Merge pull request #413 from aws-solutions/release/v2.1.7

Release v2.1.7

Author: amzn-gaod

CHANGELOG.md

@@ -5,6 +5,12 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [2.1.7] - 2024-08-26
+
+### Security
+
+- Upgraded vulnerable packages
+
 ## [2.1.6] - 2024-07-02
 
 ### Security

NOTICE

@@ -48,7 +48,6 @@ lodash under the Massachusetts Institute of Technology license
 number-to-words under the Massachusetts Institute of Technology license
 outcome under the Apache License Version 2.0
 pluggy under the Massachusetts Institute of Technology license
-PySocks under the BSD license
 pytest under the Massachusetts Institute of Technology license
 pytest-cov under the Massachusetts Institute of Technology license
 python-dateutil under the Apache License Version 2.0

SECURITY.md

@@ -0,0 +1,11 @@
+# Reporting Security Issues
+
+We take all security reports seriously.
+When we receive such reports,
+we will investigate and subsequently address
+any potential vulnerabilities as quickly as possible.
+If you discover a potential security issue in this project,
+please notify AWS/Amazon Security via our
+[vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/)
+or directly via email to [AWS Security](mailto:[email protected]).
+Please do *not* create a public GitHub issue in this project.

deployment/content-localization-on-aws.yaml

@@ -24,7 +24,7 @@ Conditions:
 Mappings:
   MediaInsights:
     Release:
-      Version: "v5.1.7"
+      Version: "v5.1.8"
   Application:
     SourceCode:
       GlobalS3Bucket: "%%GLOBAL_BUCKET_NAME%%"