luxolus
/
open-consul
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity

docs: Update supported Envoy versions (#14130)

This commit is contained in:
Evan Culver 2022-08-10 11:57:09 -07:00 committed by GitHub
parent 97eec3f2b9
commit d12cbcc3c1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
website/content/docs/connect/proxies/envoy.mdx
View File

@ -36,9 +36,9 @@ Consul supports **four major Envoy releases** at the beginning of each major Con
| Consul Version | Compatible Envoy Versions |
| ------------------- | -----------------------------------------------------------------------------------|
| 1.13.x | 1.23.0, 1.22.2, 1.21.4, 1.20.6 |
| 1.12.x | 1.22.2, 1.21.3, 1.20.4, 1.19.5 |
| 1.11.x | 1.20.2, 1.19.3, 1.18.6, 1.17.4<sup>1</sup> |
| 1.10.x | 1.18.6, 1.17.4<sup>1</sup>, 1.16.5<sup>1</sup> , 1.15.5<sup>1</sup> |
1. Envoy 1.20.1 and earlier are vulnerable to [CVE-2022-21654](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21654) and [CVE-2022-21655](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21655). Both CVEs were patched in Envoy versions 1.18.6, 1.19.3, and 1.20.2.
Envoy 1.16.x and older releases are no longer supported (see [HCSEC-2022-07](https://discuss.hashicorp.com/t/hcsec-2022-07-consul-s-connect-service-mesh-affected-by-recent-envoy-security-releases/36332)). Consul 1.9.x clusters should be upgraded to 1.10.x and Envoy upgraded to the latest supported Envoy version for that release, 1.18.6.