ReleaseBytes
gcp Google Cloud release notes ·

Cloud Service Mesh Security Patch Releases and Gateway API Update

securityinfragcpengineer
security

Multiple patch releases for Cloud Service Mesh (versions 1.29.5-asm.5, 1.28.9-asm.4, and 1.27.9-asm.9) address security vulnerabilities including GCP-2026-045. Additionally, a new Security Proxy version (csm_mesh_proxy.csm_mesh_proxy.20260624e_RC01) for Gateway API on GKE clusters fixes vulnerabilities listed in GCP-2026-040. These updates are critical for maintaining the security posture of in-cluster Cloud Service Mesh deployments and GKE Gateway API users.

  • 1.29.5-asm.5 is now available for in-cluster Cloud Service Mesh.
  • 1.28.9-asm.4 is now available for in-cluster Cloud Service Mesh.
  • 1.27.9-asm.9 is now available for in-cluster Cloud Service Mesh.
Security (4)
  • Cloud Service Mesh 1.29.5-asm.5 is now available for in-cluster Cloud Service Mesh.

    1.29.5-asm.5 is now available for in-cluster Cloud Service Mesh. This patch release contains the fix for the security vulnerability listed in GCP-2026-045 . For details on upgrading Cloud Service Mesh, see Upgrade Cloud Service Mesh . Cloud Service Mesh 1.29.5-asm.5 uses Envoy v1.37.5.

    GCP-2026-045Upgrade Cloud Service Mesh
  • Cloud Service Mesh 1.28.9-asm.4 is now available for in-cluster Cloud Service Mesh.

    1.28.9-asm.4 is now available for in-cluster Cloud Service Mesh. This patch release contains the fix for the security vulnerability listed in GCP-2026-045 . For details on upgrading Cloud Service Mesh, see Upgrade Cloud Service Mesh . Cloud Service Mesh 1.28.9-asm.4 uses Envoy v1.36.9.

    GCP-2026-045Upgrade Cloud Service Mesh
  • Cloud Service Mesh 1.27.9-asm.9 is now available for in-cluster Cloud Service Mesh.

    1.27.9-asm.9 is now available for in-cluster Cloud Service Mesh. This patch release contains the fix for the security vulnerability listed in GCP-2026-045 . For details on upgrading Cloud Service Mesh, see Upgrade Cloud Service Mesh . Cloud Service Mesh 1.27.9-asm.9 uses Envoy v1.35.13.

    GCP-2026-045Upgrade Cloud Service Mesh
  • Cloud Service Mesh

    Proxy version csm_mesh_proxy.csm_mesh_proxy.20260624e_RC01 for Gateway API on GKE clusters is rolling out to all Managed Cloud Service Mesh release channels over the next week. This patch release contains the fixes for the security vulnerabilities listed in GCP-2026-040 .

    GCP-2026-040
Read the original announcement →

https://docs.cloud.google.com/release-notes#June_29_2026