From 11925d77f0e35ec2c2e6147839db91b659795b45 Mon Sep 17 00:00:00 2001
From: Michael Wilkerson <mwilkerson@hashicorp.com>
Date: Mon, 18 Mar 2024 16:30:07 +0000
Subject: [PATCH 1/2] backport of commit
 e9e2250c1da4aee03c1aa1d13b384fd288a2250f

---
 .release/security-scan.hcl | 1 +
 scan.hcl                   | 1 +
 2 files changed, 2 insertions(+)

diff --git a/.release/security-scan.hcl b/.release/security-scan.hcl
index 257a2954a2..7a2b56ee33 100644
--- a/.release/security-scan.hcl
+++ b/.release/security-scan.hcl
@@ -39,6 +39,7 @@ binary {
         # NET-8174 (2024-02-26): Missing YAML Content Leads To Panic (requires malicious plugin)
         "GHSA-r53h-jv2g-vpx6", 
         "CVE-2024-26147", # alias
+        "GHSA-jw44-4f3j-q396", # alias
       ]
     }
   }
diff --git a/scan.hcl b/scan.hcl
index 402f81f950..76331e700e 100644
--- a/scan.hcl
+++ b/scan.hcl
@@ -39,6 +39,7 @@ repository {
         # NET-8174 (2024-02-26): Missing YAML Content Leads To Panic (requires malicious plugin)
         "GHSA-r53h-jv2g-vpx6", 
         "CVE-2024-26147", # alias
+        "GHSA-jw44-4f3j-q396", # alias
       ]
     }
   }

From 7922e667881110ecd464135598d7bfc804694fa5 Mon Sep 17 00:00:00 2001
From: Michael Wilkerson <mwilkerson@hashicorp.com>
Date: Mon, 18 Mar 2024 21:24:37 +0000
Subject: [PATCH 2/2] backport of commit
 9a7a0e5b8b7d4e0c682cc572ed2876da77300c63

---
 .release/security-scan.hcl | 3 ++-
 scan.hcl                   | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/.release/security-scan.hcl b/.release/security-scan.hcl
index 7a2b56ee33..5ae5e513d2 100644
--- a/.release/security-scan.hcl
+++ b/.release/security-scan.hcl
@@ -39,7 +39,8 @@ binary {
         # NET-8174 (2024-02-26): Missing YAML Content Leads To Panic (requires malicious plugin)
         "GHSA-r53h-jv2g-vpx6", 
         "CVE-2024-26147", # alias
-        "GHSA-jw44-4f3j-q396", # alias
+        "GHSA-jw44-4f3j-q396", # Tracked in NET-8174
+        "CVE-2019-25210" # alias
       ]
     }
   }
diff --git a/scan.hcl b/scan.hcl
index 76331e700e..d151d9c64c 100644
--- a/scan.hcl
+++ b/scan.hcl
@@ -39,7 +39,8 @@ repository {
         # NET-8174 (2024-02-26): Missing YAML Content Leads To Panic (requires malicious plugin)
         "GHSA-r53h-jv2g-vpx6", 
         "CVE-2024-26147", # alias
-        "GHSA-jw44-4f3j-q396", # alias
+        "GHSA-jw44-4f3j-q396", # Tracked in NET-8174
+        "CVE-2019-25210" # alias
       ]
     }
   }