Overview

File _patchinfo of Package patchinfo.27250

<patchinfo incident="27250">
  <issue tracker="bnc" id="1206469">VUL-0: CVE-2022-23525: helm,helm3: Denial of service through through repository index file</issue>
  <issue tracker="bnc" id="1181419">VUL-0: CVE-2021-21272: oras: zip-slip vulnerability</issue>
  <issue tracker="bnc" id="1206471">VUL-0: CVE-2022-23526: helm,helm3: Denial of service through schema file</issue>
  <issue tracker="bnc" id="1206467">VUL-0: CVE-2022-23524: helm3,helm: Denial of service through string value parsing</issue>
  <issue tracker="cve" id="2022-23526"/>
  <issue tracker="cve" id="2022-1996"/>
  <issue tracker="cve" id="2022-23524"/>
  <issue tracker="cve" id="2022-23525"/>
  <issue tracker="cve" id="2021-21272"/>
  <packager>dirkmueller</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for helm</summary>
  <description>This update for helm fixes the following issues:

Update to version 3.10.3:

- CVE-2022-23524: Fixed a denial of service in the string value parsing (bsc#1206467).
- CVE-2022-23525: Fixed a denial of service with the repository index file (bsc#1206469).
- CVE-2022-23526: Fixed a denial of service in the schema file handling (bsc#1206471).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places