Announcing Istio 1.18.5
Istio 1.18.5 patch release.
This release fixes the security vulnerabilities described in our Oct 11th post, ISTIO-SECURITY-2023-004.
This release note describes what’s different between Istio 1.18.3 and 1.18.5. Please note that this release supersedes the unpublished 1.18.4 release. 1.18.4 was only published internally and has been skipped so that additional security fixes could be included in this release.
BEFORE YOU UPGRADE
Things to know and prepare before upgrading.
DOWNLOAD
Download and install this release.
DOCS
Visit the documentation for this release.
SOURCE CHANGES
Inspect the full set of source code changes.
Security updates
CVE-2023-44487: (CVSS Score 7.5, High): HTTP/2 denial of serviceCVE-2023-39325: (CVSS Score 7.5, High): HTTP/2 denial of service