opensuse-su-2025-20097-1
Vulnerability from csaf_opensuse
Published
2025-11-26 14:11
Modified
2025-11-26 14:11
Summary
Security update for helmfile
Notes
Title of the patch
Security update for helmfile
Description of the patch
This update for helmfile fixes the following issues:
Changes in helmfile:
Update to version 1.1.9:
* feat: update strategy for reinstall by @simbou2000 in #2019
* build(deps): bump github.com/aws/aws-sdk-go-v2/service/s3
from 1.88.7 to 1.89.0 by @dependabot[bot] in #2239
* Fix: Handle empty helmBinary in base files with environment
values by @Copilot in #2237
Update to version 1.1.8:
* build(deps): bump github.com/hashicorp/go-getter from 1.8.0 to
1.8.1 by @dependabot[bot] in #2194
* fix typos in both comment and error message by @d-fal in #2199
* cleanup disk in release ci by @yxxhero in #2203
* Migrate AWS SDK from v1 to v2 to resolve deprecation warnings
by @Copilot in #2202
* build(deps): bump github.com/helmfile/vals from 0.42.1 to 0.42.2
by @dependabot[bot] in #2200
* build(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from
1.88.2 to 1.88.3 by @dependabot[bot] in #2206
* Bump Alpine to 3.22 in Dockerfile by @orishamir in #2205
* build(deps): bump github.com/aws/aws-sdk-go-v2/config from
1.31.10 to 1.31.12 by @dependabot[bot] in #2207
* Add yq to Dockerfile by @orishamir in #2208
* fix: skip chartify for build command jsonPatches by @sstarcher
in #2212
* build(deps): bump github.com/hashicorp/go-getter from 1.8.1 to
1.8.2 by @dependabot[bot] in #2210
* build(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from
1.88.3 to 1.88.4 by @dependabot[bot] in #2213
* build(deps): bump golang.org/x/term from 0.35.0 to 0.36.0 by
@dependabot[bot] in #2214
* Avoid fetching same chart/version multiple times by @Copilot
in #2197
* build(deps): bump github.com/helmfile/vals from 0.42.2 to
0.42.4 by @dependabot[bot] in #2217
* docs: add zread badge to README by @yxxhero in #2219
* Bump helm-diff to v3.13.1 by @Copilot in #2223
* build(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from
1.88.4 to 1.88.5 by @dependabot[bot] in #2226
* build(deps): bump github.com/aws/aws-sdk-go-v2/config from
1.31.12 to 1.31.13 by @dependabot[bot] in #2225
* build(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from
1.88.5 to 1.88.6 by @dependabot[bot] in #2230
* build(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from
1.88.6 to 1.88.7 by @dependabot[bot] in #2232
* build(deps): bump github.com/aws/aws-sdk-go-v2/config from
1.31.13 to 1.31.15 by @dependabot[bot] in #2233
* Fix helmBinary and kustomizeBinary being ignored when using
bases by @Copilot in #2228
Update to version 1.1.7:
What's Changed
* fix pflag error by @zhaque44 in #2164
* build(deps): bump actions/setup-go from 5 to 6 by
@dependabot[bot] in #2166
* build(deps): bump github.com/hashicorp/go-getter from 1.7.9 to
1.7.10 by @dependabot[bot] in #2165
* build(deps): bump github.com/spf13/pflag from 1.0.9 to 1.0.10
by @dependabot[bot] in #2163
* Add helm diff installation to README by @nwneisen in #2170
* build(deps): bump github.com/hashicorp/go-getter from 1.7.10
to 1.8.0 by @dependabot[bot] in #2175
* build(deps): bump golang.org/x/term from 0.34.0 to 0.35.0 by
@dependabot[bot] in #2174
* build(deps): bump github.com/zclconf/go-cty from 1.16.4 to
1.17.0 by @dependabot[bot] in #2173
* Fix panic when helm isn't installed by @nwneisen in #2169
* build(deps): bump golang.org/x/sync from 0.16.0 to 0.17.0 by
@dependabot[bot] in #2172
* ci: update minikube and kubernetes versions by @yxxhero in #2181
* build(deps): bump k8s.io/apimachinery from 0.34.0 to 0.34.1 by
@dependabot[bot] in #2180
* Remove deprecated --wait-retries flag support to fix Helm
compatibility error by @Copilot in #2179
* build(deps): bump go.yaml.in/yaml/v2 from 2.4.2 to 2.4.3 by
@dependabot[bot] in #2183
* build: update Helm to v3.19.0 across all components by @yxxhero
in #2187
* build: update helm-diff plugin to v3.13.0 by @yxxhero in #2189
* feat: Implement caching for pulling OCI charts by @mustdiechik
in #2171
* build(deps): bump github.com/helmfile/chartify from 0.24.7 to
0.25.0 by @dependabot[bot] in #2190
- Update to version 1.1.6:
What's Changed
* build(deps): bump github.com/hashicorp/go-getter from 1.7.8 to
1.7.9 by @dependabot[bot] in #2139
* build(deps): bump github.com/zclconf/go-cty from 1.16.3 to
1.16.4 by @dependabot[bot] in #2145
* build: update helm to v3.18.6 by @yxxhero in #2144
* build(deps): bump github.com/stretchr/testify from 1.10.0 to
1.11.0 by @dependabot[bot] in #2150
* Add missing --timeout flag to helmfile sync command with
documentation by @Copilot in #2148
* Fix enableDNS flag missing in diff command and refactor
duplicate logic by @Copilot in #2147
* build(deps): bump github.com/stretchr/testify from 1.11.0 to
1.11.1 by @dependabot[bot] in #2151
* build(deps): bump github.com/ulikunitz/xz from 0.5.10 to 0.5.14
by @dependabot[bot] in #2154
* Bump github.com/ulikunitz/xz from v0.5.14 to v0.5.15 by @Copilot
in #2159
* build(deps): bump github.com/helmfile/vals from 0.42.0 to
0.42.1 by @dependabot[bot] in #2161
* build(deps): bump github.com/spf13/pflag from 1.0.7 to 1.0.9
by @dependabot[bot] in #2160
* build(deps): bump github.com/spf13/cobra from 1.9.1 to 1.10.1
by @dependabot[bot] in #2162
* Fix error propagation in helmfile diff when Kubernetes is
unreachable by @Copilot in #2149
- Update to version 1.1.5:
What's Changed
* build(deps): bump actions/checkout from 4 to 5 by
@dependabot[bot] in #2128
* Update recommended Helm versions in init.go and run.sh by
@yxxhero in #2129
* Add comprehensive .github/copilot-instructions.md for coding
agents by @Copilot in #2131
* refactor(state): extract getMissingFileHandler method for
clarity by @yxxhero in #2133
* Fix parseHelmVersion to handle helm versions without 'v'
prefix by @Copilot in #2132
* build(deps): bump k8s.io/apimachinery from 0.33.3 to 0.33.4
by @dependabot[bot] in #2136
* build(deps): bump github.com/helmfile/chartify from 0.24.6 to
0.24.7 by @dependabot[bot] in #2135
- Update to version 1.1.4:
What's Changed
* build(deps): bump github.com/helmfile/vals from 0.41.2 to
0.41.3 by @dependabot[bot] in #2100
* build(deps): bump k8s.io/apimachinery from 0.33.2 to 0.33.3
by @dependabot[bot] in #2101
* fix: update Helm version to v3.17.4 in CI and init.go by
@yxxhero in #2102
* build(deps): bump github.com/spf13/pflag from 1.0.6 to 1.0.7
by @dependabot[bot] in #2104
* feat(state): add missingFileHandlerConfig and related logic
by @yxxhero in #2105
* refactor(filesystem): add CopyDir method and optimize Fetch
function by @yxxhero in #2111
* Allow caching of remote files to be disabled by @jess-sol in
#2112
* refactor(yaml): switch yaml library import paths from gopkg.in
to go.yaml.in by @yxxhero in #2114
* build(deps): bump actions/download-artifact from 4 to 5 by
@dependabot[bot] in #2121
* build(deps): bump golang.org/x/term from 0.33.0 to 0.34.0 by
@dependabot[bot] in #2123
- Update to version 1.1.3:
What's Changed
* build: update Helm to v3.18.3 and related dependencies by
@yxxhero in #2082
* Expose release version as .Release.ChartVersion for templating
by @Simske in #2080
* build(deps): bump github.com/helmfile/chartify from 0.24.3 to
0.24.4 by @dependabot[bot] in #2083
* build(deps): bump k8s.io/apimachinery from 0.33.1 to 0.33.2
by @dependabot[bot] in #2086
* build(deps): bump github.com/helmfile/chartify from 0.24.4 to
0.24.5 by @dependabot[bot] in #2087
* build(deps): bump github.com/Masterminds/semver/v3 from 3.3.1
to 3.4.0 by @dependabot[bot] in #2089
* build(deps): bump github.com/hashicorp/hcl/v2 from 2.23.0 to
2.24.0 by @dependabot[bot] in #2092
* build: update Helm and plugin versions to v3.18.4 and v3.12.3
by @yxxhero in #2093
* docs: update status section with May 2025 release information
by @yxxhero in #2096
* build(deps): bump golang.org/x/sync from 0.15.0 to 0.16.0 by
@dependabot[bot] in #2099
* build(deps): bump golang.org/x/term from 0.32.0 to 0.33.0 by
@dependabot[bot] in #2098
- Update to version 1.1.2:
What's Changed
* build(deps): bump github.com/helmfile/chartify from 0.24.2 to
0.24.3 by @dependabot in #2065
* build: update Helm to v3.18.2 and adjust related configurations
by @yxxhero in #2064
* build(deps): bump github.com/helmfile/vals from 0.41.1 to
0.41.2 by @dependabot in #2067
* build(deps): bump golang.org/x/sync from 0.14.0 to 0.15.0
by @dependabot in #2068
* fix-insecure-flag by @anontrex in #2072
* build(deps): bump github.com/cloudflare/circl from 1.4.0 to
1.6.1 by @dependabot in #2074
* fix: update helm-diff to version 3.12.2 in CI and Dockerfiles
by @yxxhero in #2073
* fix: TestToYaml not working with 32-bit architectures by
@ProbstDJakob in #2075
- Update to version 1.1.1:
What's Changed
* Update README.md by @mumoshu in #2046
* build(deps): bump github.com/helmfile/vals from 0.41.0 to
0.41.1 by @dependabot in #2048
* build(helm) update to v3.18.0 by @yxxhero in #2044
* build(deps): bump github.com/helmfile/chartify from 0.23.0 to
0.24.1 by @dependabot in #2049
* build: update Helm and plugin versions in CI and Dockerfiles
by @yxxhero in #2059
- Update to version 1.1.0:
What's Changed
* chore: fix typo in create_test.go by @sadikkuzu in #2025
* build(deps): bump golangci/golangci-lint-action from 7 to 8 by
@dependabot in #2029
* build(deps): bump golang.org/x/sync from 0.13.0 to 0.14.0 by
@dependabot in #2028
* build(deps): bump github.com/helmfile/chartify from 0.22.0 to
0.23.0 by @dependabot in #2027
* chore: remove test data files by @yxxhero in #2026
* build(deps): bump golang.org/x/term from 0.31.0 to 0.32.0 by
@dependabot in #2033
* build(deps): bump github.com/helmfile/vals from 0.40.1 to
0.41.0 by @dependabot in #2032
* build(deps): bump dario.cat/mergo from 1.0.1 to 1.0.2 by
@dependabot in #2035
* feat(tmpl): enhance ToYaml test with multiple scenarios by
@yxxhero in #2031
* [sops, age] update to have SSH key support with sops by
@itscaro in #2036
* feat(yaml): add JSON style encoding option to NewEncoder by
@yxxhero in #2038
* refactor(yaml): upgrade from gopkg.in/yaml.v2 to v3 by @yxxhero
in #2039
* Update readme & documentation with 2025 status of helmfile
project by @zhaque44 in #2040
* build(deps): bump k8s.io/apimachinery from 0.33.0 to 0.33.1 by
@dependabot in #2041
* build(deps): bump github.com/zclconf/go-cty from 1.16.2 to
1.16.3 by @dependabot in #2043
- Update to version 1.0.0:
PLEASE READ
https://github.com/helmfile/helmfile/blob/main/docs/proposals/towards-1.0.md
What's Changed:
* build(deps): bump github.com/helmfile/vals from 0.39.0 to 0.39.1
by @dependabot in #1926
* Bump kubectl to current version (1.32.1) by @DerDaku in #1924
* build(deps): bump github.com/goccy/go-yaml from 1.15.21 to 1.15.22
by @dependabot in #1925
* build: update Helm to v3.17.1 and related dependencies by
@yxxhero in #1928
* build(deps): bump k8s.io/apimachinery from 0.32.1 to 0.32.2 by
@dependabot in #1931
* feat: inject cli state values (--state-values-set) into environment
templating context by @Vince-Chenal in #1917
* docs: add skipSchemaValidation to index.md and update related
structs by @yxxhero in #1935
* refactor(state): optimize HelmState flags handling by @yxxhero
in #1937
* Update vals package to v0.39.2 by @aditmeno in #1938
* build(deps): bump github.com/spf13/cobra from 1.8.1 to 1.9.1 by
@dependabot in #1940
* build(deps): bump github.com/goccy/go-yaml from 1.15.22 to 1.15.23
by @dependabot in #1941
* build(deps): bump github.com/helmfile/chartify from 0.20.8 to
0.20.9 by @dependabot in #1942
* feat: colorized DELETED by @yurrriq in #1944
* feat(docs): add proposal to remove charts and delete subcommands
by @yxxhero in #1936
* build(deps): bump github.com/google/go-cmp from 0.6.0 to 0.7.0
by @dependabot in #1945
* build(deps): bump github.com/go-jose/go-jose/v4 from 4.0.4 to
4.0.5 by @dependabot in #1946
* build: update golang version to 1.24 and golangci-lint to
v1.64.5 by @yxxhero in #1949
* build(deps): bump github.com/helmfile/vals from 0.39.2 to 0.39.3
by @dependabot in #1951
* build(deps): bump github.com/helmfile/chartify from 0.20.9 to
0.21.0 by @dependabot in #1950
* build(deps): bump golang.org/x/sync from 0.11.0 to 0.12.0 by
@dependabot in #1955
* build(deps): bump jinja2 from 3.1.5 to 3.1.6 in /docs by
@dependabot in #1956
* Don't warn if this and the needed release set installed: false
by @jayme-github in #1958
* build(deps): bump golang.org/x/term from 0.29.0 to 0.30.0 by
@dependabot in #1959
* Remove all v0.x references by @yxxhero in #1919
* build(deps): bump k8s.io/apimachinery from 0.32.2 to 0.32.3
by @dependabot in #1960
* build(deps): bump golang.org/x/net from 0.35.0 to 0.36.0 by
@dependabot in #1961
* build(deps): bump github.com/helmfile/vals from 0.39.3 to 0.39.4
by @dependabot in #1962
* build: update Helm to v3.17.2 and related dependencies by
@yxxhero in #1965
* build: update yaml.v3 dependency and remove colega/go-yaml-yaml
by @yxxhero in #1929
* build(deps): bump github.com/containerd/containerd from 1.7.24
to 1.7.27 by @dependabot in #1966
* build(deps): bump github.com/goccy/go-yaml from 1.15.23 to
1.16.0 by @dependabot in #1967
* build(deps): bump github.com/golang-jwt/jwt/v5 from 5.2.1 to
5.2.2 by @dependabot in #1969
* build(deps): bump github.com/golang-jwt/jwt/v4 from 4.5.1 to
4.5.2 by @dependabot in #1970
* build(deps): bump golangci/golangci-lint-action from 6 to 7
by @dependabot in #1975
* build(deps): bump github.com/helmfile/vals from 0.39.4 to
0.40.0 by @dependabot in #1978
* build(deps): bump github.com/helmfile/chartify from 0.21.0 to
0.21.1 by @dependabot in #1979
* docs(fix): correct typo in 'tier=fronted' to 'tier=frontend'
by @yxxhero in #1980
* feat: add labels for helm release by @yxxhero in #1046
* build(deps): bump github.com/helmfile/vals from 0.40.0 to
0.40.1 by @dependabot in #1981
* build(deps): bump github.com/goccy/go-yaml from 1.16.0 to 1.17.1
by @dependabot in #1982
* fix: Check needs with context and namespace by @aarnq in #1986
* build(deps): bump golang.org/x/sync from 0.12.0 to 0.13.0 by
@dependabot in #1991
* build(deps): bump golang.org/x/term from 0.30.0 to 0.31.0 by
@dependabot in #1990
* fix(state): enhance error message for missing .gotmpl extension
in helmfile v1 by @yxxhero in #1989
* build(deps): bump github.com/helmfile/chartify from 0.21.1 to
0.22.0 by @dependabot in #1996
* build: update Helm plugin versions in CI and Dockerfiles by
@yxxhero in #1995
* build: update Helm to v3.17.3 and update related Dockerfiles
by @yxxhero in #1993
* build(deps): bump golang.org/x/net from 0.37.0 to 0.38.0 by
@dependabot in #2010
* feat: add helmfile archive configuration in goreleaser by
@yxxhero in #2000
* docs: add more complex examples section in README by @yxxhero
in #2013
* Feat: setting reuseValues flag in release by @blaskoa in #2004
* build(deps): bump k8s.io/apimachinery from 0.32.3 to 0.32.4 by
@dependabot in #2016
* build(deps): bump github.com/aws/aws-sdk-go from 1.55.6 to
1.55.7 by @dependabot in #2015
* chore: support parsing any type with fromYaml by @ProbstDJakob
in #2017
* build(deps): bump k8s.io/apimachinery from 0.32.4 to 0.33.0 by
@dependabot in #2018
* feat: add --take-ownership flag to helm diff and related config
by @yxxhero in #1992
- Update to version 0.171.0:
* feat: execute templates against postRendererHooks by @allanger
in #1839
* build(deps): bump github.com/spf13/pflag from 1.0.5 to 1.0.6
by @dependabot in #1897
* build(deps): bump github.com/goccy/go-yaml from 1.15.15 to
1.15.16 by @dependabot in #1901
* build(deps): bump github.com/goccy/go-yaml from 1.15.16 to
1.15.17 by @dependabot in #1905
* Use a regex to match --state-values-set-string arguments
by @gllb in #1902
* build(deps): bump golang.org/x/sync from 0.10.0 to 0.11.0
by @dependabot in #1911
* Chartify v0.20.8 update by @scodeman in #1908
* cleanup: remove all about v0.x by @yxxhero in #1903
* build(deps): bump golang.org/x/term from 0.28.0 to 0.29.0
by @dependabot in #1913
* chore: update babel to resolve CVEs by @zhaque44 in #1916
* remove deprecated charts.yaml by @yxxhero in #1437
* Revert "cleanup: remove all about v0.x" by @yxxhero in #1918
* build(deps): bump github.com/goccy/go-yaml from 1.15.17 to
1.15.19 by @dependabot in #1920
* build(deps): bump github.com/goccy/go-yaml from 1.15.19 to
1.15.20 by @dependabot in #1921
* feat: Add support for --wait-retries flag. by @connyay in #1922
* build: update go-yaml to v1.15.21 by @yxxhero in #1923
- Update to version 0.170.1:
* build(deps): bump github.com/goccy/go-yaml from 1.15.14 to
1.15.15 by @dependabot in #1882
* build(deps): bump github.com/hashicorp/go-slug from 0.15.0 to
0.16.3 by @dependabot in #1886 (CVE-2025-0377)
* Ensure 'helm repo add' is also not pollute on helmfile template
by @baurmatt in #1887
* build(deps): bump github.com/zclconf/go-cty from 1.16.1 to
1.16.2 by @dependabot in #1888
* fix: using correct option for takeOwnership flag by @blaskoa
in #1892
* fix typo in docs by @adamab48 in #1889
- Update to version 0.170.0:
* build(deps): bump github.com/goccy/go-yaml from 1.15.6 to 1.15.7
by @dependabot in #1818
* build(deps): bump golang.org/x/term from 0.26.0 to 0.27.0 by
@dependabot in #1817
* chore(doc): fix the indent of the selector usage sample yaml by
@Ladicle in #1819
* feat(state): add support for setString in ReleaseSpec and
HelmState by @yxxhero in #1821
* build(deps): bump github.com/goccy/go-yaml from 1.15.7 to 1.15.8
by @dependabot in #1822
* test(state): add TestHelmState_setStringFlags for setStringFlags
method by @yxxhero in #1823
* build(deps): bump k8s.io/apimachinery from 0.31.3 to 0.31.4 by
@dependabot in #1826
* build(deps): bump golang.org/x/crypto from 0.29.0 to 0.31.0 by
@dependabot in #1828
* build(deps): bump github.com/goccy/go-yaml from 1.15.8 to
1.15.9 by @dependabot in #1831
* build(deps): bump k8s.io/apimachinery from 0.31.4 to 0.32.0 by
@dependabot in #1830
* feat: updating sops version to 3.9.2 by @zhaque44 in #1834
* build(deps): bump github.com/goccy/go-yaml from 1.15.9 to
1.15.10 by @dependabot in #1835
* build(deps): bump helm.sh/helm/v3 from 3.16.3 to 3.16.4 by
@dependabot in #1836
* build: update Helm version to v3.16.4 in CI and Dockerfiles by
@yxxhero in #1837
* build(deps): bump github.com/goccy/go-yaml from 1.15.10 to
1.15.11 by @dependabot in #1838
* build(deps): bump filippo.io/age from 1.2.0 to 1.2.1 by
@dependabot in #1840
* build(deps): bump github.com/goccy/go-yaml from 1.15.11 to
1.15.12 by @dependabot in #1843
* build: update helm-diff to v3.9.13 in Dockerfiles and init.go
by @yxxhero in #1841
* build(deps): bump github.com/helmfile/chartify from 0.20.4 to
0.20.5 by @dependabot in #1845
* build(deps): bump github.com/goccy/go-yaml from 1.15.12 to
1.15.13 by @dependabot in #1844
* build(deps): bump jinja2 from 3.1.4 to 3.1.5 in /docs by
@dependabot in #1846
* CVE-2024-45338: updating golang.org/x/net: to version: v0.33.0
by @zhaque44 in #1849
* build(deps): bump github.com/zclconf/go-cty from 1.15.1 to
1.16.0 by @dependabot in #1851
* build(deps): bump golang.org/x/term from 0.27.0 to 0.28.0
by @dependabot in #1852
* update sops versions to 3.9.3 by @zhaque44 in #1861
* build(deps): bump github.com/hashicorp/go-getter from 1.7.6
to 1.7.7 by @dependabot in #1862
* feat: add --take-ownership flag to apply and sync commands by
@yxxhero in #1863
* fix: ensure plain http is supported across all helmfile
commands by @purpleclay in #1858
* fix: ensure development versions of charts can be used across
helmfile commands by @purpleclay in #1865
* build(deps): bump github.com/helmfile/chartify from 0.20.5 to
0.20.6 by @dependabot in #1866
* update kubectl version (1.30) to stay up to date with new
releases by @zhaque44 in #1867
* build(deps): bump github.com/zclconf/go-cty from 1.16.0 to
1.16.1 by @dependabot in #1870
* build(deps): bump github.com/hashicorp/go-getter from 1.7.7 to
1.7.8 by @dependabot in #1869
* feat: Add "--no-hooks" to helmfile template by @jwlai in #1813
* update helm and k8s versions in ci, dockerfiles, and go.mod by
@yxxhero in #1872
* build(deps): bump github.com/helmfile/vals from 0.38.0 to 0.39.0
by @dependabot in #1876
* build(deps): bump k8s.io/apimachinery from 0.32.0 to 0.32.1 by
@dependabot in #1873
* build(deps): bump github.com/goccy/go-yaml from 1.15.13 to
1.15.14 by @dependabot in #1874
* build: update helm-diff to v3.9.14 in Dockerfiles and init.go
by @yxxhero in #1877
- Update to version 0.169.2:
* build(deps): bump github.com/helmfile/vals from 0.37.6 to 0.37.7
by @dependabot in #1747
* build(deps): bump k8s.io/apimachinery from 0.31.1 to 0.31.2 by
@dependabot in #1754
* Reset extra args before running 'dependency build' by @baurmatt
in #1751
* Introducing Helmfile Guru on Gurubase.io by @kursataktas in #1748
* feat: add skip json schema validation during the install /upgrade
of a Chart by @zhaque44 in #1737
* fix(maputil): prevent nil value overwrite by @ban11111 in #1755
* build(deps): bump github.com/goccy/go-yaml from 1.12.0 to
1.13.0 by @dependabot in #1759
* fix: this url doesn't work anymore by @zekena2 in #1760
* build(deps): bump github.com/goccy/go-yaml from 1.13.0 to
1.13.1 by @dependabot in #1762
* build(deps): bump github.com/goccy/go-yaml from 1.13.1 to
1.13.2 by @dependabot in #1763
* build(deps): bump github.com/golang-jwt/jwt/v4 from 4.5.0 to
4.5.1 by @dependabot in #1767
* build(deps): bump github.com/helmfile/vals from 0.37.7 to
0.37.8 by @dependabot in #1764
* build(deps): bump github.com/goccy/go-yaml from 1.13.2 to
1.13.4 by @dependabot in #1765
* fix(integration-tests): read correct minikube status (#1768)
by @ceriath in #1769
* build(deps): bump github.com/goccy/go-yaml from 1.13.4 to
1.13.5 by @dependabot in #1770
* Add integration tests for #1749 by @baurmatt in #1766
* fix: update acme chart URL in input.yaml by @yxxhero in #1773
* build(deps): bump github.com/goccy/go-yaml from 1.13.5 to
1.13.6 by @dependabot in #1771
* build(deps): bump golang.org/x/sync from 0.8.0 to 0.9.0 by
@dependabot in #1775
* build(deps): bump golang.org/x/term from 0.25.0 to 0.26.0
by @dependabot in #1774
* Revive dead badge links by @eggplants in #1776
* feat: refactor label creation in state.go by @yxxhero in #1758
* docs: Add Gurubase badge to README-zh_CN by @yxxhero in #1777
* build(deps): bump github.com/goccy/go-yaml from 1.13.6 to
1.13.9 by @dependabot in #1781
* build(deps): bump github.com/goccy/go-yaml from 1.13.9 to
1.14.0 by @dependabot in #1782
* build(deps): bump github.com/goccy/go-yaml from 1.14.0 to
1.14.3 by @dependabot in #1788
* build(deps): bump helm.sh/helm/v3 from 3.16.2 to 3.16.3 by
@dependabot in #1786
* fix: update helm-diff to version 3.9.12 in CI and Dockerfiles
by @yxxhero in #1792
* build: update Helm version to v3.16.3 in CI and Dockerfiles
by @yxxhero in #1791
* feat: add HELMFILE_INTERACTIVE env var to enable interactive
mode by @thevops in #1787
* build(deps): bump github.com/hashicorp/hcl/v2 from 2.22.0 to
2.23.0 by @dependabot in #1793
* build(deps): bump github.com/Masterminds/semver/v3 from 3.3.0
to 3.3.1 by @dependabot in #1795
* chore: update with testify/assert assertion and table driven
tests for fs.go by @zhaque44 in #1794
* build(deps): bump k8s.io/apimachinery from 0.31.2 to 0.31.3
by @dependabot in #1798
* build(deps): bump github.com/stretchr/testify from 1.9.0 to
1.10.0 by @dependabot in #1800
* build(deps): bump github.com/goccy/go-yaml from 1.14.3 to
1.15.0 by @dependabot in #1804
* build(deps): bump github.com/goccy/go-yaml from 1.15.0 to
1.15.1 by @dependabot in #1807
* build(deps): bump github.com/zclconf/go-cty from 1.15.0 to
1.15.1 by @dependabot in #1806
* update example chart URL in remote-secrets doc by @daveneeley
in #1809
* build(deps): bump github.com/goccy/go-yaml from 1.15.1 to
1.15.3 by @dependabot in #1811
* build(deps): bump github.com/goccy/go-yaml from 1.15.3 to
1.15.6 by @dependabot in #1812
* fix: inject global values in Chartify by @xabufr in #1805
* build(deps): bump github.com/helmfile/vals from 0.37.8 to
0.38.0 by @dependabot in #1814
* build(deps): bump github.com/helmfile/chartify from 0.20.3 to
0.20.4 by @dependabot in #1815
* build(deps): bump golang.org/x/sync from 0.9.0 to 0.10.0 by
@dependabot in #1816
- Update to version 0.169.1:
* feat: update sops version to 3.9.1 by @zhaque44 in #1742
* chore: improve test assertions and descriptions for file
download test by @zhaque44 in #1745
* feat: add 'hide-notes' flag to helm in sync and apply commands
by @yxxhero in #1746
Patchnames
openSUSE-Leap-16.0-packagehub-30
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for helmfile",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for helmfile fixes the following issues:\n\nChanges in helmfile:\n\nUpdate to version 1.1.9:\n\n * feat: update strategy for reinstall by @simbou2000 in #2019\n * build(deps): bump github.com/aws/aws-sdk-go-v2/service/s3\n from 1.88.7 to 1.89.0 by @dependabot[bot] in #2239\n * Fix: Handle empty helmBinary in base files with environment\n values by @Copilot in #2237\n\nUpdate to version 1.1.8:\n\n * build(deps): bump github.com/hashicorp/go-getter from 1.8.0 to\n 1.8.1 by @dependabot[bot] in #2194\n * fix typos in both comment and error message by @d-fal in #2199\n * cleanup disk in release ci by @yxxhero in #2203\n * Migrate AWS SDK from v1 to v2 to resolve deprecation warnings\n by @Copilot in #2202\n * build(deps): bump github.com/helmfile/vals from 0.42.1 to 0.42.2\n by @dependabot[bot] in #2200\n * build(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from\n 1.88.2 to 1.88.3 by @dependabot[bot] in #2206\n * Bump Alpine to 3.22 in Dockerfile by @orishamir in #2205\n * build(deps): bump github.com/aws/aws-sdk-go-v2/config from\n 1.31.10 to 1.31.12 by @dependabot[bot] in #2207\n * Add yq to Dockerfile by @orishamir in #2208\n * fix: skip chartify for build command jsonPatches by @sstarcher\n in #2212\n * build(deps): bump github.com/hashicorp/go-getter from 1.8.1 to\n 1.8.2 by @dependabot[bot] in #2210\n * build(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from\n 1.88.3 to 1.88.4 by @dependabot[bot] in #2213\n * build(deps): bump golang.org/x/term from 0.35.0 to 0.36.0 by\n @dependabot[bot] in #2214\n * Avoid fetching same chart/version multiple times by @Copilot\n in #2197\n * build(deps): bump github.com/helmfile/vals from 0.42.2 to\n 0.42.4 by @dependabot[bot] in #2217\n * docs: add zread badge to README by @yxxhero in #2219\n * Bump helm-diff to v3.13.1 by @Copilot in #2223\n * build(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from\n 1.88.4 to 1.88.5 by @dependabot[bot] in #2226\n * build(deps): bump github.com/aws/aws-sdk-go-v2/config from\n 1.31.12 to 1.31.13 by @dependabot[bot] in #2225\n * build(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from\n 1.88.5 to 1.88.6 by @dependabot[bot] in #2230\n * build(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from\n 1.88.6 to 1.88.7 by @dependabot[bot] in #2232\n * build(deps): bump github.com/aws/aws-sdk-go-v2/config from\n 1.31.13 to 1.31.15 by @dependabot[bot] in #2233\n * Fix helmBinary and kustomizeBinary being ignored when using\n bases by @Copilot in #2228\n\nUpdate to version 1.1.7:\n\n What\u0027s Changed\n\n * fix pflag error by @zhaque44 in #2164\n * build(deps): bump actions/setup-go from 5 to 6 by\n @dependabot[bot] in #2166\n * build(deps): bump github.com/hashicorp/go-getter from 1.7.9 to\n 1.7.10 by @dependabot[bot] in #2165\n * build(deps): bump github.com/spf13/pflag from 1.0.9 to 1.0.10\n by @dependabot[bot] in #2163\n * Add helm diff installation to README by @nwneisen in #2170\n * build(deps): bump github.com/hashicorp/go-getter from 1.7.10\n to 1.8.0 by @dependabot[bot] in #2175\n * build(deps): bump golang.org/x/term from 0.34.0 to 0.35.0 by\n @dependabot[bot] in #2174\n * build(deps): bump github.com/zclconf/go-cty from 1.16.4 to\n 1.17.0 by @dependabot[bot] in #2173\n * Fix panic when helm isn\u0027t installed by @nwneisen in #2169\n * build(deps): bump golang.org/x/sync from 0.16.0 to 0.17.0 by\n @dependabot[bot] in #2172\n * ci: update minikube and kubernetes versions by @yxxhero in #2181\n * build(deps): bump k8s.io/apimachinery from 0.34.0 to 0.34.1 by\n @dependabot[bot] in #2180\n * Remove deprecated --wait-retries flag support to fix Helm\n compatibility error by @Copilot in #2179\n * build(deps): bump go.yaml.in/yaml/v2 from 2.4.2 to 2.4.3 by\n @dependabot[bot] in #2183\n * build: update Helm to v3.19.0 across all components by @yxxhero\n in #2187\n * build: update helm-diff plugin to v3.13.0 by @yxxhero in #2189\n * feat: Implement caching for pulling OCI charts by @mustdiechik\n in #2171\n * build(deps): bump github.com/helmfile/chartify from 0.24.7 to\n 0.25.0 by @dependabot[bot] in #2190\n\n- Update to version 1.1.6:\n What\u0027s Changed\n * build(deps): bump github.com/hashicorp/go-getter from 1.7.8 to\n 1.7.9 by @dependabot[bot] in #2139\n * build(deps): bump github.com/zclconf/go-cty from 1.16.3 to\n 1.16.4 by @dependabot[bot] in #2145\n * build: update helm to v3.18.6 by @yxxhero in #2144\n * build(deps): bump github.com/stretchr/testify from 1.10.0 to\n 1.11.0 by @dependabot[bot] in #2150\n * Add missing --timeout flag to helmfile sync command with\n documentation by @Copilot in #2148\n * Fix enableDNS flag missing in diff command and refactor\n duplicate logic by @Copilot in #2147\n * build(deps): bump github.com/stretchr/testify from 1.11.0 to\n 1.11.1 by @dependabot[bot] in #2151\n * build(deps): bump github.com/ulikunitz/xz from 0.5.10 to 0.5.14\n by @dependabot[bot] in #2154\n * Bump github.com/ulikunitz/xz from v0.5.14 to v0.5.15 by @Copilot\n in #2159\n * build(deps): bump github.com/helmfile/vals from 0.42.0 to\n 0.42.1 by @dependabot[bot] in #2161\n * build(deps): bump github.com/spf13/pflag from 1.0.7 to 1.0.9\n by @dependabot[bot] in #2160\n * build(deps): bump github.com/spf13/cobra from 1.9.1 to 1.10.1\n by @dependabot[bot] in #2162\n * Fix error propagation in helmfile diff when Kubernetes is\n unreachable by @Copilot in #2149\n\n- Update to version 1.1.5:\n What\u0027s Changed\n * build(deps): bump actions/checkout from 4 to 5 by\n @dependabot[bot] in #2128\n * Update recommended Helm versions in init.go and run.sh by\n @yxxhero in #2129\n * Add comprehensive .github/copilot-instructions.md for coding\n agents by @Copilot in #2131\n * refactor(state): extract getMissingFileHandler method for\n clarity by @yxxhero in #2133\n * Fix parseHelmVersion to handle helm versions without \u0027v\u0027\n prefix by @Copilot in #2132\n * build(deps): bump k8s.io/apimachinery from 0.33.3 to 0.33.4\n by @dependabot[bot] in #2136\n * build(deps): bump github.com/helmfile/chartify from 0.24.6 to\n 0.24.7 by @dependabot[bot] in #2135\n\n- Update to version 1.1.4:\n What\u0027s Changed\n * build(deps): bump github.com/helmfile/vals from 0.41.2 to\n 0.41.3 by @dependabot[bot] in #2100\n * build(deps): bump k8s.io/apimachinery from 0.33.2 to 0.33.3\n by @dependabot[bot] in #2101\n * fix: update Helm version to v3.17.4 in CI and init.go by\n @yxxhero in #2102\n * build(deps): bump github.com/spf13/pflag from 1.0.6 to 1.0.7\n by @dependabot[bot] in #2104\n * feat(state): add missingFileHandlerConfig and related logic\n by @yxxhero in #2105\n * refactor(filesystem): add CopyDir method and optimize Fetch\n function by @yxxhero in #2111\n * Allow caching of remote files to be disabled by @jess-sol in\n #2112\n * refactor(yaml): switch yaml library import paths from gopkg.in\n to go.yaml.in by @yxxhero in #2114\n * build(deps): bump actions/download-artifact from 4 to 5 by\n @dependabot[bot] in #2121\n * build(deps): bump golang.org/x/term from 0.33.0 to 0.34.0 by\n @dependabot[bot] in #2123\n\n- Update to version 1.1.3:\n What\u0027s Changed\n * build: update Helm to v3.18.3 and related dependencies by\n @yxxhero in #2082\n * Expose release version as .Release.ChartVersion for templating\n by @Simske in #2080\n * build(deps): bump github.com/helmfile/chartify from 0.24.3 to\n 0.24.4 by @dependabot[bot] in #2083\n * build(deps): bump k8s.io/apimachinery from 0.33.1 to 0.33.2\n by @dependabot[bot] in #2086\n * build(deps): bump github.com/helmfile/chartify from 0.24.4 to\n 0.24.5 by @dependabot[bot] in #2087\n * build(deps): bump github.com/Masterminds/semver/v3 from 3.3.1\n to 3.4.0 by @dependabot[bot] in #2089\n * build(deps): bump github.com/hashicorp/hcl/v2 from 2.23.0 to\n 2.24.0 by @dependabot[bot] in #2092\n * build: update Helm and plugin versions to v3.18.4 and v3.12.3\n by @yxxhero in #2093\n * docs: update status section with May 2025 release information\n by @yxxhero in #2096\n * build(deps): bump golang.org/x/sync from 0.15.0 to 0.16.0 by\n @dependabot[bot] in #2099\n * build(deps): bump golang.org/x/term from 0.32.0 to 0.33.0 by\n @dependabot[bot] in #2098\n\n- Update to version 1.1.2:\n What\u0027s Changed\n * build(deps): bump github.com/helmfile/chartify from 0.24.2 to\n 0.24.3 by @dependabot in #2065\n * build: update Helm to v3.18.2 and adjust related configurations\n by @yxxhero in #2064\n * build(deps): bump github.com/helmfile/vals from 0.41.1 to\n 0.41.2 by @dependabot in #2067\n * build(deps): bump golang.org/x/sync from 0.14.0 to 0.15.0\n by @dependabot in #2068\n * fix-insecure-flag by @anontrex in #2072\n * build(deps): bump github.com/cloudflare/circl from 1.4.0 to\n 1.6.1 by @dependabot in #2074\n * fix: update helm-diff to version 3.12.2 in CI and Dockerfiles\n by @yxxhero in #2073\n * fix: TestToYaml not working with 32-bit architectures by\n @ProbstDJakob in #2075\n\n- Update to version 1.1.1:\n What\u0027s Changed\n * Update README.md by @mumoshu in #2046\n * build(deps): bump github.com/helmfile/vals from 0.41.0 to\n 0.41.1 by @dependabot in #2048\n * build(helm) update to v3.18.0 by @yxxhero in #2044\n * build(deps): bump github.com/helmfile/chartify from 0.23.0 to\n 0.24.1 by @dependabot in #2049\n * build: update Helm and plugin versions in CI and Dockerfiles\n by @yxxhero in #2059\n\n- Update to version 1.1.0:\n What\u0027s Changed\n * chore: fix typo in create_test.go by @sadikkuzu in #2025\n * build(deps): bump golangci/golangci-lint-action from 7 to 8 by\n @dependabot in #2029\n * build(deps): bump golang.org/x/sync from 0.13.0 to 0.14.0 by\n @dependabot in #2028\n * build(deps): bump github.com/helmfile/chartify from 0.22.0 to\n 0.23.0 by @dependabot in #2027\n * chore: remove test data files by @yxxhero in #2026\n * build(deps): bump golang.org/x/term from 0.31.0 to 0.32.0 by\n @dependabot in #2033\n * build(deps): bump github.com/helmfile/vals from 0.40.1 to\n 0.41.0 by @dependabot in #2032\n * build(deps): bump dario.cat/mergo from 1.0.1 to 1.0.2 by\n @dependabot in #2035\n * feat(tmpl): enhance ToYaml test with multiple scenarios by\n @yxxhero in #2031\n * [sops, age] update to have SSH key support with sops by\n @itscaro in #2036\n * feat(yaml): add JSON style encoding option to NewEncoder by\n @yxxhero in #2038\n * refactor(yaml): upgrade from gopkg.in/yaml.v2 to v3 by @yxxhero\n in #2039\n * Update readme \u0026 documentation with 2025 status of helmfile\n project by @zhaque44 in #2040\n * build(deps): bump k8s.io/apimachinery from 0.33.0 to 0.33.1 by\n @dependabot in #2041\n * build(deps): bump github.com/zclconf/go-cty from 1.16.2 to\n 1.16.3 by @dependabot in #2043\n\n- Update to version 1.0.0:\n PLEASE READ\n https://github.com/helmfile/helmfile/blob/main/docs/proposals/towards-1.0.md\n\n What\u0027s Changed:\n * build(deps): bump github.com/helmfile/vals from 0.39.0 to 0.39.1\n by @dependabot in #1926\n * Bump kubectl to current version (1.32.1) by @DerDaku in #1924\n * build(deps): bump github.com/goccy/go-yaml from 1.15.21 to 1.15.22\n by @dependabot in #1925\n * build: update Helm to v3.17.1 and related dependencies by\n @yxxhero in #1928\n * build(deps): bump k8s.io/apimachinery from 0.32.1 to 0.32.2 by\n @dependabot in #1931\n * feat: inject cli state values (--state-values-set) into environment\n templating context by @Vince-Chenal in #1917\n * docs: add skipSchemaValidation to index.md and update related\n structs by @yxxhero in #1935\n * refactor(state): optimize HelmState flags handling by @yxxhero\n in #1937\n * Update vals package to v0.39.2 by @aditmeno in #1938\n * build(deps): bump github.com/spf13/cobra from 1.8.1 to 1.9.1 by\n @dependabot in #1940\n * build(deps): bump github.com/goccy/go-yaml from 1.15.22 to 1.15.23\n by @dependabot in #1941\n * build(deps): bump github.com/helmfile/chartify from 0.20.8 to\n 0.20.9 by @dependabot in #1942\n * feat: colorized DELETED by @yurrriq in #1944\n * feat(docs): add proposal to remove charts and delete subcommands\n by @yxxhero in #1936\n * build(deps): bump github.com/google/go-cmp from 0.6.0 to 0.7.0\n by @dependabot in #1945\n * build(deps): bump github.com/go-jose/go-jose/v4 from 4.0.4 to\n 4.0.5 by @dependabot in #1946\n * build: update golang version to 1.24 and golangci-lint to\n v1.64.5 by @yxxhero in #1949\n * build(deps): bump github.com/helmfile/vals from 0.39.2 to 0.39.3\n by @dependabot in #1951\n * build(deps): bump github.com/helmfile/chartify from 0.20.9 to\n 0.21.0 by @dependabot in #1950\n * build(deps): bump golang.org/x/sync from 0.11.0 to 0.12.0 by\n @dependabot in #1955\n * build(deps): bump jinja2 from 3.1.5 to 3.1.6 in /docs by\n @dependabot in #1956\n * Don\u0027t warn if this and the needed release set installed: false\n by @jayme-github in #1958\n * build(deps): bump golang.org/x/term from 0.29.0 to 0.30.0 by\n @dependabot in #1959\n * Remove all v0.x references by @yxxhero in #1919\n * build(deps): bump k8s.io/apimachinery from 0.32.2 to 0.32.3\n by @dependabot in #1960\n * build(deps): bump golang.org/x/net from 0.35.0 to 0.36.0 by\n @dependabot in #1961\n * build(deps): bump github.com/helmfile/vals from 0.39.3 to 0.39.4\n by @dependabot in #1962\n * build: update Helm to v3.17.2 and related dependencies by\n @yxxhero in #1965\n * build: update yaml.v3 dependency and remove colega/go-yaml-yaml\n by @yxxhero in #1929\n * build(deps): bump github.com/containerd/containerd from 1.7.24\n to 1.7.27 by @dependabot in #1966\n * build(deps): bump github.com/goccy/go-yaml from 1.15.23 to\n 1.16.0 by @dependabot in #1967\n * build(deps): bump github.com/golang-jwt/jwt/v5 from 5.2.1 to\n 5.2.2 by @dependabot in #1969\n * build(deps): bump github.com/golang-jwt/jwt/v4 from 4.5.1 to\n 4.5.2 by @dependabot in #1970\n * build(deps): bump golangci/golangci-lint-action from 6 to 7\n by @dependabot in #1975\n * build(deps): bump github.com/helmfile/vals from 0.39.4 to\n 0.40.0 by @dependabot in #1978\n * build(deps): bump github.com/helmfile/chartify from 0.21.0 to\n 0.21.1 by @dependabot in #1979\n * docs(fix): correct typo in \u0027tier=fronted\u0027 to \u0027tier=frontend\u0027\n by @yxxhero in #1980\n * feat: add labels for helm release by @yxxhero in #1046\n * build(deps): bump github.com/helmfile/vals from 0.40.0 to\n 0.40.1 by @dependabot in #1981\n * build(deps): bump github.com/goccy/go-yaml from 1.16.0 to 1.17.1\n by @dependabot in #1982\n * fix: Check needs with context and namespace by @aarnq in #1986\n * build(deps): bump golang.org/x/sync from 0.12.0 to 0.13.0 by\n @dependabot in #1991\n * build(deps): bump golang.org/x/term from 0.30.0 to 0.31.0 by\n @dependabot in #1990\n * fix(state): enhance error message for missing .gotmpl extension\n in helmfile v1 by @yxxhero in #1989\n * build(deps): bump github.com/helmfile/chartify from 0.21.1 to\n 0.22.0 by @dependabot in #1996\n * build: update Helm plugin versions in CI and Dockerfiles by\n @yxxhero in #1995\n * build: update Helm to v3.17.3 and update related Dockerfiles\n by @yxxhero in #1993\n * build(deps): bump golang.org/x/net from 0.37.0 to 0.38.0 by\n @dependabot in #2010\n * feat: add helmfile archive configuration in goreleaser by\n @yxxhero in #2000\n * docs: add more complex examples section in README by @yxxhero\n in #2013\n * Feat: setting reuseValues flag in release by @blaskoa in #2004\n * build(deps): bump k8s.io/apimachinery from 0.32.3 to 0.32.4 by\n @dependabot in #2016\n * build(deps): bump github.com/aws/aws-sdk-go from 1.55.6 to\n 1.55.7 by @dependabot in #2015\n * chore: support parsing any type with fromYaml by @ProbstDJakob\n in #2017\n * build(deps): bump k8s.io/apimachinery from 0.32.4 to 0.33.0 by\n @dependabot in #2018\n * feat: add --take-ownership flag to helm diff and related config\n by @yxxhero in #1992\n\n- Update to version 0.171.0:\n * feat: execute templates against postRendererHooks by @allanger\n in #1839\n * build(deps): bump github.com/spf13/pflag from 1.0.5 to 1.0.6\n by @dependabot in #1897\n * build(deps): bump github.com/goccy/go-yaml from 1.15.15 to\n 1.15.16 by @dependabot in #1901\n * build(deps): bump github.com/goccy/go-yaml from 1.15.16 to\n 1.15.17 by @dependabot in #1905\n * Use a regex to match --state-values-set-string arguments\n by @gllb in #1902\n * build(deps): bump golang.org/x/sync from 0.10.0 to 0.11.0\n by @dependabot in #1911\n * Chartify v0.20.8 update by @scodeman in #1908\n * cleanup: remove all about v0.x by @yxxhero in #1903\n * build(deps): bump golang.org/x/term from 0.28.0 to 0.29.0\n by @dependabot in #1913\n * chore: update babel to resolve CVEs by @zhaque44 in #1916\n * remove deprecated charts.yaml by @yxxhero in #1437\n * Revert \"cleanup: remove all about v0.x\" by @yxxhero in #1918\n * build(deps): bump github.com/goccy/go-yaml from 1.15.17 to\n 1.15.19 by @dependabot in #1920\n * build(deps): bump github.com/goccy/go-yaml from 1.15.19 to\n 1.15.20 by @dependabot in #1921\n * feat: Add support for --wait-retries flag. by @connyay in #1922\n * build: update go-yaml to v1.15.21 by @yxxhero in #1923\n\n- Update to version 0.170.1:\n * build(deps): bump github.com/goccy/go-yaml from 1.15.14 to\n 1.15.15 by @dependabot in #1882\n * build(deps): bump github.com/hashicorp/go-slug from 0.15.0 to\n 0.16.3 by @dependabot in #1886 (CVE-2025-0377)\n * Ensure \u0027helm repo add\u0027 is also not pollute on helmfile template\n by @baurmatt in #1887\n * build(deps): bump github.com/zclconf/go-cty from 1.16.1 to\n 1.16.2 by @dependabot in #1888\n * fix: using correct option for takeOwnership flag by @blaskoa\n in #1892\n * fix typo in docs by @adamab48 in #1889\n\n- Update to version 0.170.0:\n * build(deps): bump github.com/goccy/go-yaml from 1.15.6 to 1.15.7\n by @dependabot in #1818\n * build(deps): bump golang.org/x/term from 0.26.0 to 0.27.0 by\n @dependabot in #1817\n * chore(doc): fix the indent of the selector usage sample yaml by\n @Ladicle in #1819\n * feat(state): add support for setString in ReleaseSpec and\n HelmState by @yxxhero in #1821\n * build(deps): bump github.com/goccy/go-yaml from 1.15.7 to 1.15.8\n by @dependabot in #1822\n * test(state): add TestHelmState_setStringFlags for setStringFlags\n method by @yxxhero in #1823\n * build(deps): bump k8s.io/apimachinery from 0.31.3 to 0.31.4 by\n @dependabot in #1826\n * build(deps): bump golang.org/x/crypto from 0.29.0 to 0.31.0 by\n @dependabot in #1828\n * build(deps): bump github.com/goccy/go-yaml from 1.15.8 to\n 1.15.9 by @dependabot in #1831\n * build(deps): bump k8s.io/apimachinery from 0.31.4 to 0.32.0 by\n @dependabot in #1830\n * feat: updating sops version to 3.9.2 by @zhaque44 in #1834\n * build(deps): bump github.com/goccy/go-yaml from 1.15.9 to\n 1.15.10 by @dependabot in #1835\n * build(deps): bump helm.sh/helm/v3 from 3.16.3 to 3.16.4 by\n @dependabot in #1836\n * build: update Helm version to v3.16.4 in CI and Dockerfiles by\n @yxxhero in #1837\n * build(deps): bump github.com/goccy/go-yaml from 1.15.10 to\n 1.15.11 by @dependabot in #1838\n * build(deps): bump filippo.io/age from 1.2.0 to 1.2.1 by\n @dependabot in #1840\n * build(deps): bump github.com/goccy/go-yaml from 1.15.11 to\n 1.15.12 by @dependabot in #1843\n * build: update helm-diff to v3.9.13 in Dockerfiles and init.go\n by @yxxhero in #1841\n * build(deps): bump github.com/helmfile/chartify from 0.20.4 to\n 0.20.5 by @dependabot in #1845\n * build(deps): bump github.com/goccy/go-yaml from 1.15.12 to\n 1.15.13 by @dependabot in #1844\n * build(deps): bump jinja2 from 3.1.4 to 3.1.5 in /docs by\n @dependabot in #1846\n * CVE-2024-45338: updating golang.org/x/net: to version: v0.33.0\n by @zhaque44 in #1849\n * build(deps): bump github.com/zclconf/go-cty from 1.15.1 to\n 1.16.0 by @dependabot in #1851\n * build(deps): bump golang.org/x/term from 0.27.0 to 0.28.0\n by @dependabot in #1852\n * update sops versions to 3.9.3 by @zhaque44 in #1861\n * build(deps): bump github.com/hashicorp/go-getter from 1.7.6\n to 1.7.7 by @dependabot in #1862\n * feat: add --take-ownership flag to apply and sync commands by\n @yxxhero in #1863\n * fix: ensure plain http is supported across all helmfile\n commands by @purpleclay in #1858\n * fix: ensure development versions of charts can be used across\n helmfile commands by @purpleclay in #1865\n * build(deps): bump github.com/helmfile/chartify from 0.20.5 to\n 0.20.6 by @dependabot in #1866\n * update kubectl version (1.30) to stay up to date with new\n releases by @zhaque44 in #1867\n * build(deps): bump github.com/zclconf/go-cty from 1.16.0 to\n 1.16.1 by @dependabot in #1870\n * build(deps): bump github.com/hashicorp/go-getter from 1.7.7 to\n 1.7.8 by @dependabot in #1869\n * feat: Add \"--no-hooks\" to helmfile template by @jwlai in #1813\n * update helm and k8s versions in ci, dockerfiles, and go.mod by\n @yxxhero in #1872\n * build(deps): bump github.com/helmfile/vals from 0.38.0 to 0.39.0\n by @dependabot in #1876\n * build(deps): bump k8s.io/apimachinery from 0.32.0 to 0.32.1 by\n @dependabot in #1873\n * build(deps): bump github.com/goccy/go-yaml from 1.15.13 to\n 1.15.14 by @dependabot in #1874\n * build: update helm-diff to v3.9.14 in Dockerfiles and init.go\n by @yxxhero in #1877\n\n- Update to version 0.169.2:\n * build(deps): bump github.com/helmfile/vals from 0.37.6 to 0.37.7\n by @dependabot in #1747\n * build(deps): bump k8s.io/apimachinery from 0.31.1 to 0.31.2 by\n @dependabot in #1754\n * Reset extra args before running \u0027dependency build\u0027 by @baurmatt\n in #1751\n * Introducing Helmfile Guru on Gurubase.io by @kursataktas in #1748\n * feat: add skip json schema validation during the install /upgrade\n of a Chart by @zhaque44 in #1737\n * fix(maputil): prevent nil value overwrite by @ban11111 in #1755\n * build(deps): bump github.com/goccy/go-yaml from 1.12.0 to\n 1.13.0 by @dependabot in #1759\n * fix: this url doesn\u0027t work anymore by @zekena2 in #1760\n * build(deps): bump github.com/goccy/go-yaml from 1.13.0 to\n 1.13.1 by @dependabot in #1762\n * build(deps): bump github.com/goccy/go-yaml from 1.13.1 to\n 1.13.2 by @dependabot in #1763\n * build(deps): bump github.com/golang-jwt/jwt/v4 from 4.5.0 to\n 4.5.1 by @dependabot in #1767\n * build(deps): bump github.com/helmfile/vals from 0.37.7 to\n 0.37.8 by @dependabot in #1764\n * build(deps): bump github.com/goccy/go-yaml from 1.13.2 to\n 1.13.4 by @dependabot in #1765\n * fix(integration-tests): read correct minikube status (#1768)\n by @ceriath in #1769\n * build(deps): bump github.com/goccy/go-yaml from 1.13.4 to\n 1.13.5 by @dependabot in #1770\n * Add integration tests for #1749 by @baurmatt in #1766\n * fix: update acme chart URL in input.yaml by @yxxhero in #1773\n * build(deps): bump github.com/goccy/go-yaml from 1.13.5 to\n 1.13.6 by @dependabot in #1771\n * build(deps): bump golang.org/x/sync from 0.8.0 to 0.9.0 by\n @dependabot in #1775\n * build(deps): bump golang.org/x/term from 0.25.0 to 0.26.0\n by @dependabot in #1774\n * Revive dead badge links by @eggplants in #1776\n * feat: refactor label creation in state.go by @yxxhero in #1758\n * docs: Add Gurubase badge to README-zh_CN by @yxxhero in #1777\n * build(deps): bump github.com/goccy/go-yaml from 1.13.6 to\n 1.13.9 by @dependabot in #1781\n * build(deps): bump github.com/goccy/go-yaml from 1.13.9 to\n 1.14.0 by @dependabot in #1782\n * build(deps): bump github.com/goccy/go-yaml from 1.14.0 to\n 1.14.3 by @dependabot in #1788\n * build(deps): bump helm.sh/helm/v3 from 3.16.2 to 3.16.3 by\n @dependabot in #1786\n * fix: update helm-diff to version 3.9.12 in CI and Dockerfiles\n by @yxxhero in #1792\n * build: update Helm version to v3.16.3 in CI and Dockerfiles\n by @yxxhero in #1791\n * feat: add HELMFILE_INTERACTIVE env var to enable interactive\n mode by @thevops in #1787\n * build(deps): bump github.com/hashicorp/hcl/v2 from 2.22.0 to\n 2.23.0 by @dependabot in #1793\n * build(deps): bump github.com/Masterminds/semver/v3 from 3.3.0\n to 3.3.1 by @dependabot in #1795\n * chore: update with testify/assert assertion and table driven\n tests for fs.go by @zhaque44 in #1794\n * build(deps): bump k8s.io/apimachinery from 0.31.2 to 0.31.3\n by @dependabot in #1798\n * build(deps): bump github.com/stretchr/testify from 1.9.0 to\n 1.10.0 by @dependabot in #1800\n * build(deps): bump github.com/goccy/go-yaml from 1.14.3 to\n 1.15.0 by @dependabot in #1804\n * build(deps): bump github.com/goccy/go-yaml from 1.15.0 to\n 1.15.1 by @dependabot in #1807\n * build(deps): bump github.com/zclconf/go-cty from 1.15.0 to\n 1.15.1 by @dependabot in #1806\n * update example chart URL in remote-secrets doc by @daveneeley\n in #1809\n * build(deps): bump github.com/goccy/go-yaml from 1.15.1 to\n 1.15.3 by @dependabot in #1811\n * build(deps): bump github.com/goccy/go-yaml from 1.15.3 to\n 1.15.6 by @dependabot in #1812\n * fix: inject global values in Chartify by @xabufr in #1805\n * build(deps): bump github.com/helmfile/vals from 0.37.8 to\n 0.38.0 by @dependabot in #1814\n * build(deps): bump github.com/helmfile/chartify from 0.20.3 to\n 0.20.4 by @dependabot in #1815\n * build(deps): bump golang.org/x/sync from 0.9.0 to 0.10.0 by\n @dependabot in #1816\n\n- Update to version 0.169.1:\n * feat: update sops version to 3.9.1 by @zhaque44 in #1742\n * chore: improve test assertions and descriptions for file\n download test by @zhaque44 in #1745\n * feat: add \u0027hide-notes\u0027 flag to helm in sync and apply commands\n by @yxxhero in #1746\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Leap-16.0-packagehub-30",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025-20097-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45338 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45338/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-0377 page",
"url": "https://www.suse.com/security/cve/CVE-2025-0377/"
}
],
"title": "Security update for helmfile",
"tracking": {
"current_release_date": "2025-11-26T14:11:10Z",
"generator": {
"date": "2025-11-26T14:11:10Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025-20097-1",
"initial_release_date": "2025-11-26T14:11:10Z",
"revision_history": [
{
"date": "2025-11-26T14:11:10Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "helmfile-0.169.0-bp160.1.13.aarch64",
"product": {
"name": "helmfile-0.169.0-bp160.1.13.aarch64",
"product_id": "helmfile-0.169.0-bp160.1.13.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "helmfile-bash-completion-0.169.0-bp160.1.13.noarch",
"product": {
"name": "helmfile-bash-completion-0.169.0-bp160.1.13.noarch",
"product_id": "helmfile-bash-completion-0.169.0-bp160.1.13.noarch"
}
},
{
"category": "product_version",
"name": "helmfile-fish-completion-0.169.0-bp160.1.13.noarch",
"product": {
"name": "helmfile-fish-completion-0.169.0-bp160.1.13.noarch",
"product_id": "helmfile-fish-completion-0.169.0-bp160.1.13.noarch"
}
},
{
"category": "product_version",
"name": "helmfile-zsh-completion-0.169.0-bp160.1.13.noarch",
"product": {
"name": "helmfile-zsh-completion-0.169.0-bp160.1.13.noarch",
"product_id": "helmfile-zsh-completion-0.169.0-bp160.1.13.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "helmfile-0.169.0-bp160.1.13.ppc64le",
"product": {
"name": "helmfile-0.169.0-bp160.1.13.ppc64le",
"product_id": "helmfile-0.169.0-bp160.1.13.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "helmfile-0.169.0-bp160.1.13.s390x",
"product": {
"name": "helmfile-0.169.0-bp160.1.13.s390x",
"product_id": "helmfile-0.169.0-bp160.1.13.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "helmfile-0.169.0-bp160.1.13.x86_64",
"product": {
"name": "helmfile-0.169.0-bp160.1.13.x86_64",
"product_id": "helmfile-0.169.0-bp160.1.13.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 16.0",
"product": {
"name": "openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "helmfile-0.169.0-bp160.1.13.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:helmfile-0.169.0-bp160.1.13.aarch64"
},
"product_reference": "helmfile-0.169.0-bp160.1.13.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helmfile-0.169.0-bp160.1.13.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:helmfile-0.169.0-bp160.1.13.ppc64le"
},
"product_reference": "helmfile-0.169.0-bp160.1.13.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helmfile-0.169.0-bp160.1.13.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:helmfile-0.169.0-bp160.1.13.s390x"
},
"product_reference": "helmfile-0.169.0-bp160.1.13.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helmfile-0.169.0-bp160.1.13.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:helmfile-0.169.0-bp160.1.13.x86_64"
},
"product_reference": "helmfile-0.169.0-bp160.1.13.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helmfile-bash-completion-0.169.0-bp160.1.13.noarch as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:helmfile-bash-completion-0.169.0-bp160.1.13.noarch"
},
"product_reference": "helmfile-bash-completion-0.169.0-bp160.1.13.noarch",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helmfile-fish-completion-0.169.0-bp160.1.13.noarch as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:helmfile-fish-completion-0.169.0-bp160.1.13.noarch"
},
"product_reference": "helmfile-fish-completion-0.169.0-bp160.1.13.noarch",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helmfile-zsh-completion-0.169.0-bp160.1.13.noarch as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:helmfile-zsh-completion-0.169.0-bp160.1.13.noarch"
},
"product_reference": "helmfile-zsh-completion-0.169.0-bp160.1.13.noarch",
"relates_to_product_reference": "openSUSE Leap 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-45338",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45338"
}
],
"notes": [
{
"category": "general",
"text": "An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:helmfile-0.169.0-bp160.1.13.aarch64",
"openSUSE Leap 16.0:helmfile-0.169.0-bp160.1.13.ppc64le",
"openSUSE Leap 16.0:helmfile-0.169.0-bp160.1.13.s390x",
"openSUSE Leap 16.0:helmfile-0.169.0-bp160.1.13.x86_64",
"openSUSE Leap 16.0:helmfile-bash-completion-0.169.0-bp160.1.13.noarch",
"openSUSE Leap 16.0:helmfile-fish-completion-0.169.0-bp160.1.13.noarch",
"openSUSE Leap 16.0:helmfile-zsh-completion-0.169.0-bp160.1.13.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45338",
"url": "https://www.suse.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "SUSE Bug 1234794 for CVE-2024-45338",
"url": "https://bugzilla.suse.com/1234794"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:helmfile-0.169.0-bp160.1.13.aarch64",
"openSUSE Leap 16.0:helmfile-0.169.0-bp160.1.13.ppc64le",
"openSUSE Leap 16.0:helmfile-0.169.0-bp160.1.13.s390x",
"openSUSE Leap 16.0:helmfile-0.169.0-bp160.1.13.x86_64",
"openSUSE Leap 16.0:helmfile-bash-completion-0.169.0-bp160.1.13.noarch",
"openSUSE Leap 16.0:helmfile-fish-completion-0.169.0-bp160.1.13.noarch",
"openSUSE Leap 16.0:helmfile-zsh-completion-0.169.0-bp160.1.13.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:helmfile-0.169.0-bp160.1.13.aarch64",
"openSUSE Leap 16.0:helmfile-0.169.0-bp160.1.13.ppc64le",
"openSUSE Leap 16.0:helmfile-0.169.0-bp160.1.13.s390x",
"openSUSE Leap 16.0:helmfile-0.169.0-bp160.1.13.x86_64",
"openSUSE Leap 16.0:helmfile-bash-completion-0.169.0-bp160.1.13.noarch",
"openSUSE Leap 16.0:helmfile-fish-completion-0.169.0-bp160.1.13.noarch",
"openSUSE Leap 16.0:helmfile-zsh-completion-0.169.0-bp160.1.13.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-26T14:11:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-45338"
},
{
"cve": "CVE-2025-0377",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-0377"
}
],
"notes": [
{
"category": "general",
"text": "HashiCorp\u0027s go-slug library is vulnerable to a zip-slip style attack when a non-existing user-provided path is extracted from the tar entry.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:helmfile-0.169.0-bp160.1.13.aarch64",
"openSUSE Leap 16.0:helmfile-0.169.0-bp160.1.13.ppc64le",
"openSUSE Leap 16.0:helmfile-0.169.0-bp160.1.13.s390x",
"openSUSE Leap 16.0:helmfile-0.169.0-bp160.1.13.x86_64",
"openSUSE Leap 16.0:helmfile-bash-completion-0.169.0-bp160.1.13.noarch",
"openSUSE Leap 16.0:helmfile-fish-completion-0.169.0-bp160.1.13.noarch",
"openSUSE Leap 16.0:helmfile-zsh-completion-0.169.0-bp160.1.13.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-0377",
"url": "https://www.suse.com/security/cve/CVE-2025-0377"
},
{
"category": "external",
"summary": "SUSE Bug 1236209 for CVE-2025-0377",
"url": "https://bugzilla.suse.com/1236209"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:helmfile-0.169.0-bp160.1.13.aarch64",
"openSUSE Leap 16.0:helmfile-0.169.0-bp160.1.13.ppc64le",
"openSUSE Leap 16.0:helmfile-0.169.0-bp160.1.13.s390x",
"openSUSE Leap 16.0:helmfile-0.169.0-bp160.1.13.x86_64",
"openSUSE Leap 16.0:helmfile-bash-completion-0.169.0-bp160.1.13.noarch",
"openSUSE Leap 16.0:helmfile-fish-completion-0.169.0-bp160.1.13.noarch",
"openSUSE Leap 16.0:helmfile-zsh-completion-0.169.0-bp160.1.13.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-26T14:11:10Z",
"details": "important"
}
],
"title": "CVE-2025-0377"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…