luxolus
/
open-consul
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity

update envoy doc notes (#7389)

This commit is contained in:
Alvin Huang 2020-03-04 14:59:30 -05:00 committed by GitHub
parent 3e6b79b9bc
commit 460b31771b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
website/source/docs/connect/proxies/envoy.md
View File

@ -36,18 +36,20 @@ compatible Envoy versions.
| Consul Version | Compatible Envoy Versions |
|---|---|
| 1.7.0 and higher | 1.13.0, 1.12.2, 1.11.2, 1.10.0 |
| 1.7.0 and higher | 1.13.0, 1.12.2, 1.11.2, 1.10.0* |
| 1.5.2, 1.5.3, 1.6.x | 1.11.1, 1.10.0, 1.9.1, 1.8.0† |
| 1.5.0, 1.5.1 | 1.9.1, 1.8.0† |
| 1.3.x, 1.4.x | 1.9.1, 1.8.0†, 1.7.0† |
!> **Security Note:** Envoy versions lower than 1.9.1 are vulnerable to
[CVE-2019-9900](https://github.com/envoyproxy/envoy/issues/6434) and
[CVE-2019-9901](https://github.com/envoyproxy/envoy/issues/6435). Both are
related to HTTP request parsing and so only affect Consul Connect users if they
have configured HTTP routing rules via the ["escape
hatch"](#custom-configuration). Still, we recommend that you use the most
recent supported Envoy for your Consul version where possible.
~> Note:
† Envoy versions lower than 1.9.1 are vulnerable to
[CVE-2019-9900](https://github.com/envoyproxy/envoy/issues/6434) and
[CVE-2019-9901](https://github.com/envoyproxy/envoy/issues/6435). Both are
related to HTTP request parsing and so only affect Consul Connect users if they
have configured HTTP routing rules via the ["escape
hatch"](#custom-configuration). Still, we recommend that you use the most
recent supported Envoy for your Consul version where possible.
* Envoy 1.10.0 requires setting [`-envoy-version`](https://www.consul.io/docs/commands/connect/envoy.html#envoy-version) in the `consul connect envoy` command. This was introduced in Consul 1.7.0.
## Getting Started