From 21a0a633f803e8be002041bcf7356a89c3de297c Mon Sep 17 00:00:00 2001
From: santoshpulluri <santosh.pulluri@hashicorp.com>
Date: Fri, 19 Dec 2025 20:32:07 +0530
Subject: [PATCH 1/2] Add Changelog and Update Go

---
 .go-version              | 2 +-
 CHANGELOG.md             | 6 ++++++
 go.mod                   | 2 +-
 integration-tests/go.mod | 2 +-
 4 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/.go-version b/.go-version
index 69aab37d..7f6db7f2 100644
--- a/.go-version
+++ b/.go-version
@@ -1 +1 @@
-1.25.3
\ No newline at end of file
+1.25.5
\ No newline at end of file
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 4d385686..a7ddf49a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,9 @@
+## 1.7.9 (December 19, 2025)
+
+SECURITY:
+
+* Add microdnf upgrade in dockerfile to include future security fixes [[GH-936](https://github.com/hashicorp/consul-dataplane/pull/936)]
+
 ## 1.7.6 (October 28, 2025)
 
 IMPROVEMENTS:
diff --git a/go.mod b/go.mod
index 585527a3..2b6693df 100644
--- a/go.mod
+++ b/go.mod
@@ -1,6 +1,6 @@
 module github.com/hashicorp/consul-dataplane
 
-go 1.25.3
+go 1.25.5
 
 require (
 	dario.cat/mergo v1.0.0
diff --git a/integration-tests/go.mod b/integration-tests/go.mod
index 9a59ffb5..c213e16a 100644
--- a/integration-tests/go.mod
+++ b/integration-tests/go.mod
@@ -1,6 +1,6 @@
 module github.com/hashicorp/consul-dataplane/integration-tests
 
-go 1.25.3
+go 1.25.5
 
 require (
 	github.com/docker/docker v27.3.1+incompatible

From 66dfc24e486838d862bf4e08368d4408cf2ce841 Mon Sep 17 00:00:00 2001
From: santoshpulluri <santosh.pulluri@hashicorp.com>
Date: Mon, 22 Dec 2025 09:45:50 +0530
Subject: [PATCH 2/2] Suppress Vulnerabilities 1.7.9

---
 .release/security-scan.hcl | 27 ++++++++++++++++++++++++++-
 1 file changed, 26 insertions(+), 1 deletion(-)

diff --git a/.release/security-scan.hcl b/.release/security-scan.hcl
index 8ded672b..1ceadbcb 100644
--- a/.release/security-scan.hcl
+++ b/.release/security-scan.hcl
@@ -42,7 +42,32 @@ container {
         "CVE-2024-52533",
         "CVE-2025-5914",
         "CVE-2025-3277",
-        "CVE-2024-40896"
+        "CVE-2024-40896",
+        # Dependency Scanner
+        "DLA-3972-1", # var/lib/dpkg/status.d/tzdata:
+        "DLA-4085-1",
+        "DLA-4105-1",
+        "DLA-4403-1",
+        "DEBIAN-CVE-2023-5678", # var/lib/dpkg/status.d/openssl:
+        "DEBIAN-CVE-2024-0727",
+        "DEBIAN-CVE-2024-2511",
+        "DEBIAN-CVE-2024-4741",
+        "DEBIAN-CVE-2024-5535",
+        "DEBIAN-CVE-2024-9143",
+        "DEBIAN-CVE-2024-13176",
+        "DEBIAN-CVE-2025-9230",
+        "DEBIAN-CVE-2025-27587",
+        "DLA-3942-2",
+        "DLA-4176-1",
+        "DLA-4321-1"
+        # Go Modules Scanner usr/local/bin/discover
+        "GHSA-4f99-4q7p-p3gh",
+        "GO-2025-4116",
+        "GO-2025-4134",
+        "GO-2025-4135",
+        "GO-2025-4188",
+        "GHSA-f6x5-jh6r-wrfv",
+        "GHSA-j5w8-q4qc-rx2x",
       ]
     }
   }