SUSE-SU-2025:20196-1

Update to version 3.17.2 (bsc#1238688, CVE-2025-22870):
- Updating to 0.37.0 for x/net
- build(deps): bump the k8s-io group with 7 updates
Update to version 3.17.1:
- merge null child chart objects
- build(deps): bump the k8s-io group with 7 updates
- fix: check group for resource info match
Update to 3.17.0 (bsc#1235318, CVE-2024-45338):

Full changelog:

https://github.com/helm/helm/releases/tag/v3.17.0
- Notable Changes
  - Allow pulling and installation by OCI digest
  - Annotations and dependencies are now in chart metadata output
  - New --take-ownership flag for install and upgrade commands
  - SDK: Authorizer and registry authorizer are now configurable
  - Removed the Kubernetes configuration file permissions check
  - Added username/password to helm push and dependency build/update subcommands
  - Added toYamlPretty template function
Update to version 3.16.4 (bsc#1234482, CVE-2024-45337):
- Bump golang.org/x/crypto from 0.30.0 to 0.31.0
- Bump the k8s-io group with 7 updates

References

Affected packages

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.17.2-1.1

{
    "binaries": [
        {
            "helm": "3.17.2-1.1",
            "helm-bash-completion": "3.17.2-1.1"
        }
    ]
}

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:20196-1.json"