upstream/packer
1
0
Fork 0
mirror of https://github.com/hashicorp/packer.git synced 2026-06-09 08:42:33 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
packer/.release
History
Lucas Bajolet 783d5113ba release: ignore AWS SDK vulnerability for release 
The reported AWS S3 vulnerability was inherited from the go-getter
module that Packer uses for downloading files from external sources.

This vulnerability only impacts S3 uploads, therefore Packer is not
vulnerable itself as go-getter only downloads such blobs.

Since the change required to fix this advisory would be to bump the AWS
SDK to v2, this being a major change, is not something to do lightly, so
we opted to ignore this advisory for now so it doesn't block upcoming
releases.
2025-01-06 15:12:19 -05:00
..
docker Add LICENSE details to Docker release binaries 2024-04-16 13:04:48 -04:00
ci.hcl Enable ci builds for feature branches 2024-07-24 16:43:10 -04:00
packer-artifacts.hcl Add artifacts manifest (automatically generated) (#13132) 2024-08-05 14:02:39 -04:00
release-metadata.hcl [COMPLIANCE] License changes (#12568) 2023-08-10 15:53:29 -07:00
security-scan.hcl release: ignore AWS SDK vulnerability for release 2025-01-06 15:12:19 -05:00