envoy: 1.31.1 -> 1.31.2

https://github.com/envoyproxy/envoy/releases/tag/v1.31.2

CVE-2024-45807: oghttp2 crash on OnBeginHeadersForStream
CVE-2024-45808: Malicious log injection via access logs
CVE-2024-45806: Potential manipulate x-envoy headers from external sources
CVE-2024-45809: Jwt filter crash in the clear route cache with remote JWKs
CVE-2024-45810: Envoy crashes for LocalReply in http async client
This commit is contained in:
Adam Stephens 2024-09-20 08:42:08 -04:00
parent e883582655
commit 0cfb8d3f7b
No known key found for this signature in database

View File

@ -25,9 +25,9 @@ let
# However, the version string is more useful for end-users.
# These are contained in a attrset of their own to make it obvious that
# people should update both.
version = "1.31.1";
rev = "1f44388cee449c9dae8ae34c0b4f09036bcbf560";
hash = "sha256-XvlF3hMS2PH87HgFwKoFzxHDYgRjZmxn02L1aLwYOrY=";
version = "1.31.2";
rev = "cc4a75482810de4b84c301d13deb551bd3147339";
hash = "sha256-mfQpEGLMJV3UKqcUdbhy6/pP1sWut26zjwN6vDE7LmA=";
};
# these need to be updated for any changes to fetchAttrs