Skip to content

Packer

v1.15.4 Security

This release includes 2 security fixes for security teams reviewing exposed deployments.

Published 14h Infrastructure as Code
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 2 known CVEs

Affected surfaces

deps crypto_tls

Summary

AI summary

Updates BUG FIXES, deps, and INTERNAL across a mixed release.

Changes in this release

Dependency Low

Bumped packer-plugin-sdk dependency to 0.6.9.

Bumped packer-plugin-sdk dependency to 0.6.9.

Source: llm_adapter@2026-06-03

Confidence: high
Dependency Low

Updated cloud.google.com/go and aws-sdk-go-v2 related dependencies.

Updated cloud.google.com/go and aws-sdk-go-v2 related dependencies.

Source: llm_adapter@2026-06-03

Confidence: high
Dependency Low

Upgraded crypto dependency to a newer version.

Upgraded crypto dependency to a newer version.

Source: llm_adapter@2026-06-03

Confidence: low
Dependency Low

Upgraded go-git dependency to a newer version.

Upgraded go-git dependency to a newer version.

Source: llm_adapter@2026-06-03

Confidence: low
Deprecation Low

Removed Syft binary download/handling from the HCP SBOM provisioner.

Removed Syft binary download/handling from the HCP SBOM provisioner.

Source: llm_adapter@2026-06-03

Confidence: high
Bugfix Medium

Updated build constraints to support arm architecture on FreeBSD.

Updated build constraints to support arm architecture on FreeBSD.

Source: llm_adapter@2026-06-03

Confidence: high
Full changelog

1.15.4 (June 3, 2026)

BUG FIXES:

  • builder: update build constraints to support arm architecture on FreeBSD
    GH-13650

IMPROVEMENTS:

  • hcp: removes Syft binary download/handling from the HCP SBOM provisioner
    GH-13636

SECURITY:

  • deps: upgraded crypto version
    GH-13645
  • deps: upgraded go-git version
    GH-13645
  • deps: bump github.com/hashicorp/packer-plugin-sdk to 0.6.9
    GH-13640

INTERNAL:

  • build: bump Go to 1.25.10 and refresh dependencies
    GH-13646
    GH-13647
  • deps: update cloud.google.com/go and aws-sdk-go-v2 related dependencies
    GH-13610

Security Fixes

  • deps: upgraded crypto version
  • deps: upgraded go-git version
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track Packer

Get notified when new releases ship.

Sign up free

About Packer

Packer is a tool for creating identical machine images for multiple platforms from a single source configuration.

All releases →

Related context

Beta — feedback welcome: [email protected]