Summary: | <app-admin/terraform-1.2.2: bundles vulnerable go-getter | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | williamh, zlogene |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://discuss.hashicorp.com/t/hcsec-2022-13-multiple-vulnerabilities-in-go-getter-library/39930 | ||
Whiteboard: | B2 [noglsa] | ||
Package list: | Runtime testing required: | --- |
Description
John Helmert III
2022-05-28 22:39:08 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=aa26e16b7363bec0c99a1cd145db4d1e474c883b commit aa26e16b7363bec0c99a1cd145db4d1e474c883b Author: William Hubbs <williamh@gentoo.org> AuthorDate: 2022-06-22 19:30:29 +0000 Commit: William Hubbs <williamh@gentoo.org> CommitDate: 2022-06-22 19:31:59 +0000 app-admin/terraform: stabilize 1.2.2 for amd64 Bug: https://bugs.gentoo.org/847988 Signed-off-by: William Hubbs <williamh@gentoo.org> app-admin/terraform/terraform-1.2.2.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=03e7a1c9d769adc424f2004394ee9cef010bdfea commit 03e7a1c9d769adc424f2004394ee9cef010bdfea Author: William Hubbs <williamh@gentoo.org> AuthorDate: 2022-06-22 19:41:23 +0000 Commit: William Hubbs <williamh@gentoo.org> CommitDate: 2022-06-22 19:42:16 +0000 app-admin/terraform: drop vulnerable versions Bug: https://bugs.gentoo.org/847988 Closes: https://bugs.gentoo.org/844283 Signed-off-by: William Hubbs <williamh@gentoo.org> app-admin/terraform/Manifest | 1474 -------------------------- app-admin/terraform/terraform-0.14.10.ebuild | 961 ----------------- app-admin/terraform/terraform-0.14.11.ebuild | 34 - app-admin/terraform/terraform-0.15.5.ebuild | 1075 ------------------- app-admin/terraform/terraform-1.0.1.ebuild | 1075 ------------------- app-admin/terraform/terraform-1.0.10.ebuild | 1091 ------------------- app-admin/terraform/terraform-1.0.3.ebuild | 1089 ------------------- app-admin/terraform/terraform-1.0.4.ebuild | 1089 ------------------- app-admin/terraform/terraform-1.0.5.ebuild | 1085 ------------------- app-admin/terraform/terraform-1.0.6.ebuild | 1091 ------------------- app-admin/terraform/terraform-1.0.7.ebuild | 1091 ------------------- app-admin/terraform/terraform-1.0.8.ebuild | 1091 ------------------- app-admin/terraform/terraform-1.0.9.ebuild | 1091 ------------------- app-admin/terraform/terraform-1.1.2.ebuild | 1217 --------------------- app-admin/terraform/terraform-1.1.5.ebuild | 1217 --------------------- app-admin/terraform/terraform-1.1.7.ebuild | 32 - 16 files changed, 15803 deletions(-) Thanks! It doesn't seem terraform is actually vulnerable here (hashicorp never put out an advisory for it), but we're fixed now anyway. |