AU-dotnet: 3 updated

[skip ci]
flcdrg · Oct 31, 2024 · 7e0f9ab · 7e0f9ab
1 parent 457ab6b
commit 7e0f9ab
Show file tree

Hide file tree

Showing 7 changed files with 24 additions and 241 deletions.
diff --git a/consul/consul.nuspec b/consul/consul.nuspec
@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2011/08/nuspec.xsd">
   <metadata>
     <id>consul</id>
-    <version>1.20.0</version>
+    <version>1.20.1</version>
     <title>Consul</title>
     <authors>Mitchell Hashimoto, Armon Dadgar, HashiCorp</authors>
     <owners>cleung2010, flcdrg</owners>
@@ -30,36 +30,21 @@ For example:
  * `--params="'/agentargs=""-config-file %PROGRAMDATA%\consul\dsc-config\default.json -client 10.0.0.1""'"` (be cautious of quotes)
 
 For setting Consul agent CLI options, it is better dropping a `config.hcl` into `%PROGRAMDATA%\consul\config` instead of setting them with package parameters.
-    </description><releaseNotes><![CDATA[### 1.20.0 (October 14, 2024)
+    </description><releaseNotes><![CDATA[### 1.20.1 (October 29, 2024)
+BREAKING CHANGES:
 
-SECURITY:
-
-* Explicitly set 'Content-Type' header to mitigate XSS vulnerability. [[GH-21704](https://github.com/hashicorp/consul/issues/21704)]
-* Implement HTML sanitization for user-generated content to prevent XSS attacks in the UI. [[GH-21711](https://github.com/hashicorp/consul/issues/21711)]
-* UI: Remove codemirror linting due to package dependency [[GH-21726](https://github.com/hashicorp/consul/issues/21726)]
-* Upgrade Go to use 1.22.7. This addresses CVE 
-[CVE-2024-34155](https://nvd.nist.gov/vuln/detail/CVE-2024-34155) [[GH-21705](https://github.com/hashicorp/consul/issues/21705)]
-* Upgrade to support aws/aws-sdk-go `v1.55.5 or higher`. This resolves CVEs
-[CVE-2020-8911](https://nvd.nist.gov/vuln/detail/cve-2020-8911) and 
-[CVE-2020-8912](https://nvd.nist.gov/vuln/detail/cve-2020-8912). [[GH-21684](https://github.com/hashicorp/consul/issues/21684)]
-* ui: Pin a newer resolution of Braces [[GH-21710](https://github.com/hashicorp/consul/issues/21710)]
-* ui: Pin a newer resolution of Codemirror [[GH-21715](https://github.com/hashicorp/consul/issues/21715)]
-* ui: Pin a newer resolution of Markdown-it [[GH-21717](https://github.com/hashicorp/consul/issues/21717)]
-* ui: Pin a newer resolution of ansi-html [[GH-21735](https://github.com/hashicorp/consul/issues/21735)]
+* mesh: Enable Envoy `HttpConnectionManager.normalize_path` by default on inbound traffic to mesh proxies. This resolves [CVE-2024-10005](https://nvd.nist.gov/vuln/detail/CVE-2024-10005). [[GH-21816](https://github.com/hashicorp/consul/issues/21816)]
 
-FEATURES:
+SECURITY:
 
-* grafana: added the dashboards service-to-service dashboard, service dashboard, and consul dataplane dashboard [[GH-21806](https://github.com/hashicorp/consul/issues/21806)]
-* server: remove v2 tenancy, catalog, and mesh experiments [[GH-21592](https://github.com/hashicorp/consul/issues/21592)]
+* mesh: Add `contains` and `ignoreCase` to L7 Intentions HTTP header matching criteria to support configuration resilient to variable casing and multiple values. This resolves [CVE-2024-10006](https://nvd.nist.gov/vuln/detail/CVE-2024-10006). [[GH-21816](https://github.com/hashicorp/consul/issues/21816)]
+* mesh: Add `http.incoming.requestNormalization` to Mesh configuration entry to support inbound service traffic request normalization. This resolves [CVE-2024-10005](https://nvd.nist.gov/vuln/detail/CVE-2024-10005) and [CVE-2024-10006](https://nvd.nist.gov/vuln/detail/CVE-2024-10006). [[GH-21816](https://github.com/hashicorp/consul/issues/21816)]
 
 IMPROVEMENTS:
 
-* security: upgrade ubi base image to 9.4 [[GH-21750](https://github.com/hashicorp/consul/issues/21750)]
-* connect: Add Envoy 1.31 and 1.30 to support matrix [[GH-21616](https://github.com/hashicorp/consul/issues/21616)]
-
-BUG FIXES:
-
-* jwt-provider: change dns lookup family from the default of AUTO which would prefer ipv6 to ALL if LOGICAL_DNS is used or PREFER_IPV4 if STRICT_DNS is used to gracefully handle transitions to ipv6. [[GH-21703](https://github.com/hashicorp/consul/issues/21703)]
+* api: remove dependency on proto-public, protobuf, and grpc [[GH-21780](https://github.com/hashicorp/consul/issues/21780)]
+* snapshot agent: **(Enterprise only)**  Implement Service Principal Auth for snapshot agent on azure.
+* xds: configures Envoy to load balance over all instances of an external service configured with hostnames when "envoy_dns_discovery_type" is set to "STRICT_DNS" [[GH-21655](https://github.com/hashicorp/consul/issues/21655)]
 
 ]]></releaseNotes>
     <summary>Consul is a tool for service discovery, monitoring and configuration.</summary>

diff --git a/consul/tools/chocolateyInstall.ps1 b/consul/tools/chocolateyInstall.ps1
@@ -5,11 +5,11 @@ $packageParameters = Get-PackageParameters
 # Download and unzip consul
 $package = @{
   PackageName   = 'consul'
-  Url           = 'https://releases.hashicorp.com/consul/1.20.0/consul_1.20.0_windows_386.zip'
-  Url64bit      = 'https://releases.hashicorp.com/consul/1.20.0/consul_1.20.0_windows_amd64.zip'
+  Url           = 'https://releases.hashicorp.com/consul/1.20.1/consul_1.20.1_windows_386.zip'
+  Url64bit      = 'https://releases.hashicorp.com/consul/1.20.1/consul_1.20.1_windows_amd64.zip'
   UnzipLocation = $toolsPath
-  Checksum      = 'c450a44852c39091f8df2f20b26798883cb8f3c0badf44b6185c5810a0f38bef'
-  Checksum64    = '96249ae33372a76aed411afba52c1f228a102f8b9d72eae2a341c732856afacc'
+  Checksum      = 'b0a4f5bb78b4789e8a96222919c676397c8946d80f03c8349ef5e86786635bbf'
+  Checksum64    = '9b48a9404997d2b159ca5e5c6be257bfc5e8a46b0f157c50ae1d506782009024'
   ChecksumType  = 'sha256'
 }
 Install-ChocolateyZipPackage @package

diff --git a/rode-connect/current.json b/rode-connect/current.json
@@ -1,7 +1,7 @@
 {
-  "lastModified": null,
   "eTag": [
-    "\"d6581752fd433a9730bf6c5fc49718d0-1\""
+    "\"78ac0e3f54853de8de54b46d9025633e-1\""
   ],
-  "version": "1.3.39"
+  "lastModified": null,
+  "version": "1.3.43"
 }
diff --git a/rode-connect/rode-connect.nuspec b/rode-connect/rode-connect.nuspec
@@ -3,7 +3,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>rode-connect</id>
-    <version>1.3.39</version>
+    <version>1.3.43</version>
     <packageSourceUrl>https://github.com/flcdrg/au-packages/tree/master/rode-connect</packageSourceUrl>
     <owners>flcdrg</owners>
     <title>RØDE Connect</title>

diff --git a/rode-connect/tools/chocolateyinstall.ps1 b/rode-connect/tools/chocolateyinstall.ps1
@@ -1,8 +1,8 @@
 $ErrorActionPreference = 'Stop';
 $toolsDir     = "$(Split-Path -parent $MyInvocation.MyCommand.Definition)"
 
-$checksum = '13AF5C1400BB2D856D622EAB6D7BAAD66BA75858CFB914891275B3A69677E6AC';
-$relativePath = 'RODEConnect_Full (1.3.39).msi';
+$checksum = '5E99135387649A5604B49583C3585F093971092850DF1457B9DED5BC85401A31';
+$relativePath = 'RODEConnect_Full (1.3.43).msi';
 
 
 if ([Version] (Get-CimInstance Win32_OperatingSystem).Version -lt [version] "10.0.17134.0") {

diff --git a/vault/tools/chocolateyInstall.ps1 b/vault/tools/chocolateyInstall.ps1
@@ -3,9 +3,9 @@
   Url                 = "https://releases.hashicorp.com/vault/$($env:ChocolateyPackageVersion)/vault_$($env:ChocolateyPackageVersion)_windows_386.zip"
   UnzipLocation       = "$(Split-Path -parent $MyInvocation.MyCommand.Definition)"
   Url64               = "https://releases.hashicorp.com/vault/$($env:ChocolateyPackageVersion)/vault_$($env:ChocolateyPackageVersion)_windows_amd64.zip"
-  Checksum            = '782564a59806360fa672d2e7e6a2c08b805f0db31d1e2d55936872b789d31262'
+  Checksum            = '7a242b06868c5de5a0e37246a78be5e1d78ffabd9866d2fda4db3ae0abe4c9d4'
   ChecksumType        = 'sha256'
-  Checksum64          = 'fb673aeb50be55b7f5a68cded0162a68db2e271626958abfcad523760405298f'
+  Checksum64          = '73935235e81da711f36b26560d8b47ee62a72d7c8122ada68cdf5fbc6ddacec0'
   version             = $env:ChocolateyPackageVersion
 }