chore(deps): update dependency envoyproxy/envoy to v1.36.3

[renovate]

This PR contains the following updates:

Package	Update	Change	OpenSSF
envoyproxy/envoy	patch	v1.36.2 -> v1.36.3

---

Release Notes

envoyproxy/envoy (envoyproxy/envoy)

v1.36.3

Compare Source

Summary of changes:

• Security fixes:
  • CVE-2025-64527: Envoy crashes when JWT authentication is configured with the remote JWKS fetching
  • CVE-2025-66220: TLS certificate matcher for match_typed_subject_alt_names may incorrectly treat certificates containing an embedded null byte
  • CVE-2025-64763: Potential request smuggling from early data after the CONNECT upgrade

Docker images:
https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.36.3
Docs:
https://www.envoyproxy.io/docs/envoy/v1.36.3/
Release notes:
https://www.envoyproxy.io/docs/envoy/v1.36.3/version_history/v1.36/v1.36.3
Full changelog:
envoyproxy/envoy@v1.36.2...v1.36.3

Signed-off-by: Ryan Northey [email protected]
Signed-off-by: Boteng Yao [email protected]

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.