Merge pull request #15020 from ahrtr/changelog_security_20221219

changelog: update items to address the critical and high Vulnerabilities
2022-12-19 20:18:00 +08:00 · 2022-12-19 20:18:00 +08:00 · 1c00d46b83
parent 6fc0d96b42 b7c1551250
commit 1c00d46b83
2 changed files with 16 additions and 0 deletions
--- a/CHANGELOG/CHANGELOG-3.4.md
+++ b/CHANGELOG/CHANGELOG-3.4.md
@ -13,6 +13,14 @@ Previous change logs can be found at [CHANGELOG-3.3](https://github.com/etcd-io/
 - Fix [Remove memberID from data corrupt alarm](https://github.com/etcd-io/etcd/pull/14853).
 - Fix [nil pointer panic for readonly txn due to nil response](https://github.com/etcd-io/etcd/pull/14900).

+### Security
+- Use [distroless base image](https://github.com/etcd-io/etcd/pull/15017) to address critical Vulnerabilities.
+- Bumped [some dependencies](https://github.com/etcd-io/etcd/pull/15019) to address some HIGH Vulnerabilities.
+
+### Go
+- Require [Go 1.17+](https://github.com/etcd-io/etcd/pull/15019).
+- Compile with [Go 1.17+](https://go.dev/doc/devel/release#go1.17)
+
 <hr>

 ## v3.4.22 (2022-11-02)
--- a/CHANGELOG/CHANGELOG-3.5.md
+++ b/CHANGELOG/CHANGELOG-3.5.md
@ -14,6 +14,14 @@ Previous change logs can be found at [CHANGELOG-3.4](https://github.com/etcd-io/
 ### Package `clientv3`
 - Reverted the fix to [auth invalid token and old revision errors in watch](https://github.com/etcd-io/etcd/pull/14995).

+### Security
+- Use [distroless base image](https://github.com/etcd-io/etcd/pull/15016) to address critical Vulnerabilities.
+- Bumped [some dependencies](https://github.com/etcd-io/etcd/pull/15018) to address some HIGH Vulnerabilities.
+
+### Go
+- Require [Go 1.17+](https://github.com/etcd-io/etcd/pull/15019).
+- Compile with [Go 1.17+](https://go.dev/doc/devel/release#go1.17)
+

 <hr>