Announcing Istio 1.6.8
Istio 1.6.8 patch release.
This release fixes the security vulnerability described in our August 11th, 2020 news post.
This release contains bug fixes to improve robustness. These release notes describe what’s different between Istio 1.6.7 and Istio 1.6.8.
BEFORE YOU UPGRADE
Things to know and prepare before upgrading.
DOWNLOAD
Download and install this release.
DOCS
Visit the documentation for this release.
SOURCE CHANGES
Inspect the full set of source code changes.
Security update
- CVE-2020-16844:
Callers to TCP services that have a defined Authorization Policies with
DENY
actions using wildcard suffixes (e.g.*-some-suffix
) for source principals or namespace fields will never be denied access.- CVSS Score: 6.8 AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N