Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 568
Alerts This Week
Warning Icon 1 568

openSUSE Flannel Important Security Fix Advisory 2026-0239-1

opensuse
Calendar Grey July 10, 2026
Dist Opensuse Esm H88
An important update to openSUSE flannel addresses critical issues to enhance security. Learn about the flaws and fixes.
An update that fixes two vulnerabilities is now available.

Description

This update for flannel fixes the following issues:

- Update to version 0.28.7:

* prepare for release v0.28.7 (#2485)

* fix: use install-conf in chart (#2484)

* fix: use semver tag type in Docker meta to support release events

(#2483)

* build(deps): bump github/codeql-action/upload-sarif (#2480)

* build(deps): bump golang.org/x/net from 0.54.0 to 0.55.0 (#2473), fix

for CVE-2026-33814 (boo#1265780) and CVE-2026-39821 (boo#1266620)

* build(deps): bump docker/build-push-action from 7.2.0 to 7.3.0 (#2479)

* build(deps): bump golangci/golangci-lint-action from 9.2.1 to 9.3.0

(#2478)

* build(deps): bump docker/metadata-action from 6.1.0 to 6.2.0 (#2476)

* build(deps): bump the tencent group with 2 updates (#2475)

* build(deps): bump the etcd group with 4 updates (#2474)

* fix: skip invalid CIDRs in subnet file readers (#2454)

* subnet/etcd: recover subnet watch from compaction (#2471)

* Bump the...

Read the Full Advisory

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP7:

zypper in -t patch openSUSE-2026-239=1

Package List

- openSUSE Backports SLE-15-SP7 (aarch64 i586 ppc64le s390x x86_64):

flannel-0.28.7-bp157.2.12.1

- openSUSE Backports SLE-15-SP7 (noarch):

flannel-k8s-yaml-0.28.7-bp157.2.12.1

References

https://www.suse.com/security/cve/CVE-2026-33814.html

https://www.suse.com/security/cve/CVE-2026-39821.html

https://bugzilla.suse.com/1265780

https://bugzilla.suse.com/1266620

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2026:0239-1
Rating: important
Affected Products: openSUSE Backports SLE-15-SP7

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.