[release/v1.4] release notes and verion (#7244)

shawnh2 · web-flow · commit b5c92163d28b · 2025-10-20T21:30:59.000+08:00
diff --git a/VERSION b/VERSION
@@ -1 +1 @@
-v1.4.4
+v1.4.5
diff --git a/release-notes/v1.4.5.yaml b/release-notes/v1.4.5.yaml
@@ -0,0 +1,13 @@
+date: October 17, 2025
+
+security updates: |
+  Bumped golang to 1.24.9 to fix the crypto/x509 reggression.
+
+bug fixes: |
+  Added a check to ensure that per proxy xds snapshot cache references are cleaned up when the connection is closed.
+  Fixed an issue where use GRPCRoute with RequestMirror cause panic.
+  Fixed an issue where certificate SAN overlap detection in gateway listeners.
+  Disabled the default emission of `x-envoy-ratelimited` headers from the rate limit filter and re-enable with the `enableEnvoyHeaders` setting in ClientTrafficPolicy.
+
+other changes: |
+  Updated Envoy Proxy to v1.34.10.
diff --git a/site/content/en/news/releases/notes/v1.4.5.md b/site/content/en/news/releases/notes/v1.4.5.md
@@ -0,0 +1,21 @@
+---
+title: "v1.4.5"
+publishdate: 2025-10-17
+---
+
+Date: October 15, 2025
+
+## Security updates
+
+- Bumped golang to 1.24.9 to fix the crypto/x509 reggression.
+
+## Bug fixes
+
+- Added a check to ensure that per proxy xds snapshot cache references are cleaned up when the connection is closed.
+- Fixed an issue where use GRPCRoute with RequestMirror cause panic.
+- Fixed an issue where certificate SAN overlap detection in gateway listeners.
+- Disabled the default emission of `x-envoy-ratelimited` headers from the rate limit filter and re-enable with the `enableEnvoyHeaders` setting in ClientTrafficPolicy.
+
+## Other changes
+
+- Updated Envoy Proxy to v1.34.10.
