Skip to content

fix: Unable to use http_interface with Proxmox provider hashicorp/packer#10369 #2

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
azr merged 1 commit into from
Jan 4, 2021
Merged

fix: Unable to use http_interface with Proxmox provider hashicorp/packer#10369 #2

azr merged 1 commit into from
Jan 4, 2021

Conversation

@blz-ea
Copy link

@blz-ea blz-ea commented Jan 1, 2021
edited
Loading

azr
azr approved these changes Jan 4, 2021
View reviewed changes
Copy link
Contributor

@azr azr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@azr azr merged commit 17601a2 into hashicorp:main Jan 4, 2021
nywilken added a commit that referenced this pull request Oct 2, 2023
@nywilken
Bump Go tool chain to 1.20
597703b 
This change was made to address a number of vulnerabilities reported by
govulncheck

```
~>  govulncheck ./...
Scanning your code and 599 packages across 99 dependent modules for known vulnerabilities...

Vulnerability #1: GO-2023-2043
    Improper handling of special tags within script contexts in html/template
  More info: https://pkg.go.dev/vuln/GO-2023-2043
  Standard library
    Found in: html/[email protected]
    Fixed in: html/[email protected]
    Example traces found:
      #1: multistep/commonsteps/step_http_server.go:123:2: commonsteps.StepHTTPServer.Run calls http.Server.Serve, which eventually calls template.Template.Execute
      #2: multistep/commonsteps/step_http_server.go:123:2: commonsteps.StepHTTPServer.Run calls http.Server.Serve, which eventually calls template.Template.ExecuteTemplate

Vulnerability #2: GO-2023-2041
    Improper handling of HTML-like comments in script contexts in html/template
  More info: https://pkg.go.dev/vuln/GO-2023-2041
  Standard library
    Found in: html/[email protected]
    Fixed in: html/[email protected]
    Example traces found:
      #1: multistep/commonsteps/step_http_server.go:123:2: commonsteps.StepHTTPServer.Run calls http.Server.Serve, which eventually calls template.Template.Execute
      #2: multistep/commonsteps/step_http_server.go:123:2: commonsteps.StepHTTPServer.Run calls http.Server.Serve, which eventually calls template.Template.ExecuteTemplate

Your code is affected by 2 vulnerabilities from the Go standard library.

```
nywilken added a commit that referenced this pull request Oct 2, 2023
@nywilken
Bump Go tool chain to 1.20
fd541be 
This change was made to address a number of vulnerabilities reported by govulncheck in Go 1.19.13
Support for Go1.19 is removed with this change. Moving forward the minimum Go version will be bumped after a
new Go minor version is released.

```
~>  govulncheck ./...
Scanning your code and 599 packages across 99 dependent modules for known vulnerabilities...

Vulnerability #1: GO-2023-2043
    Improper handling of special tags within script contexts in html/template
  More info: https://pkg.go.dev/vuln/GO-2023-2043
  Standard library
    Found in: html/[email protected]
    Fixed in: html/[email protected]
    Example traces found:
      #1: multistep/commonsteps/step_http_server.go:123:2: commonsteps.StepHTTPServer.Run calls http.Server.Serve, which eventually calls template.Template.Execute
      #2: multistep/commonsteps/step_http_server.go:123:2: commonsteps.StepHTTPServer.Run calls http.Server.Serve, which eventually calls template.Template.ExecuteTemplate

Vulnerability #2: GO-2023-2041
    Improper handling of HTML-like comments in script contexts in html/template
  More info: https://pkg.go.dev/vuln/GO-2023-2041
  Standard library
    Found in: html/[email protected]
    Fixed in: html/[email protected]
    Example traces found:
      #1: multistep/commonsteps/step_http_server.go:123:2: commonsteps.StepHTTPServer.Run calls http.Server.Serve, which eventually calls template.Template.Execute
      #2: multistep/commonsteps/step_http_server.go:123:2: commonsteps.StepHTTPServer.Run calls http.Server.Serve, which eventually calls template.Template.ExecuteTemplate

Your code is affected by 2 vulnerabilities from the Go standard library.

```
nywilken added a commit that referenced this pull request Oct 13, 2023
@nywilken
Bump Go tool chain to 1.20
2ed94e4 
This change was made to address a number of vulnerabilities reported by govulncheck in Go 1.19.13
Support for Go1.19 is removed with this change. Moving forward the minimum Go version will be bumped after a
new Go minor version is released.

```
~>  govulncheck ./...
Scanning your code and 599 packages across 99 dependent modules for known vulnerabilities...

Vulnerability #1: GO-2023-2043
    Improper handling of special tags within script contexts in html/template
  More info: https://pkg.go.dev/vuln/GO-2023-2043
  Standard library
    Found in: html/[email protected]
    Fixed in: html/[email protected]
    Example traces found:
      #1: multistep/commonsteps/step_http_server.go:123:2: commonsteps.StepHTTPServer.Run calls http.Server.Serve, which eventually calls template.Template.Execute
      #2: multistep/commonsteps/step_http_server.go:123:2: commonsteps.StepHTTPServer.Run calls http.Server.Serve, which eventually calls template.Template.ExecuteTemplate

Vulnerability #2: GO-2023-2041
    Improper handling of HTML-like comments in script contexts in html/template
  More info: https://pkg.go.dev/vuln/GO-2023-2041
  Standard library
    Found in: html/[email protected]
    Fixed in: html/[email protected]
    Example traces found:
      #1: multistep/commonsteps/step_http_server.go:123:2: commonsteps.StepHTTPServer.Run calls http.Server.Serve, which eventually calls template.Template.Execute
      #2: multistep/commonsteps/step_http_server.go:123:2: commonsteps.StepHTTPServer.Run calls http.Server.Serve, which eventually calls template.Template.ExecuteTemplate

Your code is affected by 2 vulnerabilities from the Go standard library.

```
nywilken added a commit that referenced this pull request Oct 16, 2023
@nywilken
Bump Go tool chain to 1.20
7128c8a 
This change was made to address a number of vulnerabilities reported by govulncheck in Go 1.19.13
Support for Go1.19 is removed with this change. Moving forward the minimum Go version will be bumped after a
new Go minor version is released.

```
~>  govulncheck ./...
Scanning your code and 599 packages across 99 dependent modules for known vulnerabilities...

Vulnerability #1: GO-2023-2043
    Improper handling of special tags within script contexts in html/template
  More info: https://pkg.go.dev/vuln/GO-2023-2043
  Standard library
    Found in: html/[email protected]
    Fixed in: html/[email protected]
    Example traces found:
      #1: multistep/commonsteps/step_http_server.go:123:2: commonsteps.StepHTTPServer.Run calls http.Server.Serve, which eventually calls template.Template.Execute
      #2: multistep/commonsteps/step_http_server.go:123:2: commonsteps.StepHTTPServer.Run calls http.Server.Serve, which eventually calls template.Template.ExecuteTemplate

Vulnerability #2: GO-2023-2041
    Improper handling of HTML-like comments in script contexts in html/template
  More info: https://pkg.go.dev/vuln/GO-2023-2041
  Standard library
    Found in: html/[email protected]
    Fixed in: html/[email protected]
    Example traces found:
      #1: multistep/commonsteps/step_http_server.go:123:2: commonsteps.StepHTTPServer.Run calls http.Server.Serve, which eventually calls template.Template.Execute
      #2: multistep/commonsteps/step_http_server.go:123:2: commonsteps.StepHTTPServer.Run calls http.Server.Serve, which eventually calls template.Template.ExecuteTemplate

Your code is affected by 2 vulnerabilities from the Go standard library.

```
nywilken pushed a commit that referenced this pull request Jun 14, 2024
Bump google.golang.org/[email protected]
0085a26 
```
~>  govulncheck ./...
=== Symbol Results ===

Vulnerability #1: GO-2024-2611
    Infinite loop in JSON unmarshaling in google.golang.org/protobuf
  More info: https://pkg.go.dev/vuln/GO-2024-2611
  Module: google.golang.org/protobuf
    Found in: google.golang.org/[email protected]
    Fixed in: google.golang.org/[email protected]
    Example traces found:
      #1: sdk-internals/communicator/winrm/communicator.go:238:22: winrm.Base64Pipe.ReadFrom calls io.ReadAll, which eventually calls json.Decoder.Peek
      #2: sdk-internals/communicator/winrm/communicator.go:238:22: winrm.Base64Pipe.ReadFrom calls io.ReadAll, which eventually calls json.Decoder.Read
      #3: sdk-internals/communicator/winrm/communicator.go:238:22: winrm.Base64Pipe.ReadFrom calls io.ReadAll, which eventually calls protojson.Unmarshal
```
nywilken pushed a commit that referenced this pull request Jun 14, 2024
Bump google.golang.org/[email protected]
8275bfc 
```
~>  govulncheck ./...
=== Symbol Results ===

Vulnerability #1: GO-2024-2611
    Infinite loop in JSON unmarshaling in google.golang.org/protobuf
  More info: https://pkg.go.dev/vuln/GO-2024-2611
  Module: google.golang.org/protobuf
    Found in: google.golang.org/[email protected]
    Fixed in: google.golang.org/[email protected]
    Example traces found:
      #1: sdk-internals/communicator/winrm/communicator.go:238:22: winrm.Base64Pipe.ReadFrom calls io.ReadAll, which eventually calls json.Decoder.Peek
      #2: sdk-internals/communicator/winrm/communicator.go:238:22: winrm.Base64Pipe.ReadFrom calls io.ReadAll, which eventually calls json.Decoder.Read
      #3: sdk-internals/communicator/winrm/communicator.go:238:22: winrm.Base64Pipe.ReadFrom calls io.ReadAll, which eventually calls protojson.Unmarshal
```
nywilken pushed a commit that referenced this pull request Jun 14, 2024
@nywilken
Bump google.golang.org/[email protected]
da5ece9 
```
~>  govulncheck ./...
=== Symbol Results ===

Vulnerability #1: GO-2024-2611
    Infinite loop in JSON unmarshaling in google.golang.org/protobuf
  More info: https://pkg.go.dev/vuln/GO-2024-2611
  Module: google.golang.org/protobuf
    Found in: google.golang.org/[email protected]
    Fixed in: google.golang.org/[email protected]
    Example traces found:
      #1: sdk-internals/communicator/winrm/communicator.go:238:22: winrm.Base64Pipe.ReadFrom calls io.ReadAll, which eventually calls json.Decoder.Peek
      #2: sdk-internals/communicator/winrm/communicator.go:238:22: winrm.Base64Pipe.ReadFrom calls io.ReadAll, which eventually calls json.Decoder.Read
      #3: sdk-internals/communicator/winrm/communicator.go:238:22: winrm.Base64Pipe.ReadFrom calls io.ReadAll, which eventually calls protojson.Unmarshal
```
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@azr azr azr approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Unable to use http_interface with Proxmox provider

2 participants

@blz-ea @azr