From f49758fb3522ddf732c9b171d8463725a7e6c246 Mon Sep 17 00:00:00 2001 From: shawnh2 Date: Mon, 15 Sep 2025 20:40:14 +0800 Subject: [PATCH 1/5] add release notes and verion Signed-off-by: shawnh2 --- VERSION | 2 +- release-notes/v1.4.4.yaml | 12 ++++++++++++ site/content/en/news/releases/notes/v1.4.4.md | 19 +++++++++++++++++++ 3 files changed, 32 insertions(+), 1 deletion(-) create mode 100644 release-notes/v1.4.4.yaml create mode 100644 site/content/en/news/releases/notes/v1.4.4.md diff --git a/VERSION b/VERSION index 92f76b4232..61919cdd8e 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v1.4.3 +v1.4.4 diff --git a/release-notes/v1.4.4.yaml b/release-notes/v1.4.4.yaml new file mode 100644 index 0000000000..bc4f409910 --- /dev/null +++ b/release-notes/v1.4.4.yaml @@ -0,0 +1,12 @@ +date: September 15, 2025 + +security updates: | + Updated go mod package `xz` to fix cve-2025-58058. + Updated distroless image to resolve glibc CVEs. + +bug fixes: | + Fixed issue where handling of context-related transient errors to prevent incorrect state reconciliation and unintended behavior. + Fixed issue where the `exclusiveMaximum` field in CRD is being set incorrectly. + Fixed issue where validation for grpc routes with extension ref filters. + Fixed issue where route status has dangling conditions and not cleanup. + Fixed issue where add missing patch annotations to `Compression` struct for proper `Merge`. diff --git a/site/content/en/news/releases/notes/v1.4.4.md b/site/content/en/news/releases/notes/v1.4.4.md new file mode 100644 index 0000000000..b479880dfe --- /dev/null +++ b/site/content/en/news/releases/notes/v1.4.4.md @@ -0,0 +1,19 @@ +--- +title: "v1.4.4" +publishdate: 2025-09-15 +--- + +Date: September 15, 2025 + +## Security updates + +- Updated go mod package `xz` to fix cve-2025-58058. +- Updated distroless image to resolve glibc CVEs. + +## Bug fixes + +- Fixed issue where handling of context-related transient errors to prevent incorrect state reconciliation and unintended behavior. +- Fixed issue where the `exclusiveMaximum` field in CRD is being set incorrectly. +- Fixed issue where validation for grpc routes with extension ref filters. +- Fixed issue where route status has dangling conditions and not cleanup. +- Fixed issue where add missing patch annotations to `Compression` struct for proper `Merge`. From 322072a1e665dd20c8bafe090b15ece2560593a1 Mon Sep 17 00:00:00 2001 From: shawnh2 Date: Tue, 16 Sep 2025 19:09:00 +0800 Subject: [PATCH 2/5] refactor notes Signed-off-by: shawnh2 --- release-notes/v1.4.4.yaml | 14 +++++++------- site/content/en/news/releases/notes/v1.4.4.md | 14 +++++++------- 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/release-notes/v1.4.4.yaml b/release-notes/v1.4.4.yaml index bc4f409910..42a6b87274 100644 --- a/release-notes/v1.4.4.yaml +++ b/release-notes/v1.4.4.yaml @@ -1,12 +1,12 @@ date: September 15, 2025 security updates: | - Updated go mod package `xz` to fix cve-2025-58058. - Updated distroless image to resolve glibc CVEs. + Updated the Go module package `xz` to fix CVE-2025-58058. + Updated the distroless image to resolve glibc CVEs. bug fixes: | - Fixed issue where handling of context-related transient errors to prevent incorrect state reconciliation and unintended behavior. - Fixed issue where the `exclusiveMaximum` field in CRD is being set incorrectly. - Fixed issue where validation for grpc routes with extension ref filters. - Fixed issue where route status has dangling conditions and not cleanup. - Fixed issue where add missing patch annotations to `Compression` struct for proper `Merge`. + Fixed an issue in handling context-related transient errors to prevent incorrect state reconciliation and unintended behavior. + Fixed an issue where the `exclusiveMaximum` field in the CRD was set incorrectly. + Fixed validation for gRPC routes with extension ref filters. + Fixed an issue where route status had dangling conditions and was not cleaned up. + Added missing patch annotations to the `Compression` struct for proper `Merge`. \ No newline at end of file diff --git a/site/content/en/news/releases/notes/v1.4.4.md b/site/content/en/news/releases/notes/v1.4.4.md index b479880dfe..1b1e049ada 100644 --- a/site/content/en/news/releases/notes/v1.4.4.md +++ b/site/content/en/news/releases/notes/v1.4.4.md @@ -7,13 +7,13 @@ Date: September 15, 2025 ## Security updates -- Updated go mod package `xz` to fix cve-2025-58058. -- Updated distroless image to resolve glibc CVEs. +- Updated the Go module package `xz` to fix CVE-2025-58058. +- Updated the distroless image to resolve glibc CVEs. ## Bug fixes -- Fixed issue where handling of context-related transient errors to prevent incorrect state reconciliation and unintended behavior. -- Fixed issue where the `exclusiveMaximum` field in CRD is being set incorrectly. -- Fixed issue where validation for grpc routes with extension ref filters. -- Fixed issue where route status has dangling conditions and not cleanup. -- Fixed issue where add missing patch annotations to `Compression` struct for proper `Merge`. +- Fixed an issue in handling context-related transient errors to prevent incorrect state reconciliation and unintended behavior. +- Fixed an issue where the `exclusiveMaximum` field in the CRD was set incorrectly. +- Fixed validation for gRPC routes with extension ref filters. +- Fixed an issue where route status had dangling conditions and was not cleaned up. +- Added missing patch annotations to the `Compression` struct for proper `Merge`. From a68f112cf226a7a99a7165533980aa6bf77cc64a Mon Sep 17 00:00:00 2001 From: shawnh2 Date: Tue, 16 Sep 2025 19:17:41 +0800 Subject: [PATCH 3/5] fix lint Signed-off-by: shawnh2 --- release-notes/v1.4.4.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/release-notes/v1.4.4.yaml b/release-notes/v1.4.4.yaml index 42a6b87274..c080805bb3 100644 --- a/release-notes/v1.4.4.yaml +++ b/release-notes/v1.4.4.yaml @@ -9,4 +9,4 @@ bug fixes: | Fixed an issue where the `exclusiveMaximum` field in the CRD was set incorrectly. Fixed validation for gRPC routes with extension ref filters. Fixed an issue where route status had dangling conditions and was not cleaned up. - Added missing patch annotations to the `Compression` struct for proper `Merge`. \ No newline at end of file + Added missing patch annotations to the `Compression` struct for proper `Merge`. From 08df388217f0ad14142aa66e0ddd79b5586b6c4e Mon Sep 17 00:00:00 2001 From: shawnh2 Date: Wed, 17 Sep 2025 19:47:22 +0800 Subject: [PATCH 4/5] update date Signed-off-by: shawnh2 --- release-notes/v1.4.4.yaml | 2 +- site/content/en/news/releases/notes/v1.4.4.md | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/release-notes/v1.4.4.yaml b/release-notes/v1.4.4.yaml index c080805bb3..d17d2545e9 100644 --- a/release-notes/v1.4.4.yaml +++ b/release-notes/v1.4.4.yaml @@ -1,4 +1,4 @@ -date: September 15, 2025 +date: September 17, 2025 security updates: | Updated the Go module package `xz` to fix CVE-2025-58058. diff --git a/site/content/en/news/releases/notes/v1.4.4.md b/site/content/en/news/releases/notes/v1.4.4.md index 1b1e049ada..a02ce4dd3c 100644 --- a/site/content/en/news/releases/notes/v1.4.4.md +++ b/site/content/en/news/releases/notes/v1.4.4.md @@ -1,9 +1,9 @@ --- title: "v1.4.4" -publishdate: 2025-09-15 +publishdate: 2025-09-17 --- -Date: September 15, 2025 +Date: September 17, 2025 ## Security updates From 25954b07075f1d072458165a1c30ba0b4d9e590c Mon Sep 17 00:00:00 2001 From: shawnh2 Date: Wed, 17 Sep 2025 21:58:52 +0800 Subject: [PATCH 5/5] add other changes Signed-off-by: shawnh2 --- release-notes/v1.4.4.yaml | 4 ++++ site/content/en/news/releases/notes/v1.4.4.md | 5 +++++ 2 files changed, 9 insertions(+) diff --git a/release-notes/v1.4.4.yaml b/release-notes/v1.4.4.yaml index d17d2545e9..c5c6dc530b 100644 --- a/release-notes/v1.4.4.yaml +++ b/release-notes/v1.4.4.yaml @@ -10,3 +10,7 @@ bug fixes: | Fixed validation for gRPC routes with extension ref filters. Fixed an issue where route status had dangling conditions and was not cleaned up. Added missing patch annotations to the `Compression` struct for proper `Merge`. + +other changes: | + Updated Envoy Proxy to v1.34.7. + Updated Ratelimit tag version to `e74a664a`. diff --git a/site/content/en/news/releases/notes/v1.4.4.md b/site/content/en/news/releases/notes/v1.4.4.md index a02ce4dd3c..7a0f1c0ffa 100644 --- a/site/content/en/news/releases/notes/v1.4.4.md +++ b/site/content/en/news/releases/notes/v1.4.4.md @@ -17,3 +17,8 @@ Date: September 17, 2025 - Fixed validation for gRPC routes with extension ref filters. - Fixed an issue where route status had dangling conditions and was not cleaned up. - Added missing patch annotations to the `Compression` struct for proper `Merge`. + +## Other changes + +- Updated Envoy Proxy to v1.34.7. +- Updated Ratelimit tag version to `e74a664a`.