openSUSE-SU-2026:20662-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2026:20662-1.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/openSUSE-SU-2026:20662-1
- Upstream
- Related
- Published
- 2026-04-30T16:39:09Z
- Modified
- 2026-05-05T18:26:15.991057Z
- Summary
- Security update for hauler
- Details
-
This update for hauler fixes the following issues:
Changes in hauler:
- update to 1.4.2 (bsc#1258614, CVE-2026-24122):
- Bump github.com/theupdateframework/go-tuf/v2 from 2.3.0 to 2.3.1 in the gomodules group across 1 directory
- fix for new helm chart features
- Bump github.com/sigstore/rekor from 1.4.3 to 1.5.0 in the gomodules group across 1 directory
- Bump github.com/sigstore/sigstore from 1.10.3 to 1.10.4 in the gomodules group across 1 directory
- Bump github.com/theupdateframework/go-tuf/v2 from 2.3.1 to 2.4.1 in the gomodules group across 1 directory
- update cosign fork to 3.0.4 plus dep tidy
- fix: Fix file:// dependency chart path resolution
- update github.com/olekukonko/tablewriter to v1.1.2
- keep registry on image rewrite if not specified
- Bump github.com/theupdateframework/go-tuf/v2 from 2.3.1 to 2.4.1 in the gomodules group across 1 directory
- fix: handling of file referenced dependencies without repository field
- Bump go.opentelemetry.io/otel/sdk from 1.39.0 to 1.40.0 in the gomodules group across 1 directory
- dev.md file
- smaller changes and updates for v1.4.2 release
- update to 1.4.2 (bsc#1258614, CVE-2026-24122):
- References