ContextQMD
Back to Istio Io

Announcing Istio 1.6.3

content/en/news/releases/1.6.x/announcing-1.6.3/index.md

latest1.9 KB
Original Source

This release contains bug fixes to improve robustness. This release note describes what’s different between Istio 1.6.2 and Istio 1.6.3.

{{< relnote >}}

Changes

  • Fixed an issue preventing the operator from recreating watched resources if they are deleted (Issue 23238).
  • Fixed an issue where Istio crashed with the message: proto.Message is *client.QuotaSpecBinding, not *client.QuotaSpecBinding(Issue 24624).
  • Fixed an issue preventing operator reconciliation due to improper labels on watched resources (Issue 23603).
  • Added support for the k8s.v1.cni.cncf.io/networks annotation (Issue 24425).
  • Updated the SidecarInjectionSpec CRD to read the imagePullSecret from .Values.global (Pull 24365).
  • Updated split horizon to skip gateways that resolve hostnames.
  • Fixed istioctl experimental metrics to only flag error response codes as errors (Issue 24322)
  • Updated istioctl analyze to sort output formats.
  • Updated gateways to use proxyMetadata
  • Updated the Prometheus sidecar to use proxyMetadata(Issue 24415).
  • Removed invalid configuration from PodSecurityContext when gateway.runAsRoot is enabled (Issue 24469).

Grafana addon security fixes

We've updated the version of Grafana shipped with Istio from 6.5.2 to 6.7.4. This addresses a Grafana security issue, rated high, that can allow access to internal cluster resources using the Grafana avatar feature. (CVE-2020-13379)