Skip to content

Release/0.13.4 #383

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 10 commits into
base: main
Choose a base branch
from
Open

Release/0.13.4 #383

wants to merge 10 commits into from

Conversation

@sanikachavan5
Copy link
Contributor

@sanikachavan5 sanikachavan5 commented Aug 21, 2025

PCI review checklist

  • I have documented a clear reason for, and description of, the change I am making.

  • If applicable, I've documented a plan to revert these changes if they require more than reverting the pull request.

  • If applicable, I've documented the impact of any changes to security controls.

    Examples of changes to security controls include using new access control methods, adding or removing logging pipelines, etc.

@sanikachavan5 sanikachavan5 requested review from a team as code owners August 21, 2025 08:20
sreeram77
sreeram77 requested changes Aug 21, 2025
View reviewed changes
CHANGELOG.md Outdated
## v0.13.4 (Aug 21, 2025)

SECURITY:
* Critical Golang vulnerabilities (CVE-2025-22869, CVE-2025-22871) in v0.13.3 [[GH-380](https://github.com/hashicorp/envconsul/pull/380)]
Copy link
Member

@sreeram77 sreeram77 Aug 21, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
* Critical Golang vulnerabilities (CVE-2025-22869, CVE-2025-22871) in v0.13.3 [[GH-380](https://github.com/hashicorp/envconsul/pull/380)]
* fix: critical Golang vulnerabilities (CVE-2025-22869, CVE-2025-22871) [[GH-380](https://github.com/hashicorp/envconsul/pull/380)]

sujay-hashicorp
sujay-hashicorp requested changes Aug 21, 2025
View reviewed changes
.release/security-scan.hcl
"CVE-2025-46394" # fix unavailable at time of writing
]
}
}
Copy link
Contributor

@sujay-hashicorp sujay-hashicorp Aug 21, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please remove these suppression, we don't need to merge suppression in main branch. only CHANGELOG is needed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sujay-hashicorp sujay-hashicorp sujay-hashicorp requested changes

@sreeram77 sreeram77 sreeram77 approved these changes

@sarahethompson sarahethompson Awaiting requested review from sarahethompson sarahethompson was automatically assigned from hashicorp/team-selfmanaged-releng

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@sanikachavan5 @sreeram77 @sujay-hashicorp