Overview

File _patchinfo of Package patchinfo.23978

<patchinfo incident="23978">
  <issue tracker="bnc" id="1156646">VUL-0: CVE-2019-18658: helm: commands that deal with loading a chart as a directory or packaging a chart provide an opportunity for a maliciously designed chart to include sensitive content such as /etc/passwd</issue>
  <issue tracker="bnc" id="1197728">FTBFS: helm-mirror won't compile on SP4</issue>
  <issue tracker="cve" id="2019-18658"/>
  <packager>pgajdos</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for helm-mirror</summary>
  <description>This update for helm-mirror fixes the following issues:

- Updated to version 0.3.1:
  - CVE-2019-18658: Fixed a potential symbolic link issue in helm that could be
    used to leak sensitive files (bsc#1156646).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places