Alerts This Week
Warning Icon 1 485
Alerts This Week
Warning Icon 1 485

openSUSE Leap 16.0 Hauler Receives Important Update for CVE-2026-24122

opensuse
Calendar Grey May 4, 2026
Dist Opensuse Esm H88
Fix for a moderate issue in openSUSE hauler with CVE-2026-24122. Includes steps for installation and update.
An update that solves one vulnerability and has one bug fix can now be installed.

Description

This update for hauler fixes the following issues:

Changes in hauler:

- update to 1.4.2 (bsc#1258614, CVE-2026-24122):

* Bump github.com/theupdateframework/go-tuf/v2 from 2.3.0 to

2.3.1 in the go_modules group across 1 directory

* fix for new helm chart features

* Bump github.com/sigstore/rekor from 1.4.3 to 1.5.0 in the

go_modules group across 1 directory

* Bump github.com/sigstore/sigstore from 1.10.3 to 1.10.4 in

the go_modules group across 1 directory

* Bump github.com/theupdateframework/go-tuf/v2 from 2.3.1 to

2.4.1 in the go_modules group across 1 directory

* update cosign fork to 3.0.4 plus dep tidy

* fix: Fix file:// dependency chart path resolution

* update github.com/olekukonko/tablewriter to v1.1.2

* keep registry on image rewrite if not specified

* Bump github.com/theupdateframework/go-tuf/v2 from 2.3.1 to

2.4.1 in the go_modules group across 1 directory

* fix: handling of file referenced dependencies without

repository...

Read the Full Advisory

Patch

Package List

- openSUSE Leap 16.0:

hauler-1.4.2-bp160.1.1

References

* bsc#1258614

References:

* https://www.suse.com/security/cve/CVE-2026-24122.html

Announcement ID: openSUSE-SU-2026:20662-1
Rating: moderate
Affected Products: openSUSE Leap 16.0 -------------------------------------------------------------

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here