This update for hauler fixes the following issues:
Changes in hauler:
- update to 1.4.2 (bsc#1258614, CVE-2026-24122):
* Bump github.com/theupdateframework/go-tuf/v2 from 2.3.0 to
2.3.1 in the go_modules group across 1 directory
* fix for new helm chart features
* Bump github.com/sigstore/rekor from 1.4.3 to 1.5.0 in the
go_modules group across 1 directory
* Bump github.com/sigstore/sigstore from 1.10.3 to 1.10.4 in
the go_modules group across 1 directory
* Bump github.com/theupdateframework/go-tuf/v2 from 2.3.1 to
2.4.1 in the go_modules group across 1 directory
* update cosign fork to 3.0.4 plus dep tidy
* fix: Fix file:// dependency chart path resolution
* update github.com/olekukonko/tablewriter to v1.1.2
* keep registry on image rewrite if not specified
* Bump github.com/theupdateframework/go-tuf/v2 from 2.3.1 to
2.4.1 in the go_modules group across 1 directory
* fix: handling of file referenced dependencies without
repository...
Read the Full Advisory- openSUSE Leap 16.0:
hauler-1.4.2-bp160.1.1
* bsc#1258614
References:
* https://www.suse.com/security/cve/CVE-2026-24122.html
Get the latest Linux and open source security news straight to your inbox.