Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

changelog and version #21105

Merged
merged 4 commits into from
May 15, 2024
Merged

changelog and version #21105

merged 4 commits into from
May 15, 2024

Conversation

xwa153
Copy link
Member

@xwa153 xwa153 commented May 14, 2024

Description

Testing & Reproduction steps

Links

PR Checklist

  • updated test coverage
  • external facing docs updated
  • appropriate backport labels added
  • not a security concern

@xwa153 xwa153 self-assigned this May 14, 2024
@xwa153 xwa153 changed the base branch from release/1.18.x to release/1.18.2 May 14, 2024 17:55
@xwa153 xwa153 changed the base branch from release/1.18.2 to release/1.18.x May 14, 2024 23:44
sarahalsmiller
sarahalsmiller reviewed May 15, 2024
View reviewed changes
CHANGELOG.md Outdated
* Upgrade Go to use 1.21.10. This addresses CVEs
[CVE-2024-24787](https://nvd.nist.gov/vuln/detail/CVE-2024-24787) and
[CVE-2024-24788](https://nvd.nist.gov/vuln/detail/CVE-2024-24788) [[GH-21074](https://github.com/hashicorp/consul/issues/21074)]
* Upgrade to support Envoy `1.26.8, 1.27.4, and 1.28.2`. This resolves CVE
Copy link
Member

@sarahalsmiller sarahalsmiller May 15, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I believe we typically collapse this line and the previous line so all the notes about upgrade envoy support are on the same line.

sarahalsmiller
sarahalsmiller reviewed May 15, 2024
View reviewed changes
CHANGELOG.md Outdated
Comment on lines 13 to 16
* Upgrade to support Envoy `1.26.8, 1.27.4, and 1.28.2`. This resolves CVE
[CVE-2024-27919](https://nvd.nist.gov/vuln/detail/CVE-2024-27919) (`http2`). [[GH-20956](https://github.com/hashicorp/consul/issues/20956)]
* Upgrade to support Envoy `1.27.5 and 1.28.3`. This resolves CVE
[CVE-2024-32475](https://nvd.nist.gov/vuln/detail/CVE-2024-32475) (`auto_sni`). [[GH-21034](https://github.com/hashicorp/consul/issues/21034)]
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
* Upgrade to support Envoy `1.26.8, 1.27.4, and 1.28.2`. This resolves CVE
[CVE-2024-27919](https://nvd.nist.gov/vuln/detail/CVE-2024-27919) (`http2`). [[GH-20956](https://github.com/hashicorp/consul/issues/20956)]
* Upgrade to support Envoy `1.27.5 and 1.28.3`. This resolves CVE
[CVE-2024-32475](https://nvd.nist.gov/vuln/detail/CVE-2024-32475) (`auto_sni`). [[GH-21034](https://github.com/hashicorp/consul/issues/21034)]
* Upgrade to support Envoy `1.26.8, 1.27.4, 1.27.5, 1.28.2 and 1.28.3`. This resolves CVEs
[CVE-2024-27919](https://nvd.nist.gov/vuln/detail/CVE-2024-27919) (`http2`). [[GH-20956](https://github.com/hashicorp/consul/issues/20956)] and [CVE-2024-32475](https://nvd.nist.gov/vuln/detail/CVE-2024-32475) (`auto_sni`). [[GH-21030](https://github.com/hashicorp/consul/issues/21030)]

@xwa153 xwa153 enabled auto-merge (squash) May 15, 2024 17:00
@xwa153 xwa153 merged commit e0bbab1 into release/1.18.x May 15, 2024
83 checks passed
@xwa153 xwa153 deleted the xw/changelog-1.18.2 branch May 15, 2024 17:19
sarahalsmiller pushed a commit that referenced this pull request May 16, 2024
@xwa153 @sarahalsmiller
changelog and version (#21105)
6d93d1b 
* update changelog
sarahalsmiller added a commit that referenced this pull request May 16, 2024
@sarahalsmiller @xwa153
1.18.2 Release manual backport (#21129)
0dbf501 
* changelog and version (#21105)

* update changelog

* try with release engineering optional clean flag (#21126)

* Release use releng branch (#21127)

* try with release engineering optional clean flag

* rename to branch name without slash

---------

Co-authored-by: wangxinyi7 <xinyi.wang@hashicorp.com>
sarahalsmiller added a commit that referenced this pull request May 16, 2024
@sarahalsmiller @xwa153
@hc-github-team-consul-core @DanStough
Release manual backport (#21130)
9fc827c 
* changelog and version (#21105)

* update changelog

* try with release engineering optional clean flag (#21126)

* Release use releng branch (#21127)

* try with release engineering optional clean flag

* rename to branch name without slash

* Backport of build: update gha to latest approved tsccr into release/1.18.x (#21106)

* backport of commit 10baa43

* backport of commit cc7b109

* backport of commit 640ba3a

---------

Co-authored-by: DanStough <dan.stough@hashicorp.com>

---------

Co-authored-by: wangxinyi7 <xinyi.wang@hashicorp.com>
Co-authored-by: hc-github-team-consul-core <github-team-consul-core@hashicorp.com>
Co-authored-by: DanStough <dan.stough@hashicorp.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sarahalsmiller sarahalsmiller sarahalsmiller left review comments

@blake blake blake approved these changes

@david-yu david-yu Awaiting requested review from david-yu

Assignees

@xwa153 xwa153

Labels
pr/no-backport
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@xwa153 @blake @sarahalsmiller