Backport of security: fine-tune release scanner and bump coredns into release/1.18.x (#21042)

security: fine-tune release scanner and bump coredns

Co-authored-by: dduzgun-security <deniz.duzgun@hashicorp.com>

.release/security-scan.hcl

@@ -42,6 +42,13 @@ container {
 				"CVE-2023-46219", # curl@8.4.0-r0
 				"CVE-2023-5678",  # openssl@3.1.4-r0
 			]
+			paths = [
+				"internal/tools/proto-gen-rpc-glue/e2e/consul/*",
+				"test/integration/connect/envoy/test-sds-server/*",
+				"test/integration/consul-container/*",
+				"testing/deployer/*",
+				"test-integ/*",
+			]
 		}
 	}
 }
@@ -76,6 +83,13 @@ binary {
 			vulnerabilites = [
 				"GO-2024-2631", # go-jose/v3@v3.0.3 (false positive)
 			]
+			paths = [
+				"internal/tools/proto-gen-rpc-glue/e2e/consul/*",
+				"test/integration/connect/envoy/test-sds-server/*",
+				"test/integration/consul-container/*",
+				"testing/deployer/*",
+				"test-integ/*",
+			]
 		}
 	}
 }

test/integration/connect/envoy/test-sds-server/go.mod

@@ -4,11 +4,9 @@ go 1.16
 
 require (
 	github.com/envoyproxy/go-control-plane v0.11.1
-	github.com/fatih/color v1.14.1 // indirect
+	github.com/hashicorp/consul v1.18.1
-	github.com/golang/protobuf v1.5.4 // indirect
+	github.com/hashicorp/consul/sdk v0.16.0 // indirect
-	github.com/hashicorp/consul v1.15.2
 	github.com/hashicorp/go-hclog v1.5.0
-	github.com/hashicorp/go-uuid v1.0.3 // indirect
 	golang.org/x/net v0.24.0 // indirect
 	google.golang.org/grpc v1.56.3
 )