folkslinux
/
CBL-Mariner
mirror of https://github.com/microsoft/CBL-Mariner.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

helm: update version 3.13.2 -> 3.14.0 to address CVE-2023-44487 (#7419) 

AUTO-CHERRYPICK of PR: #7359 

Changelog: https://github.com/helm/helm/releases/tag/v3.14.0
Co-authored-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
This commit is contained in:
CBL-Mariner-Bot 2024-01-23 22:41:42 -08:00 committed by GitHub
parent 680c185448
commit bdd30f7fbf
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 8 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
SPECS/helm/helm.signatures.json
View File

@ -1,6 +1,6 @@
{
"Signatures": {
"helm-3.13.2-vendor.tar.gz": "0b832480c492ca47190d8ad36953e20447b4276f3f4fa7a1d3ec4aca4db1d036",
"helm-3.13.2.tar.gz": "f67a5af5a08d9aec06c46c6eade8e742d3bb9cc6df195fd825deb48df9eb9c0b"
"helm-3.14.0-vendor.tar.gz": "1118bf4d91fb175a66d523e419e820d06e6eda4d654e6d3b78e77cab5304c98f",
"helm-3.14.0.tar.gz": "8897a9cf1733b4fc96630bbd677a3c884209afc974b630ecd28061e2a4546ea6"
}
}

5
SPECS/helm/helm.spec
View File

@ -1,7 +1,7 @@
%global debug_package %{nil}
Name: helm
Version: 3.13.2
Version: 3.14.0
Release: 1%{?dist}
Summary: The Kubernetes Package Manager
Group: Applications/Networking
@ -55,6 +55,9 @@ install -m 755 ./helm %{buildroot}%{_bindir}
go test -v ./cmd/helm
%changelog
* Fri Jan 19 2024 Muhammad Falak <mwani@microsoft.com> - 3.14.0-1
- Bump version to address CVE-2023-44487
* Thu Nov 30 2023 Sindhu Karri <lakarri@microsoft.com> - 3.13.2-1
- Upgrade to 3.13.2 to fix CVE-2023-2253, CVE-2023-28840, CVE-2022-27664, CVE-2022-41721, CVE-2022-41723, CVE-2023-39325, CVE-2022-32149, GHSA-m425-mq94-257g, CVE-2022-23471, CVE-2023-25153, CVE-2023-25173, GHSA-6xv5-86q9-7xr8, CVE-2023-28841, CVE-2023-28842, GHSA-jq35-85cj-fj4p, CVE-2023-3978, CVE-2023-44487, CVE-2023-44487, CVE-2023-25165
- Remove dependency on golang version <= 1.18.8. Builds with latest golang version 1.20.10

4
cgmanifest.json
View File

@ -5240,8 +5240,8 @@
"type": "other",
"other": {
"name": "helm",
"version": "3.13.2",
"downloadUrl": "https://github.com/helm/helm/archive/v3.13.2.tar.gz"
"version": "3.14.0",
"downloadUrl": "https://github.com/helm/helm/archive/v3.14.0.tar.gz"
}
}
},