Unverified Commit 0cfb8d3f authored by Adam Stephens's avatar Adam Stephens
Browse files

envoy: 1.31.1 -> 1.31.2 

https://github.com/envoyproxy/envoy/releases/tag/v1.31.2

CVE-2024-45807: oghttp2 crash on OnBeginHeadersForStream
CVE-2024-45808: Malicious log injection via access logs
CVE-2024-45806: Potential manipulate x-envoy headers from external sources
CVE-2024-45809: Jwt filter crash in the clear route cache with remote JWKs
CVE-2024-45810: Envoy crashes for LocalReply in http async client
parent e8835826

pkgs/by-name/en/envoy/package.nix

+3 −3
Original line number Diff line number Diff line
@@ -25,9 +25,9 @@ let 
    # However, the version string is more useful for end-users.

    # These are contained in a attrset of their own to make it obvious that

    # people should update both.

    version = "1.31.1";

    rev = "1f44388cee449c9dae8ae34c0b4f09036bcbf560";

    hash = "sha256-XvlF3hMS2PH87HgFwKoFzxHDYgRjZmxn02L1aLwYOrY=";

    version = "1.31.2";

    rev = "cc4a75482810de4b84c301d13deb551bd3147339";

    hash = "sha256-mfQpEGLMJV3UKqcUdbhy6/pP1sWut26zjwN6vDE7LmA=";

  };



  # these need to be updated for any changes to fetchAttrs