Add release notes for 1.5.6 (#7583)

* Add release notes for 1.5.6 - Cosmetic change in security descriptions. * ordered by issue type * Remove redundant release note point * remove mention of non-closed bug
2020-06-17 16:03:09 -07:00 · 2020-06-17 16:03:09 -07:00 · 59c00303f2
parent c4ed62e580
commit 59c00303f2
4 changed files with 35 additions and 3 deletions
--- a/content/en/news/releases/1.5.x/announcing-1.5.6/index.md
+++ b/content/en/news/releases/1.5.x/announcing-1.5.6/index.md
@ -0,0 +1,32 @@
+---
+title: Announcing Istio 1.5.6
+linktitle: 1.5.6
+subtitle: Patch Release
+description: Istio 1.5.6 patch release.
+publishdate: 2020-06-17
+release: 1.5.6
+aliases:
+    - /news/announcing-1.5.6
+test: n/a
+---
+
+This release contains bug fixes to improve robustness. This release note describes what’s different between Istio 1.5.5 and Istio 1.5.6.
+
+{{< relnote >}}
+
+## Security
+
+- **Updated** Node.js and jQuery versions used in bookinfo.
+
+## Changes
+
+- **Fixed** Transfer-Encoding value case-sensitivity in Envoy ([Envoy's issue 10041](https://github.com/envoyproxy/envoy/issues/10041))
+- **Fixed** handling of user defined ingress gateway configuration ([Issue 23303](https://github.com/istio/istio/issues/23303))
+- **Fixed** Add `TCP MX ALPN` in `UpstreamTlsContext` for clusters that specify `http2_protocol_options` ([Issue 23907](https://github.com/istio/istio/issues/23907))
+- **Fixed** election lock for namespace configmap controller.
+- **Fixed** `istioctl validate -f` for `networking.istio.io/v1beta1` rules ([Issue 24064](https://github.com/istio/istio/issues/24064))
+- **Fixed** aggregate clusters configuration ([Issue 23909](https://github.com/istio/istio/issues/23909))
+- **Fixed** Prometheus mTLS poods scraping ([Issue 22391](https://github.com/istio/istio/issues/22391))
+- **Fixed** ingress crash for overlapping hosts without match ([Issue 22910](https://github.com/istio/istio/issues/22910))
+- **Fixed** Istio telemetry Pod crashes ([Issue 23813](https://github.com/istio/istio/issues/23813))
+- **Removed** hard-coded operator namespace ([Issue 24073](https://github.com/istio/istio/issues/24073))
--- a/content/en/news/security/istio-security-2020-003/index.md
+++ b/content/en/news/security/istio-security-2020-003/index.md
@ -1,7 +1,7 @@
 ---
 title: ISTIO-SECURITY-2020-003
 subtitle: Security Bulletin
-description: Two Uncontrolled Resource Consumption and Two Incorrect Access Control Vulnerabilities in Envoy.
+description: Two uncontrolled resource consumption and two incorrect access control vulnerabilities in Envoy.
 cves: [CVE-2020-8659, CVE-2020-8660, CVE-2020-8661, CVE-2020-8664]
 cvss: "7.5"
 releases: ["1.4 to 1.4.5"]
--- a/content/en/news/security/istio-security-2020-005/index.md
+++ b/content/en/news/security/istio-security-2020-005/index.md
@ -1,7 +1,7 @@
 ---
 title: ISTIO-SECURITY-2020-005
 subtitle: Security Bulletin
-description:
+description: Denial of service affecting telemetry v2.
 cves: [CVE-2020-10739]
 cvss: "7.5"
 vector: "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
--- a/content/en/news/security/istio-security-2020-006/index.md
+++ b/content/en/news/security/istio-security-2020-006/index.md
@ -1,7 +1,7 @@
 ---
 title: ISTIO-SECURITY-2020-006
 subtitle: Security Bulletin
-description:
+description: Denial of service in the HTTP2 library used by Envoy.
 cves: [CVE-2020-11080]
 cvss: "7.5"
 vector: "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"