Overview All releases

Version History

1.11.0 v1.11.0-alpha2 v1.11.0-alpha 1.10.3 1.10.2 1.10.1 1.10.0 1.9.5 1.9.4 1.9.3 1.9.2 v1.9.1 1.9.0

v1.9.0-alpha

1.8.7 1.8.6 1.8.5 1.8.4 1.8.3

1.8.2

1.8.1 1.8.0 1.7.11 1.7.10 1.7.9

1.7.8

1.7.7

1.7.6

1.7.5

1.7.4

1.7.3

1.7.2

1.7.1

1.7.0

1.6.6

1.6.5

1.6.4

1.6.3

1.6.2

1.6.1

1.6.0

1.5.6

1.5.5

1.5.4

1.5.3

1.5.2

1.5.1

1.5.0

1.4.5

1.4.4

1.4.3

1.4.2

1.4.1

1.4.0

1.3.5

1.3.4

1.3.3

1.3.2

1.3.1

1.3.0

1.2.5

1.2.4

1.2.3

1.2.2

1.2.1

1.2.0

1.1.3

1.1.2

1.1.1

1.1.0

1.0.4

1.0.3

1.0.2

1.0.1

1.0.0

0.12.3

0.12.2

0.12.1

0.12.0

0.11.0

0.10.2

0.10.1

0.10.0

0.9.0

0.8.6

0.8.5

0.8.2

0.8.1

0.8.0

0.7.5

0.7.2

0.7.1

0.7.0

0.6.1

0.6.0

0.5.2

0.5.1

0.5.0

0.4.1

0.4.0

0.3.11

0.3.10

0.3.9

0.3.8

0.3.7

0.3.6

0.3.5

0.3.4

0.3.3

0.3.2

0.3.1

0.3.0

0.2.3

0.2.2

0.2.1

0.2.0

0.1.5

0.1.4

0.1.3

0.1.2

0.1.1

0.1.0

nightly

Packer - 1.8.2

Security

(June 21, 2022)

NOTES:

The Packer plugin SDK includes the latest version of the go-getter library,
which has been updated to a address the vulnerabilities listed in
HCSEC-2022-13. The updated SDK contains can
be breaking for some plugins as the updated go-getter settings in the SDK
prevent reading/writing through symlinks and to sub-directories that
require upward path traversal (e.g /tmp/.../etc/hosts). The updates also
includes a 30 minute maximum timeout for file downloading, which can be an
issue for very large or slow downloads if they exceed more then 30 minutes
to complete.

SECURITY:

Bump packer-plugin-sdk to v0.3.0 to address reported vulnerabilities within
the go-getter library.
GH-11843
Bump plugins relying on go-getter for downloading remote files to address
reported vulnerabilities within the go-getter library. See
HCSEC-2022-13 for details.
GH-11844

FEATURES:

Future Scaffolding: This release contains changes that allow Packer core to
validate that a newly built image is a direct child of a HCP Packer
registry source image. This feature is only available for HCP Packer
enabled builds using the hcp_packer_image data source for setting a
builder's source image.
GH-11832

IMPROVEMENTS:

Add pause_after configuration argument to Powershell provisioner.
GH-11792
HCP Packer data sources will now fail for revoked iterations to prevent building non-compliant images.
GH-11854

BUG FIXES:

Add missing support for the env configuration argument in remote shell
provisioners. GH-11819
The preinst and postrm user scripts, including the service configuration
directives, have been removed from the Packer rpm installations packages,
as Packer does not require a service user in order to run.
GH-11831

Security

Security wording was detected, but no CVEs were found.

Details

date

June 21, 2022, midnight

name

1.8.2

type

Patch

official page

https://github.com/hashicorp/packer/blob/master/CHANGELOG.md/#182

👇

Register or login to:

🔍View and search all Packer releases.
🛠️Create and share lists to track your tools.
🚨Setup notifications for major, security, feature or patch updates.
🚀Much more coming soon!

Continue with GitHub

Continue with Google

or

Username

Email

Password

Password (again)

leave this field blank to prove your humanity