Skip to content

Commit

Permalink
backport of commit c332574
Browse files Browse the repository at this point in the history
  • Loading branch information
sarahalsmiller committed Dec 18, 2024
1 parent 3df3d08 commit 68509e1
Showing 1 changed file with 4 additions and 4 deletions.
8 changes: 4 additions & 4 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -52,11 +52,11 @@ SECURITY:
* Explicitly set 'Content-Type' header to mitigate XSS vulnerability. [[GH-21704](https://github.com/hashicorp/consul/issues/21704)]
* Implement HTML sanitization for user-generated content to prevent XSS attacks in the UI. [[GH-21711](https://github.com/hashicorp/consul/issues/21711)]
* UI: Remove codemirror linting due to package dependency [[GH-21726](https://github.com/hashicorp/consul/issues/21726)]
* Upgrade Go to use 1.22.7. This addresses CVE
[CVE-2024-34155](https://nvd.nist.gov/vuln/detail/CVE-2024-34155) [[GH-21705](https://github.com/hashicorp/consul/issues/21705)]
* Upgrade Go to use 1.22.7. This addresses CVE
[CVE-2024-34155](https://nvd.nist.gov/vuln/detail/CVE-2024-34155) [[GH-21705](https://github.com/hashicorp/consul/issues/21705)]
* Upgrade to support aws/aws-sdk-go `v1.55.5 or higher`. This resolves CVEs
[CVE-2020-8911](https://nvd.nist.gov/vuln/detail/cve-2020-8911) and
[CVE-2020-8912](https://nvd.nist.gov/vuln/detail/cve-2020-8912). [[GH-21684](https://github.com/hashicorp/consul/issues/21684)]
[CVE-2020-8911](https://nvd.nist.gov/vuln/detail/cve-2020-8911) and
[CVE-2020-8912](https://nvd.nist.gov/vuln/detail/cve-2020-8912). [[GH-21684](https://github.com/hashicorp/consul/issues/21684)]
* ui: Pin a newer resolution of Braces [[GH-21710](https://github.com/hashicorp/consul/issues/21710)]
* ui: Pin a newer resolution of Codemirror [[GH-21715](https://github.com/hashicorp/consul/issues/21715)]
* ui: Pin a newer resolution of Markdown-it [[GH-21717](https://github.com/hashicorp/consul/issues/21717)]
Expand Down

0 comments on commit 68509e1

Please sign in to comment.