status-im/consul
2
0
Fork 0
mirror of https://github.com/status-im/consul.git synced 2025-02-02 08:56:43 +00:00
Code Issues Projects Releases Wiki Activity

update envoy doc notes (#7389)

Browse Source
This commit is contained in:
Alvin Huang 2020-03-04 14:59:30 -05:00 committed by GitHub
parent 6074a1b4c8
commit a24e431c0e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
website/source/docs/connect/proxies/envoy.md
View File

@ -36,18 +36,20 @@ compatible Envoy versions.
| Consul Version | Compatible Envoy Versions | | Consul Version | Compatible Envoy Versions |
|---|---| |---|---|
| 1.7.0 and higher | 1.13.0, 1.12.2, 1.11.2, 1.10.0 | | 1.7.0 and higher | 1.13.0, 1.12.2, 1.11.2, 1.10.0* |
| 1.5.2, 1.5.3, 1.6.x | 1.11.1, 1.10.0, 1.9.1, 1.8.0† | | 1.5.2, 1.5.3, 1.6.x | 1.11.1, 1.10.0, 1.9.1, 1.8.0† |
| 1.5.0, 1.5.1 | 1.9.1, 1.8.0† | | 1.5.0, 1.5.1 | 1.9.1, 1.8.0† |
| 1.3.x, 1.4.x | 1.9.1, 1.8.0†, 1.7.0† | | 1.3.x, 1.4.x | 1.9.1, 1.8.0†, 1.7.0† |
!> **Security Note:** Envoy versions lower than 1.9.1 are vulnerable to ~> Note:
† Envoy versions lower than 1.9.1 are vulnerable to
[CVE-2019-9900](https://github.com/envoyproxy/envoy/issues/6434) and [CVE-2019-9900](https://github.com/envoyproxy/envoy/issues/6434) and
[CVE-2019-9901](https://github.com/envoyproxy/envoy/issues/6435). Both are [CVE-2019-9901](https://github.com/envoyproxy/envoy/issues/6435). Both are
related to HTTP request parsing and so only affect Consul Connect users if they related to HTTP request parsing and so only affect Consul Connect users if they
have configured HTTP routing rules via the ["escape have configured HTTP routing rules via the ["escape
hatch"](#custom-configuration). Still, we recommend that you use the most hatch"](#custom-configuration). Still, we recommend that you use the most
recent supported Envoy for your Consul version where possible. recent supported Envoy for your Consul version where possible.
* Envoy 1.10.0 requires setting [`-envoy-version`](https://www.consul.io/docs/commands/connect/envoy.html#envoy-version) in the `consul connect envoy` command. This was introduced in Consul 1.7.0.
## Getting Started ## Getting Started