openSUSE-RU-2026:20161-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/openSUSE-RU-2026:20161-1.json
JSON Data
https://api.test.osv.dev/v1/vulns/openSUSE-RU-2026:20161-1
Upstream
Related
Published
2026-01-27T17:25:17Z
Modified
2026-03-12T02:05:03.721918Z
Summary
Recommended update for hauler
Details

This update for hauler fixes the following issues:

Changes in hauler:

  • Update to version 1.4.1 (bsc#1256546, CVE-2026-22772):

    • fixed typos for containerd imports (#493)
    • fix and support containerd imports of hauls (#492)
    • bump github.com/sigstore/fulcio (#489)

  • Update to version 1.4.0:

    • added/updated logging for serve and remove (#487)
    • added/fixed helm chart images/dependencies features (#485)
    • more experimental feature updates (#486)
    • add experimental notes (#483)
    • updated tempdir flag to store persistent flags (#484)
    • delete artifacts from store (#473)
    • path rewrites (#475)
    • updated/fixed workflow dependency versions (#478)

  • Update to version 1.3.2:

    • bump to latest cosign fork release (#481)
    • Bump golang.org/x/crypto in the go_modules group across 1 directory (#476)
References

Affected packages

openSUSE:Leap 16.0 / hauler

Package

Name
hauler
Purl
pkg:rpm/opensuse/hauler&distro=openSUSE%20Leap%2016.0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.4.1-bp160.1.1

Ecosystem specific 

{
    "binaries": [
        {
            "hauler": "1.4.1-bp160.1.1"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/openSUSE-RU-2026:20161-1.json"