Service Mesh Istio
Envoy proxy & GetEnvoy, Istio, Open Source, Security

Istio and Envoy Security Advisories

September 29, 2020 — The Envoy Product Security Team (PST) announced  the availability of a security fix and a series of patches for Envoy versions 1.12,1.13, 1.14 and 1.15 to address two high-risk vulnerabilities related to header values and HTTP URL paths. In response to CVE-2020-25017. Additionally the Istio community recommends users to upgrade to 1.6.11+ for 1.6.x deployments or 1.7.3 or later for 1.7.x deployments.

Read More
Istio, Tetrate

What’s new in Istio 1.7? VM Identity, simplified cert management and more!

Istio, the leading Open Source service mesh offering, today announced the general availability of their 1.7 release. The new features make it easier to bootstrap clusters and to maintain their own versions of software add-ons like Prometheus and Jaeger.

Istio’s 1.7 release was highly anticipated because of its focus on extending the mesh to work in virtual machine-based cloud environments. Tetrate was founded to solve this problem and has been solving this problem for the past year in partnership with customers in real deployments. In the 1.6 release, we expanded the mesh to include the VM environment while the 1.7 release, managed by Tetrate’s Cynthia Coan, addressed the gap of needing a verifiable identity for the VM.

Read More