Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 536
Alerts This Week
Warning Icon 1 536

Fedora 37: FEDORA-2023-c9b2182a4e Critical: Helm Denial of Service

fedora
Calendar Grey February 23, 2023
Scroller Fedora
The latest Helm upgrade addresses significant vulnerabilities in Fedora 37, tackling several Denial of Service risks.
Update helm to 3.11.1, resolving multiple security issues

Summary

Pretty print trees in Go.

Update helm to 3.11.1, resolving multiple security issues

* Tue Feb 21 2023 Davide Cavalca - 0.1.0-1

- Initial import; Fixes: RHBZ#2172236

[ 1 ] Bug #1971029 - Cannot build for s390x due to missing dependency

https://bugzilla.redhat.com/show_bug.cgi?id=1971029

[ 2 ] Bug #1971091 - Test failures on 32bit arches

https://bugzilla.redhat.com/show_bug.cgi?id=1971091

[ 3 ] Bug #1977738 - golang-helm-3-3.11.1 is available

https://bugzilla.redhat.com/show_bug.cgi?id=1977738

[ 4 ] Bug #2045644 - golang-helm-3: FTBFS in Fedora rawhide/f36

https://bugzilla.redhat.com/show_bug.cgi?id=2045644

[ 5 ] Bug #2097975 - CVE-2022-1996 golang-helm-3: go-restful: Authorization Bypass Through User-Controlled Key [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=2097975

[ 6 ] Bug #2138841 - F38FailsToInstall: golang-helm-3-devel

https://bugzilla.redhat.com/show_bug.cgi?id=2138841

[ 7 ] Bug #2142198 - F37FailsToInstall: golang-helm-3-devel

https://bugzilla.redhat.com/show_bug.cgi?id=2142198

[ 8 ] Bug #2142210 - F36FailsToInstall: golang-helm-3-devel

https://bugzilla.redhat.com/show_bug.cgi?id=2142210

[ 9 ] Bug #2155938 - CVE-2022-23526 golang-helm-3: helm: Denial of service through schema file [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=2155938

[ 10 ] Bug #2155939 - CVE-2022-23524 golang-helm-3: helm: Denial of service through string value parsing [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=2155939

[ 11 ] Bug #2163231 - CVE-2022-41717 golang-helm-3: golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=2163231

su -c 'dnf upgrade --advisory FEDORA-2023-c9b2182a4e' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Do not reply to spam, report it:

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 37
Version: 0.1.0
Release: 1.fc37
Summary: Pretty print trees in Go

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.