Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

SUSE Linux Micro 6.1: 2025:20278-1 important: helm security update

suse
Calendar Grey June 4, 2025
Dist Suse Esm H88
Crucial helm enhancements focusing on fortification and reliability in SUSE Linux Micro to guarantee robust defense against vulnerabilities.
* bsc#1219969 * bsc#1220207 * bsc#1234482 * bsc#1235318 * bsc#1238688

Summary

## This update for helm fixes the following issues: * Update to version 3.17.2 (bsc#1238688, CVE-2025-22870): * Updating to 0.37.0 for x/net * build(deps): bump the k8s-io group with 7 updates * Update to version 3.17.1: * merge null child chart objects * build(deps): bump the k8s-io group with 7 updates * fix: check group for resource info match * Update to 3.17.0 (bsc#1235318, CVE-2024-45338): Full changelog: https://github.com/helm/helm/releases/tag/v3.17.0 * Notable Changes * Allow pulling and installation by OCI digest * Annotations and dependencies are now in chart metadata output * New --take-ownership flag for install and upgrade commands * SDK: Authorizer and registry authorizer are now configurable * Removed the Kubernetes configuration file permissions check

Topics%20covered

Topics Covered

security advisory update important SUSE boost helm

References

* bsc#1219969

* bsc#1220207

* bsc#1234482

* bsc#1235318

* bsc#1238688

Cross-

* CVE-2024-25620

* CVE-2024-26147

* CVE-2024-45337

* CVE-2024-45338

* CVE-2025-22870

CVSS scores:

* CVE-2024-25620 ( SUSE ): 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

* CVE-2024-25620 ( NVD ): 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

* CVE-2024-25620 ( NVD ): 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

* CVE-2024-26147 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2024-26147 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2024-26147 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2024-45337 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-45337 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:20278-1
Release Date: 2025-04-22T13:48:50Z
Rating: important

Topics%20covered

Topics Covered

security advisory update important SUSE boost helm

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here