suppressing vulnerability GO-2022-0635 for release (#4453)

* updated consul-dataplane version to 1.6.2, executed go mod tidy and added CHANGELOG.md * updated golang.org/x/net dependency to 0.34.0 to fix vulnerability https://pkg.go.dev/vuln/GO-2024-3333 * updated golang.org/x/net dependency to 0.34.0 to fix vulnerability https://pkg.go.dev/vuln/GO-2024-3333 in CNI, acceptance and control-plane submodule. * added CHANGELOG.md * suppressing vulnerability GO-2022-0635 for release
hashicorp · Jan 8, 2025 · 89d4f70 · 89d4f70
1 parent 05989a9
commit 89d4f70
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/.release/security-scan.hcl b/.release/security-scan.hcl
@@ -40,7 +40,8 @@ binary {
         "GHSA-r53h-jv2g-vpx6", 
         "CVE-2024-26147", # alias
         "GHSA-jw44-4f3j-q396", # Tracked in NET-8174
-        "CVE-2019-25210" # alias
+        "CVE-2019-25210", # alias
+        "GO-2022-0635"
       ]
     }
   }