc updates
+        commit = "e2dab93e60e93b56fa63632fb9cfa64930fc5240", # v1.29.3-fork1
         remote = "https://github.com/solo-io/envoy-fork",
     ),
     inja = dict(

diff --git a/changelog/v1.29.3-patch1/bump-envoy.yaml b/changelog/v1.29.3-patch1/bump-envoy.yaml
@@ -0,0 +1,10 @@
+changelog:
+- type: DEPENDENCY_BUMP
+  dependencyOwner: solo-io
+  dependencyRepo: envoy-fork
+  dependencyTag: v1.29.3
+  issueLink: https://github.com/solo-io/solo-projects/issues/6008
+  resolvesIssue: false
+  description: >-
+    Update Envoy to latest from forked 1.29.3
+    Tackles the http2 crazy cve CVE-2024-30255
diff --git a/...-patch3/generate-debug-config-script.yaml → ...-patch1/generate-debug-config-script.yaml b/...-patch3/generate-debug-config-script.yaml → ...-patch1/generate-debug-config-script.yaml