[release-1.5] Release notes v1.5.6 (#7668)

jukie · web-flow · commit a729ae342d71 · 2025-12-04T23:07:20.000-07:00
* Release notes

Signed-off-by: jukie &lt;10012479+jukie@users.noreply.github.com&gt;

* Updates

Signed-off-by: jukie &lt;10012479+jukie@users.noreply.github.com&gt;

---------

Signed-off-by: jukie &lt;10012479+jukie@users.noreply.github.com&gt;
diff --git a/release-notes/v1.5.6.yaml b/release-notes/v1.5.6.yaml
@@ -0,0 +1,30 @@
+date: December 4, 2025
+
+# Changes that are expected to cause an incompatibility with previous versions, such as deletions or modifications to existing APIs.
+breaking changes: |
+
+# Updates addressing vulnerabilities, security flaws, or compliance requirements.
+security updates: |
+  Patches for EnvoyProxy CVE-2025-64527, CVE-2025-66220, and CVE-2025-64763. Ref https://github.com/envoyproxy/envoy/releases/tag/v1.35.7
+
+# New features or capabilities added in this release.
+new features: |
+
+bug fixes: |
+  Fixed xDS snapshot cache to clear snapshots when streams close, preventing proxies from receiving stale configuration after reconnection.
+  Fixed configured OIDC authorization endpoint being overridden by discovered endpoints from issuer's well-known URL.
+  Fixed an issue with gateway ownership tracking when running multiple controllers.
+  Fixed default namespace handling when namespace is unset.
+  Fixed a bug where HTTPRoutes referencing gateways with multiple different GatewayClasses would have incomplete status conditions.
+  Fixed gateway status to treat too many addresses as programmed.
+
+# Enhancements that improve performance.
+performance improvements: |
+
+# Deprecated features or APIs.
+deprecations: |
+
+# Other notable changes not covered by the above sections.
+Other changes: |
+  Added disk space reclamation script for CI runners to prevent out-of-disk errors.
+  Bumped golang.org/x/crypto dependency.
