Skip to main content
logoTetrate Enterprise Gateway for EnvoyVersion: v1.6.x

v1.6.5

Updated Envoy Gateway to v1.6.5

Traffic Handling

  • WAF in MergedGateway Mode: Added support for ExtendedSecurityPolicy with merged gateways. ExtendedSecurityPolicy can now target a GatewayClass to apply to all Gateways of that class in mergedGateway deployment mode.

Security Updates

  • Bumped Envoy ratelimit image to c8765e89 with security fixes for Go.
  • Bumped Envoy Proxy image to v1.36.5 for fixing several security issues and bug fixes. For more details, please refer to the Envoy Proxy v1.36.5 release notes.
  • Bumped Go runtime to 1.25.8 with security fixes for the go command and the crypto/tls package.

Bug Fixes

  • Made ConnectionLimit.Value optional so users can configure MaxConnectionDuration, MaxRequestsPerConnection, or MaxStreamDuration without setting a max connections value.
  • Added ownership references to ratelimit ConfigMap and HPA resources.
  • Fixed an issue where computeHosts did not work when both listener and route had wildcard hostnames.
  • Excluded unmanaged route parents from xPolicy status ancestors.
  • Fixed route and policy status aggregation across multiple GatewayClasses managed by the same controller, so resources preserve status from all relevant parents and ancestors instead of being overwritten by the last processed GatewayClass.
  • Fixed local object reference resolution from parent policy in merged BackendTrafficPolicies.