SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-602

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-602

Security update for helm

Type: security

Severity: important

Issued: 2025-02-20

Description:

This update for helm fixes the following issues:

Update to version 3.17.1:

- CVE-2024-45338: Fixed denial of service due to non-linear parsing of case-insensitive content (bsc#1235318).
- CVE-2024-45337: Fixed misuse of ServerConfig.PublicKeyCallback to prevent authorization bypass in golang.org/x/crypto (bsc#1234482).

References

Packages

helm-3.17.1-150000.1.41.1