istio
/
istio.io
mirror of https://github.com/istio/istio.io.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

small clarification (#5688) 

we got users asking us if this config can be removed so add a comment here to clarify it.
This commit is contained in:
Lin Sun 2019-11-14 15:45:46 -05:00 committed by Istio Automation
parent 03fce8d76e
commit 4b9e8de50e
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
content/en/news/2019/announcing-1.3.5/index.md
View File

@ -17,7 +17,7 @@ This release contains fixes for the security vulnerability described in [our Nov
- **ISTIO-SECURITY-2019-006** A DoS vulnerability has been discovered in Envoy. - **ISTIO-SECURITY-2019-006** A DoS vulnerability has been discovered in Envoy.
__[CVE-2019-18817](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18817)__: An infinite loop can be triggered in Envoy if the option `continue_on_listener_filters_timeout` is set to True, which is the case in Istio. This vulnerability could be leveraged for a DoS attack. __[CVE-2019-18817](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18817)__: An infinite loop can be triggered in Envoy if the option `continue_on_listener_filters_timeout` is set to True, which is the case in Istio. This vulnerability could be leveraged for a DoS attack. If you applied the mitigation mentioned in [our November 11, 2019 news post](/news/2019/istio-security-2019-006), you can remove the mitigation once you upgrade to Istio 1.3.5 or newer.
## Bug fixes ## Bug fixes