Envoy
v1.37.4Networking & MessagingEnvoy v1.37.4 is a small patch with one RTDS bug fix and two opt-in HTTP/2 cookie-related observability/safety features. No security CVEs.
breakingRTDS override deletion behavior changed — verify runtime guard state
If your deployments rely on RTDS to manage runtime guard overrides, the old behavior left stale override values after deletion. The fix now restores the process-wide default. Check that your expected default values are actually what you want after an override is removed, especially if you were working around the old broken behavior.
enhancementUse the new cookie size limit to protect against oversized cookie headers
HTTP/2 reassembled cookie headers had no size cap before this release. If you proxy untrusted HTTP/2 clients, set envoy.reloadable_features.http2_max_cookies_size_in_kb to a reasonable limit (e.g., 32–64 KB) to prevent unexpectedly large cookie payloads from reaching upstreams. The default remains unlimited, so this requires an explicit opt-in.
enhancementEnable HTTP/2 header histograms in staging to baseline your traffic
The new envoy.reloadable_features.http2_record_histograms flag adds histograms for header count, map byte size, and cookie metrics. These are useful for understanding HTTP/2 header pressure in your fleet. Enable in a non-production environment first — note these metrics will be removed in a future Envoy release, so don't build long-term dashboards around them.
主な変更 (4)
- RTDS bug fix: deleting a runtime guard override now correctly falls back to the process-wide default instead of leaving a stale value
- New opt-in HTTP/2 header histograms (header count, byte size, cookie length/count) — enable via envoy.reloadable_features.http2_record_histograms
- New runtime flag envoy.reloadable_features.http2_max_cookies_size_in_kb to cap reassembled cookie header size (disabled/unlimited by default)
- HTTP/2 header histograms are explicitly temporary — they will be removed in a future release