1.22.1

This release note describes the changes of Solo builds between Istio versions 1.22.0 and 1.22.1.

Security Notice link

This build includes resolution of Istio Security Advisory 2024-004.

General link

This version was built against upstream Istio release 1.22.1.

• Backported a fix to not hardcode CA_TRUSTED_NODE_ACCOUNTS. istio/istio#51311
• Backported fix for potential CNI crash when attempting to remove a pod from the ambient mesh that was never added. istio/istio#51379
• Backported fix for false positives in IST0162 analyzer. istio/istio#513856
• Backported the addition of gateways.securityContext option to custom gateways. istio/isito#51386
• Backported fix for pilot deleting ServiceEntries twice. istio/istio#51284
• For solo ambient revision support, fix issue where helm installs would collide over ztunnel service accounts.
• For solo ambient revision support, allow default revision to be configurable.
• For solo ambient revision support, fixed handling of pods where the old revision tag is bad or already terminated.