1.26.2 (June 5, 2023)

Bug fixes

Changes expected to improve the state of the world and are unlikely to have negative effects

• boringssl: Fixed the crash that occurs when contrib is compiled with boringssl=fips defined.

• dependency: update C-ares -> 1.91.1 to resolve:

  • CVE-2023-31130.

  • CVE-2023-31147.

  • CVE-2023-31124.

  • CVE-2023-32067.

• dependency: update Wasmtime and related deps -> 9.0.3 to resolve CVE-2023-30624.

• ext_authz: Fix a bug where the ext_authz filter will ignore the request body when the pack_as_bytes is set to true and HTTP authorization service is configured.