From d0184c358019ecb0c7f63a09e8b70f1a7bbbea64 Mon Sep 17 00:00:00 2001
From: nfuden <nathan.fudenberg@solo.io>
Date: Mon, 8 Apr 2024 08:56:34 -0400
Subject: [PATCH 1/2] bazel: Update to a newer version of envoy-fork which
 bumps upstream envoy for HTTP2 continuation flood cve

---
 bazel/repository_locations.bzl           | 4 ++--
 changelog/v1.26.8-patch1/envoy-bump.yaml | 8 ++++++++
 2 files changed, 10 insertions(+), 2 deletions(-)
 create mode 100644 changelog/v1.26.8-patch1/envoy-bump.yaml

diff --git a/bazel/repository_locations.bzl b/bazel/repository_locations.bzl
index 2bbdc0f3a..83e1bb49e 100644
--- a/bazel/repository_locations.bzl
+++ b/bazel/repository_locations.bzl
@@ -1,8 +1,8 @@
 REPOSITORY_LOCATIONS = dict(
     envoy = dict(
         # envoy 1.26.7 forked with extproc changes
-        # sourced from release v1.26.7-fork1
-        commit = "37f7ac716a3253001640ccb4a548d8dba0d6cf4f",
+        # sourced from release v1.26.8-fork1
+        commit = "f87a6143de75426bff63d0da4e9d4ed400b74a40",
         remote = "https://github.com/solo-io/envoy-fork",
     ),
     inja = dict(
diff --git a/changelog/v1.26.8-patch1/envoy-bump.yaml b/changelog/v1.26.8-patch1/envoy-bump.yaml
new file mode 100644
index 000000000..f5357d1cb
--- /dev/null
+++ b/changelog/v1.26.8-patch1/envoy-bump.yaml
@@ -0,0 +1,8 @@
+changelog:
+  - type: DEPENDENCY_BUMP
+    dependencyRepo: envoy
+    dependencyOwner: envoyproxy
+    dependencyTag: v1.26.8
+    description: >
+      Bump Envoy to v1.26.8 for our fork.
+      Tackles the http2 crazy cve CVE-2024-30255

From a067bdf2529e31905012e72d1bf8495c8d89ae88 Mon Sep 17 00:00:00 2001
From: nfuden <nathan.fudenberg@solo.io>
Date: Wed, 10 Apr 2024 13:17:26 -0400
Subject: [PATCH 2/2] changelog: add issuelink:

---
 changelog/v1.26.8-patch1/envoy-bump.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/changelog/v1.26.8-patch1/envoy-bump.yaml b/changelog/v1.26.8-patch1/envoy-bump.yaml
index f5357d1cb..c9deb5361 100644
--- a/changelog/v1.26.8-patch1/envoy-bump.yaml
+++ b/changelog/v1.26.8-patch1/envoy-bump.yaml
@@ -3,6 +3,7 @@ changelog:
     dependencyRepo: envoy
     dependencyOwner: envoyproxy
     dependencyTag: v1.26.8
+    issueLink: https://github.com/solo-io/solo-projects/issues/6008
     description: >
       Bump Envoy to v1.26.8 for our fork.
       Tackles the http2 crazy cve CVE-2024-30255