v1.2.4

Updated Envoy Gateway to v1.2.7

Security Updates

• Fixed vulnerability CVE-2025-25294, which made the default access logging vulnerable to log injection attacks. For more details, refer to GHSA-mf24-chxh-hmvj.

Bug Fixes

• Fixed translating of backendSettings for extAuth.
• Fixed allowing weights to be zero on endpoints for backendRefs in TCPRoute and UDPRoute.
• Fixed validation of all xDS resources before sending them to the Envoy fleet.
• Added support for Secret and ConfigMap parsing in Standalone mode.