SUSE: 2023:4124-1 Important: Helm Security Fix Moderate Threat

suse

October 19, 2023

* bsc#1183043 * bsc#1215588 * bsc#1215711 Cross-References:

Summary

## This update for helm fixes the following issues: helm was updated to version 3.13.1: * Fixing precedence issue with the import of values. * Add missing with clause to release gh action * FIX Default ServiceAccount yaml * fix(registry): unswallow error * remove useless print during prepareUpgrade * fix(registry): address anonymous pull issue * Fix missing run statement on release action * Write latest version to get.helm.sh bucket * Increased release information key name max length. helm was updated to version 3.13.0 (bsc#1215588): * Fix leaking goroutines in Install * Update Helm to use k8s 1.28.2 libraries * make the dependabot k8s.io group explicit * use dependabot's group support for k8s.io dependencies * doc:Executing helm rollback release 0 will roll back to the previous release

Topics Covered

security advisory critical issue important threat mitigation SUSE Linux helm container module

References

* bsc#1183043

* bsc#1215588

* bsc#1215711

Cross-

* CVE-2022-41723

* CVE-2023-25173

CVSS scores:

* CVE-2022-41723 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-41723 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2023-25173 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

* CVE-2023-25173 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Affected Products:

* Containers Module 15-SP4

* Containers Module 15-SP5

* SUSE Enterprise Storage 7.1

* SUSE Linux Enterprise Desktop 15 SP4

* SUSE Linux Enterprise Desktop 15 SP5

* SUSE Linux Enterprise High Performance Computing 15 SP3

* SUSE Linux Enterprise High Performance Computing 15 SP4

* SUSE Linux Enterprise High Performance Computing 15 SP5

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2023:4124-1

Rating: important

Topics Covered

security advisory critical issue important threat mitigation SUSE Linux helm container module

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

SUSE: 2023:4124-1 Important: Helm Security Fix Moderate Threat

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

SUSE: 2023:4124-1 Important: Helm Security Fix Moderate Threat

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!