Dominique Leuenberger faf180a20e Accepting request 1345702 from Virtualization:containers ...

- update to 4.1.4 (CVE-2026-35204, CVE-2026-35205, CVE-2026-35206):
  Helm v4.1.4 is a security fix patch release. Users are encouraged
  to upgrade for the best experience.
  * Security fixes
    - GHSA-hr2v-4r36-88hr Helm Chart extraction output directory
      collapse via Chart.yaml name dot-segment
    - GHSA-q5jf-9vfq-h4h7 Plugin verification fails open when .prov
      is missing, allowing unsigned plugin install
    - GHSA-vmx8-mqv2-9gmg Path traversal in plugin metadata version
      enables arbitrary file write outside Helm plugin directory
  * Changelog
    - fix: Plugin missing provenance bypass 05fa379 (George
      Jenkins)
    - fix: Chart dot-name path bug 4e7994d (George Jenkins)
    - ignore error plugin loads (cli, getter) 2581943 (George
      Jenkins)
    - fix: Plugin version path traversal 36c8539 (George Jenkins)
    - fix: pin codeql-action/upload-sarif to commit SHA in
      scorecards workflow c61e086 (Terry Howe)

OBS-URL: https://build.opensuse.org/request/show/1345702
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/helm?expand=0&rev=100

2026-04-10 15:53:08 +00:00

_service

update to 4.1.4

2026-04-09 20:44:46 +00:00

_servicedata

update to 4.1.4

2026-04-09 20:44:46 +00:00

.gitattributes

update to 4.1.4

2026-04-09 20:44:46 +00:00

.gitignore

update to 4.1.4

2026-04-09 20:44:46 +00:00

helm-4.1.4.obscpio

update to 4.1.4

2026-04-09 20:44:46 +00:00

helm.changes

- update to 4.1.4 (CVE-2026-35204, CVE-2026-35205, CVE-2026-35206):

2026-04-09 20:46:57 +00:00

helm.obsinfo

update to 4.1.4

2026-04-09 20:44:46 +00:00

helm.spec

update to 4.1.4

2026-04-09 20:44:46 +00:00

vendor.tar.gz

update to 4.1.4

2026-04-09 20:44:46 +00:00

Description

No description provided

264 MiB

Languages

RPM Spec 100%