mirror of
https://github.com/opentffoundation/opentf.git
synced 2025-12-19 17:59:05 -05:00
f6c6a88fe8
This this includes some security fixes that don't impact Terraform along with a number of general improvements and fixes in the Go toolchain that don't appear to affect Terraform behavior. - URL parsing (such as in the "source" argument in a "module" block) now validates more strictly the port portion, rejecting non-numeric ports. Previously this could potentially lead to parts of the URL being silently ignored. - The temporary callback server for the forthcoming OAuth client implementation in "terraform login" would otherwise have been vulnerable to local (on the same host) denial of service attacks, which is not a common attack vector but good to fix anyway.
2 lines
7 B
Plaintext
2 lines
7 B
Plaintext
1.12.8
|