1.20.2 (February 22, 2022)

Bug fixes

Changes expected to improve the state of the world and are unlikely to have negative effects

• data plane: fix crash when internal redirect selects a route configured with direct response or redirect actions.

• jwt_authn: fixed the crash when a CONNECT request is sent to JWT filter configured with regex match on the Host header.

• tcp_proxy: fix a crash that occurs when configured for upstream tunneling and the downstream connection disconnects while the the upstream connection or http/2 stream is still being established.

• upstream: fix stack overflow when a cluster with large number of idle connections is removed.

New features

• tls: added support for match_typed_subject_alt_names for subject alternative names to enforce specifying the subject alternative name type for the matcher to prevent matching against an unintended type in the certificate.

Deprecated

• tls: match_subject_alt_names has been deprecated in favor of the match_typed_subject_alt_names.