.. _version_history_1.26.2:

1.26.2 (June 5, 2023)
======================






Bug fixes
---------

*Changes expected to improve the state of the world and are unlikely to have negative effects*



* **boringssl**: Fixed the crash that occurs when contrib is compiled with ``boringssl=fips`` defined.
* **dependency**: update C-ares -> 1.91.1 to resolve:

  - `CVE-2023-31130 <https://nvd.nist.gov/vuln/detail/CVE-2023-31130>`_.
  - `CVE-2023-31147 <https://nvd.nist.gov/vuln/detail/CVE-2023-31147>`_.
  - `CVE-2023-31124 <https://nvd.nist.gov/vuln/detail/CVE-2023-31124>`_.
  - `CVE-2023-32067 <https://nvd.nist.gov/vuln/detail/CVE-2023-32067>`_.
* **dependency**: update Wasmtime and related deps -> 9.0.3 to resolve
  `CVE-2023-30624 <https://nvd.nist.gov/vuln/detail/CVE-2023-30624>`_.
* **ext_authz**: Fix a bug where the ext_authz filter will ignore the request body when the
  :ref:`pack_as_bytes <v1.26:envoy_v3_api_field_extensions.filters.http.ext_authz.v3.BufferSettings.pack_as_bytes>` is set to true and
  HTTP authorization service is configured.