On this page
1.25.5-patch4
Solo build of Istio version 1.25.5-patch4 patch release.
This release note describes what’s different between Solo builds of Istio versions 1.25.5-patch3 and 1.25.5-patch4.
Security Notice
- CVE-2025-61732 (CVSS score 8.6, High): A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary.
- CVE-2025-68121 (CVSS score 4.8, Moderate): A flaw in
crypto/tlssession resumption allows resumed handshakes to succeed when they should fail if ClientCAs or RootCAs are mutated between the initial and resumed handshake. This can occur when usingConfig.Clonewith mutations orConfig.GetConfigForClient. As a result, clients may resume sessions with unintended servers, and servers may resume sessions with unintended clients.
Solo Flavor Changes
No changes in this section.
FIPS Flavor Changes
No changes in this section.