edit: security changelog #22995

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Merged

dduzgun-security merged 1 commit into main from changelog/update-sec-v1.22

Oct 29, 2025

+11 −11

Collaborator

dduzgun-security commented Oct 28, 2025

Description

Upon internal discussion, we've decided to not issue a CVE for this fix. As mentioned in our security model, customers should enable ACLs and set the default policies to deny all. When proper Key/value rules are in place, the path traversal isn't allowed.

Testing & Reproduction steps

Links

PR Checklist

updated test coverage
external facing docs updated
appropriate backport labels added
not a security concern

PCI review checklist

I have documented a clear reason for, and description of, the change I am making.
If applicable, I've documented a plan to revert these changes if they require more than reverting the pull request.
If applicable, I've documented the impact of any changes to security controls.

Examples of changes to security controls include using new access control methods, adding or removing logging pipelines, etc.


          edit security changelog

cfaafb0

dduzgun-security requested review from a team as code owners

October 28, 2025 20:41

github-actions bot added the type/docs label

vercel bot deployed to Preview – consul

October 28, 2025 20:43

View deployment

sanikachavan5 approved these changes

View reviewed changes

dduzgun-security added pr/no-changelog backport/all labels

dduzgun-security merged commit 8c01a95 into main

92 of 103 checks passed

hc-github-team-consul-core added backport/1.22 backport/ent/1.18 backport/ent/1.20 backport/ent/1.21 labels

hc-github-team-consul-core mentioned this pull request

Backport of edit: security changelog into release/1.22.x #23000

Merged

7 tasks

Collaborator

hc-github-team-consul-core commented Oct 30, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

14 similar comments

Collaborator

hc-github-team-consul-core commented Oct 31, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Collaborator

hc-github-team-consul-core commented Nov 1, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Collaborator

hc-github-team-consul-core commented Nov 2, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Collaborator

hc-github-team-consul-core commented Nov 3, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Collaborator

hc-github-team-consul-core commented Nov 4, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Collaborator

hc-github-team-consul-core commented Nov 5, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Collaborator

hc-github-team-consul-core commented Nov 7, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Collaborator

hc-github-team-consul-core commented Nov 8, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Collaborator

hc-github-team-consul-core commented Nov 9, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Collaborator

hc-github-team-consul-core commented Nov 10, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Collaborator

hc-github-team-consul-core commented Nov 11, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Collaborator

hc-github-team-consul-core commented Nov 12, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Collaborator

hc-github-team-consul-core commented Nov 13, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Collaborator

hc-github-team-consul-core commented Nov 14, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Collaborator

hc-github-team-consul-core commented Nov 15, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

25 similar comments

Collaborator

hc-github-team-consul-core commented Nov 16, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Collaborator

hc-github-team-consul-core commented Nov 17, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Collaborator

hc-github-team-consul-core commented Nov 18, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Collaborator

hc-github-team-consul-core commented Nov 19, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Collaborator

hc-github-team-consul-core commented Nov 20, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Collaborator

hc-github-team-consul-core commented Nov 21, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Collaborator

hc-github-team-consul-core commented Nov 22, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Collaborator

hc-github-team-consul-core commented Nov 23, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Collaborator

hc-github-team-consul-core commented Nov 24, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Collaborator

hc-github-team-consul-core commented Nov 25, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Collaborator

hc-github-team-consul-core commented Nov 26, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Collaborator

hc-github-team-consul-core commented Nov 27, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Collaborator

hc-github-team-consul-core commented Nov 28, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Collaborator

hc-github-team-consul-core commented Nov 29, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Collaborator

hc-github-team-consul-core commented Nov 30, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Collaborator

hc-github-team-consul-core commented Dec 1, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Collaborator

hc-github-team-consul-core commented Dec 2, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Collaborator

hc-github-team-consul-core commented Dec 3, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Collaborator

hc-github-team-consul-core commented Dec 4, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Collaborator

hc-github-team-consul-core commented Dec 6, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Collaborator

hc-github-team-consul-core commented Dec 7, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Collaborator

hc-github-team-consul-core commented Dec 8, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Collaborator

hc-github-team-consul-core commented Dec 9, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Collaborator

hc-github-team-consul-core commented Dec 10, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Collaborator

hc-github-team-consul-core commented Dec 11, 2025

📣 Hi @dduzgun-security! a backport is missing for this PR [22995] for versions [1.18,1.20,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

backport/all backport/ent/1.18 backport/ent/1.20 backport/ent/1.21 backport/1.22 pr/no-changelog type/docs