Announcing Istio 1.12.3
Istio 1.12.3 patch release.
This release contains bug fixes to improve robustness. This release note describes what’s different between Istio 1.12.2 and Istio 1.12.3.
BEFORE YOU UPGRADE
Things to know and prepare before upgrading.
DOWNLOAD
Download and install this release.
DOCS
Visit the documentation for this release.
SOURCE CHANGES
Inspect the full set of source code changes.
Changes
Fixed an issue where scaling endpoint for a service from 0 to 1 might cause client side service account verification to be populated incorrectly. (Issue #36456)
Fixed an issue where in place upgrade will cause TCP connections between <1.12 proxies and 1.12 proxies to fail. (Issue #36797)
Fixed an issue that if duplicated cipher suites were configured in Gateway, they were pushed to Envoy configuration. With this fix, duplicated cipher suites will be ignored and logged. (Issue #36805)
Fixed Helm chart generating an invalid manifest when given a boolean or numeric value for environment variables. (Issue #36946)
Fixed error format after json marshaling in virtual machine config. (Issue #36358)
Fixed an issue where using
ISTIO_MUTUALTLS mode in Gateways while also settingcredentialNamecauses mutual TLS to not be configured. This configuration is now rejected, asISTIO_MUTUALis intended to be used withoutcredentialNameset. The old behavior can be retained by configuring thePILOT_ENABLE_LEGACY_ISTIO_MUTUAL_CREDENTIAL_NAME=trueenvironment variable in Istiod.