SUSE-RU-2024:4213-1

Source
https://www.suse.com/support/update/announcement/2024/suse-ru-20244213-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-RU-2024:4213-1.json
JSON Data
https://api.test.osv.dev/v1/vulns/SUSE-RU-2024:4213-1
Related
Published
2024-12-05T16:05:58Z
Modified
2024-12-05T16:05:58Z
Summary
Recommended update for helm
Details

helm was updated to fix the following issues:

Update to version 3.16.3:

  • fix: fix label name
  • Fix typo in pkg/lint/rules/chartfile_test.go
  • Increasing the size of the runner used for releases.
  • fix(hooks): correct hooks delete order
  • Bump github.com/containerd/containerd from 1.7.12 to 1.7.23

Update to version 3.16.2:

  • Revering change unrelated to issue #13176
  • adds tests for handling of Helm index with broken chart versions #13176
  • improves handling of Helm index with broken helm chart versions #13176
  • Bump the k8s-io group with 7 updates
  • adding check-latest:true
  • Grammar fixes
  • Fix typos

Update to version 3.16.1:

  • bumping version to 1.22.7
  • Merge pull request #13327 from mattfarina/revert-11726

Update to version 3.16.0:

Helm v3.16.0 is a feature release. Users are encouraged to upgrade for the best experience. * Notable Changes - added sha512sum template function - added ActiveHelp for cmds that don't take any more args - drops very old Kubernetes versions support in helm create - add --skip-schema-validation flag to helm 'install', 'upgrade' and 'lint' - fixed bug to now use burst limit setting for discovery - Added windows arm64 support * Full changelog see https://github.com/helm/helm/releases/tag/v3.16.0

Update to version 3.15.4:

  • Bump the k8s-io group across 1 directory with 7 updates
  • Bump github.com/docker/docker

Thu Jul 11 05:39:32 UTC 2024 - opensuse_buildservice@ojkastl.de

  • Update to version 3.15.3:
    • fix(helm): Use burst limit setting for discovery
    • fixed dependencyupdatetest.go
    • fix(dependencyBuild): prevent race condition in concurrent helm dependency
    • fix: respect proxy envvars on helm install/upgrade
    • Merge pull request #13085 from alex-kattathra-johnson/issue-12961

Update to version 3.15.2:

  • fix: wrong cli description
  • fix typo in load_plugins.go
  • fix docs of DeployedAll
  • Bump github.com/docker/docker
  • bump oras minor version
  • feat(load.go): add warning on requirements.lock

Update to version 3.15.1:

  • Fixing build issue where wrong version is used

Update to version 3.15.0:

Helm v3.15.0 is a feature release. Users are encouraged to upgrade for the best experience.

  • Updating to k8s 1.30 c4e37b3 (Matt Farina)
  • bump version to v3.15.0 d7afa3b (Matt Farina)
  • bump version to 7743467 (Matt Farina)
  • Fix namespace on kubeconfig error 214fb6e (Calvin Krist)
  • Update testdata PKI with keys that have validity until 3393 (Fixes #12880) 1b75d48 (Dirk M�ller)
  • Modified how created annotation is populated based on package creation time 0a69a0d (Andrew Block)
  • Enabling hide secrets on install and upgrade dry run 25c4738 (Matt Farina)
  • Fixing all the linting errors d58d7b3 (Robert Sirchia)
  • Add a note about --dry-run displaying secrets a23dd9e (Matt Farina)
  • Updating .gitignore 8b424ba (Robert Sirchia)
  • add error messages 8d19bcb (George Jenkins)
  • Fix: Ignore alias validation error for index load 68294fd (George Jenkins)
  • validation fix 8e6a514 (Matt Farina)
  • bug: add proxy support for oci getter 94c1dea (Ricardo Maraschini)
  • Update architecture detection method 57a1bb8 (weidongkl)
  • Improve release action 4790bb9 (George Jenkins)
  • Fix grammatical error c25736c (Matt Carr)
  • Updated for review comments d2cf8c6 (MichaelMorris)
  • Add robustness to wait status checks fc74964 (MichaelMorris)
  • refactor: create a helper for checking if a release is uninstalled f908379 (Alex Petrov)
  • fix: reinstall previously uninstalled chart with --keep-history 9e198fa (Alex Petrov)

Update to version 3.14.4:

Helm v3.14.4 is a patch release. Users are encouraged to upgrade for the best experience. Users are encouraged to upgrade for the best experience.

  • refactor: create a helper for checking if a release is uninstalled 81c902a (Alex Petrov)
  • fix: reinstall previously uninstalled chart with --keep-history 5a11c76 (Alex Petrov)
  • bug: add proxy support for oci getter aa7d953 (Ricardo Maraschini)

Update to version 3.14.3:

  • Add a note about --dry-run displaying secrets
  • add error messages
  • Fix: Ignore alias validation error for index load
  • Update architecture detection method

Update to version 3.14.2 (bsc#1220207, CVE-2024-26147):

  • Fix for uninitialized variable in yaml parsing

Update to version 3.14.1 (bsc#1219969, CVE-2024-25620):

  • validation fix

Update to version 3.14.0:

  • Notable Changes
    • New helm search flag of --fail-on-no-result
    • Allow a nested tpl invocation access to defines
    • Speed up the tpl function
    • Added qps/HELM_QPS parameter that tells Kubernetes packages how to operate
    • Added --kube-version to lint command
    • The ignore pkg is now public
  • Changelog
    • Improve release action
    • Fix issues when verify generation readiness was merged
    • fix test to use the default code's k8sVersionMinor
    • lint: Add --kube-version flag to set capabilities and deprecation rules
    • Removing Asset Transparency
    • tests(pkg/engine): test RenderWithClientProvider
    • Make the ignore pkg public again
    • feature(pkg/engine): introduce RenderWithClientProvider
    • Updating Helm libraries for k8s 1.28.4
    • Remove excessive logging
    • Update CONTRIBUTING.md
    • Fixing release labelling in rollback
    • feat: move livenessProbe and readinessProbe values to default values file
    • Revert 'fix(main): fix basic auth for helm pull or push'
    • Revert 'fix(registry): address anonymous pull issue'
    • Update get-helm-3
    • Drop filterSystemLabels usage from Query method
    • Apply review suggestions
    • Update get-helm-3 to get version through get.helm.sh
    • feat: print failed hook name
    • Fixing precedence issue with the import of values.
    • chore(create): indent to spaces
    • Allow using label selectors for system labels for sql backend.
    • Allow using label selectors for system labels for secrets and configmap backends.
    • remove useless print during prepareUpgrade
    • Add missing with clause to release gh action
    • FIX Default ServiceAccount yaml
    • fix(registry): address anonymous pull issue
    • fix(registry): unswallow error
    • Fix missing run statement on release action
    • Add qps/HELM_QPS parameter
    • Write latest version to get.helm.sh bucket
    • Increased release information key name max length.
    • Pin gox to specific commit
    • Remove GoFish from package managers for installing the binary
    • Test update for 'Allow a nested tpl invocation access to defines in a containing one'
    • Test update for 'Speed up tpl'
    • Add support for RISC-V
    • lint and validate dependency metadata to reference dependencies with a unique key (name or alias)
    • Work around template.Clone omitting options
    • fix: pass 'passCredentialsAll' as env-var to getter
    • feat: pass basic auth to env-vars when running download plugins
    • helm search: New CLI Flag --fail-on-no-result
    • Update pkg/kube/ready.go
    • fix post install hook deletion due to before-hook-creation policy
    • Allow a nested tpl invocation access to defines in a containing one
    • Remove the 'reference templates' concept
    • Speed up tpl
    • ready checker- comment update
    • ready checker- remove duplicate statefulset generational check
    • Verify generation in readiness checks
    • feat(helm): add --reset-then-reuse-values flag to 'helm upgrade'
References

Affected packages

SUSE:Linux Enterprise Micro 5.5 / helm

Package

Name
helm
Purl
pkg:rpm/suse/helm&distro=SUSE%20Linux%20Enterprise%20Micro%205.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.16.3-150000.1.38.1

Ecosystem specific

{
    "binaries": [
        {
            "helm": "3.16.3-150000.1.38.1",
            "helm-bash-completion": "3.16.3-150000.1.38.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Containers 15 SP5 / helm

Package

Name
helm
Purl
pkg:rpm/suse/helm&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.16.3-150000.1.38.1

Ecosystem specific

{
    "binaries": [
        {
            "helm": "3.16.3-150000.1.38.1",
            "helm-bash-completion": "3.16.3-150000.1.38.1",
            "helm-zsh-completion": "3.16.3-150000.1.38.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Containers 15 SP6 / helm

Package

Name
helm
Purl
pkg:rpm/suse/helm&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.16.3-150000.1.38.1

Ecosystem specific

{
    "binaries": [
        {
            "helm": "3.16.3-150000.1.38.1",
            "helm-bash-completion": "3.16.3-150000.1.38.1",
            "helm-zsh-completion": "3.16.3-150000.1.38.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Package Hub 15 SP5 / helm

Package

Name
helm
Purl
pkg:rpm/suse/helm&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.16.3-150000.1.38.1

Ecosystem specific

{
    "binaries": [
        {
            "helm-fish-completion": "3.16.3-150000.1.38.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Package Hub 15 SP6 / helm

Package

Name
helm
Purl
pkg:rpm/suse/helm&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.16.3-150000.1.38.1

Ecosystem specific

{
    "binaries": [
        {
            "helm-fish-completion": "3.16.3-150000.1.38.1"
        }
    ]
}

openSUSE:Leap Micro 5.5 / helm

Package

Name
helm
Purl
pkg:rpm/opensuse/helm&distro=openSUSE%20Leap%20Micro%205.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.16.3-150000.1.38.1

Ecosystem specific

{
    "binaries": [
        {
            "helm": "3.16.3-150000.1.38.1",
            "helm-bash-completion": "3.16.3-150000.1.38.1",
            "helm-zsh-completion": "3.16.3-150000.1.38.1",
            "helm-fish-completion": "3.16.3-150000.1.38.1"
        }
    ]
}

openSUSE:Leap 15.5 / helm

Package

Name
helm
Purl
pkg:rpm/opensuse/helm&distro=openSUSE%20Leap%2015.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.16.3-150000.1.38.1

Ecosystem specific

{
    "binaries": [
        {
            "helm": "3.16.3-150000.1.38.1",
            "helm-bash-completion": "3.16.3-150000.1.38.1",
            "helm-zsh-completion": "3.16.3-150000.1.38.1",
            "helm-fish-completion": "3.16.3-150000.1.38.1"
        }
    ]
}

openSUSE:Leap 15.6 / helm

Package

Name
helm
Purl
pkg:rpm/opensuse/helm&distro=openSUSE%20Leap%2015.6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.16.3-150000.1.38.1

Ecosystem specific

{
    "binaries": [
        {
            "helm": "3.16.3-150000.1.38.1",
            "helm-bash-completion": "3.16.3-150000.1.38.1",
            "helm-zsh-completion": "3.16.3-150000.1.38.1",
            "helm-fish-completion": "3.16.3-150000.1.38.1"
        }
    ]
}