Changes that are expected to cause an incompatibility if applicable; deployment changes are likely required
Changes that may cause incompatibilities for some users, but should not for most
Changes expected to improve the state of the world and are unlikely to have negative effects
- jwt_authn: reject requests with a proper error if JWT has the wrong issuer when allow_missing is used. Before this change, the requests are accepted.
- overload: fix a bug that can cause use-after-free when one scaled timer disables another one with the same duration.
Normally occurs at the end of the :ref:`deprecation period <v1.17:deprecated>`