Detections
Analytics

openSUSE 16 Security Update : helmfile (openSUSE-SU-2025-20097-1)

high Nessus Plugin ID 277011

Language:

Synopsis

The remote openSUSE host is missing one or more security updates.

Description

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025-20097-1 advisory.

 Changes in helmfile:

 Update to version 1.1.9:

 * feat: update strategy for reinstall by @simbou2000 in #2019
 * build(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.88.7 to 1.89.0 by @dependabot[bot] in #2239
 * Fix: Handle empty helmBinary in base files with environment values by @Copilot in #2237

 Update to version 1.1.8:

 * build(deps): bump github.com/hashicorp/go-getter from 1.8.0 to 1.8.1 by @dependabot[bot] in #2194
 * fix typos in both comment and error message by @d-fal in #2199
 * cleanup disk in release ci by @yxxhero in #2203
 * Migrate AWS SDK from v1 to v2 to resolve deprecation warnings by @Copilot in #2202
 * build(deps): bump github.com/helmfile/vals from 0.42.1 to 0.42.2 by @dependabot[bot] in #2200
 * build(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.88.2 to 1.88.3 by @dependabot[bot] in #2206
 * Bump Alpine to 3.22 in Dockerfile by @orishamir in #2205
 * build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.31.10 to 1.31.12 by @dependabot[bot] in #2207
 * Add yq to Dockerfile by @orishamir in #2208
 * fix: skip chartify for build command jsonPatches by @sstarcher in #2212
 * build(deps): bump github.com/hashicorp/go-getter from 1.8.1 to 1.8.2 by @dependabot[bot] in #2210
 * build(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.88.3 to 1.88.4 by @dependabot[bot] in #2213
 * build(deps): bump golang.org/x/term from 0.35.0 to 0.36.0 by @dependabot[bot] in #2214
 * Avoid fetching same chart/version multiple times by @Copilot in #2197
 * build(deps): bump github.com/helmfile/vals from 0.42.2 to 0.42.4 by @dependabot[bot] in #2217
 * docs: add zread badge to README by @yxxhero in #2219
 * Bump helm-diff to v3.13.1 by @Copilot in #2223
 * build(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.88.4 to 1.88.5 by @dependabot[bot] in #2226
 * build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.31.12 to 1.31.13 by @dependabot[bot] in #2225
 * build(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.88.5 to 1.88.6 by @dependabot[bot] in #2230
 * build(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.88.6 to 1.88.7 by @dependabot[bot] in #2232
 * build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.31.13 to 1.31.15 by @dependabot[bot] in #2233
 * Fix helmBinary and kustomizeBinary being ignored when using bases by @Copilot in #2228

 Update to version 1.1.7:

 What's Changed

 * fix pflag error by @zhaque44 in #2164
 * build(deps): bump actions/setup-go from 5 to 6 by @dependabot[bot] in #2166
 * build(deps): bump github.com/hashicorp/go-getter from 1.7.9 to 1.7.10 by @dependabot[bot] in #2165
 * build(deps): bump github.com/spf13/pflag from 1.0.9 to 1.0.10 by @dependabot[bot] in #2163
 * Add helm diff installation to README by @nwneisen in #2170
 * build(deps): bump github.com/hashicorp/go-getter from 1.7.10 to 1.8.0 by @dependabot[bot] in #2175
 * build(deps): bump golang.org/x/term from 0.34.0 to 0.35.0 by @dependabot[bot] in #2174
 * build(deps): bump github.com/zclconf/go-cty from 1.16.4 to 1.17.0 by @dependabot[bot] in #2173
 * Fix panic when helm isn't installed by @nwneisen in #2169
 * build(deps): bump golang.org/x/sync from 0.16.0 to 0.17.0 by @dependabot[bot] in #2172
 * ci: update minikube and kubernetes versions by @yxxhero in #2181
 * build(deps): bump k8s.io/apimachinery from 0.34.0 to 0.34.1 by @dependabot[bot] in #2180
 * Remove deprecated --wait-retries flag support to fix Helm compatibility error by @Copilot in #2179
 * build(deps): bump go.yaml.in/yaml/v2 from 2.4.2 to 2.4.3 by @dependabot[bot] in #2183
 * build: update Helm to v3.19.0 across all components by @yxxhero in #2187
 * build: update helm-diff plugin to v3.13.0 by @yxxhero in #2189
 * feat: Implement caching for pulling OCI charts by @mustdiechik in #2171
 * build(deps): bump github.com/helmfile/chartify from 0.24.7 to 0.25.0 by @dependabot[bot] in #2190

 - Update to version 1.1.6:
 What's Changed
 * build(deps): bump github.com/hashicorp/go-getter from 1.7.8 to 1.7.9 by @dependabot[bot] in #2139
 * build(deps): bump github.com/zclconf/go-cty from 1.16.3 to 1.16.4 by @dependabot[bot] in #2145
 * build: update helm to v3.18.6 by @yxxhero in #2144
 * build(deps): bump github.com/stretchr/testify from 1.10.0 to 1.11.0 by @dependabot[bot] in #2150
 * Add missing --timeout flag to helmfile sync command with documentation by @Copilot in #2148
 * Fix enableDNS flag missing in diff command and refactor duplicate logic by @Copilot in #2147
 * build(deps): bump github.com/stretchr/testify from 1.11.0 to 1.11.1 by @dependabot[bot] in #2151
 * build(deps): bump github.com/ulikunitz/xz from 0.5.10 to 0.5.14 by @dependabot[bot] in #2154
 * Bump github.com/ulikunitz/xz from v0.5.14 to v0.5.15 by @Copilot in #2159
 * build(deps): bump github.com/helmfile/vals from 0.42.0 to 0.42.1 by @dependabot[bot] in #2161
 * build(deps): bump github.com/spf13/pflag from 1.0.7 to 1.0.9 by @dependabot[bot] in #2160
 * build(deps): bump github.com/spf13/cobra from 1.9.1 to 1.10.1 by @dependabot[bot] in #2162
 * Fix error propagation in helmfile diff when Kubernetes is unreachable by @Copilot in #2149

 - Update to version 1.1.5:
 What's Changed
 * build(deps): bump actions/checkout from 4 to 5 by @dependabot[bot] in #2128
 * Update recommended Helm versions in init.go and run.sh by @yxxhero in #2129
 * Add comprehensive .github/copilot-instructions.md for coding agents by @Copilot in #2131
 * refactor(state): extract getMissingFileHandler method for clarity by @yxxhero in #2133
 * Fix parseHelmVersion to handle helm versions without 'v' prefix by @Copilot in #2132
 * build(deps): bump k8s.io/apimachinery from 0.33.3 to 0.33.4 by @dependabot[bot] in #2136
 * build(deps): bump github.com/helmfile/chartify from 0.24.6 to 0.24.7 by @dependabot[bot] in #2135

 - Update to version 1.1.4:
 What's Changed
 * build(deps): bump github.com/helmfile/vals from 0.41.2 to 0.41.3 by @dependabot[bot] in #2100
 * build(deps): bump k8s.io/apimachinery from 0.33.2 to 0.33.3 by @dependabot[bot] in #2101
 * fix: update Helm version to v3.17.4 in CI and init.go by @yxxhero in #2102
 * build(deps): bump github.com/spf13/pflag from 1.0.6 to 1.0.7 by @dependabot[bot] in #2104
 * feat(state): add missingFileHandlerConfig and related logic by @yxxhero in #2105
 * refactor(filesystem): add CopyDir method and optimize Fetch function by @yxxhero in #2111
 * Allow caching of remote files to be disabled by @jess-sol in #2112
 * refactor(yaml): switch yaml library import paths from gopkg.in to go.yaml.in by @yxxhero in #2114
 * build(deps): bump actions/download-artifact from 4 to 5 by @dependabot[bot] in #2121
 * build(deps): bump golang.org/x/term from 0.33.0 to 0.34.0 by @dependabot[bot] in #2123

 - Update to version 1.1.3:
 What's Changed
 * build: update Helm to v3.18.3 and related dependencies by @yxxhero in #2082
 * Expose release version as .Release.ChartVersion for templating by @Simske in #2080
 * build(deps): bump github.com/helmfile/chartify from 0.24.3 to 0.24.4 by @dependabot[bot] in #2083
 * build(deps): bump k8s.io/apimachinery from 0.33.1 to 0.33.2 by @dependabot[bot] in #2086
 * build(deps): bump github.com/helmfile/chartify from 0.24.4 to 0.24.5 by @dependabot[bot] in #2087
 * build(deps): bump github.com/Masterminds/semver/v3 from 3.3.1 to 3.4.0 by @dependabot[bot] in #2089
 * build(deps): bump github.com/hashicorp/hcl/v2 from 2.23.0 to 2.24.0 by @dependabot[bot] in #2092
 * build: update Helm and plugin versions to v3.18.4 and v3.12.3 by @yxxhero in #2093
 * docs: update status section with May 2025 release information by @yxxhero in #2096
 * build(deps): bump golang.org/x/sync from 0.15.0 to 0.16.0 by @dependabot[bot] in #2099
 * build(deps): bump golang.org/x/term from 0.32.0 to 0.33.0 by @dependabot[bot] in #2098

 - Update to version 1.1.2:
 What's Changed
 * build(deps): bump github.com/helmfile/chartify from 0.24.2 to 0.24.3 by @dependabot in #2065
 * build: update Helm to v3.18.2 and adjust related configurations by @yxxhero in #2064
 * build(deps): bump github.com/helmfile/vals from 0.41.1 to 0.41.2 by @dependabot in #2067
 * build(deps): bump golang.org/x/sync from 0.14.0 to 0.15.0 by @dependabot in #2068
 * fix-insecure-flag by @anontrex in #2072
 * build(deps): bump github.com/cloudflare/circl from 1.4.0 to 1.6.1 by @dependabot in #2074
 * fix: update helm-diff to version 3.12.2 in CI and Dockerfiles by @yxxhero in #2073
 * fix: TestToYaml not working with 32-bit architectures by @ProbstDJakob in #2075

 - Update to version 1.1.1:
 What's Changed
 * Update README.md by @mumoshu in #2046
 * build(deps): bump github.com/helmfile/vals from 0.41.0 to 0.41.1 by @dependabot in #2048
 * build(helm) update to v3.18.0 by @yxxhero in #2044
 * build(deps): bump github.com/helmfile/chartify from 0.23.0 to 0.24.1 by @dependabot in #2049
 * build: update Helm and plugin versions in CI and Dockerfiles by @yxxhero in #2059

 - Update to version 1.1.0:
 What's Changed
 * chore: fix typo in create_test.go by @sadikkuzu in #2025
 * build(deps): bump golangci/golangci-lint-action from 7 to 8 by @dependabot in #2029
 * build(deps): bump golang.org/x/sync from 0.13.0 to 0.14.0 by @dependabot in #2028
 * build(deps): bump github.com/helmfile/chartify from 0.22.0 to 0.23.0 by @dependabot in #2027
 * chore: remove test data files by @yxxhero in #2026
 * build(deps): bump golang.org/x/term from 0.31.0 to 0.32.0 by @dependabot in #2033
 * build(deps): bump github.com/helmfile/vals from 0.40.1 to 0.41.0 by @dependabot in #2032
 * build(deps): bump dario.cat/mergo from 1.0.1 to 1.0.2 by @dependabot in #2035
 * feat(tmpl): enhance ToYaml test with multiple scenarios by @yxxhero in #2031
 * [sops, age] update to have SSH key support with sops by @itscaro in #2036
 * feat(yaml): add JSON style encoding option to NewEncoder by @yxxhero in #2038
 * refactor(yaml): upgrade from gopkg.in/yaml.v2 to v3 by @yxxhero in #2039
 * Update readme & documentation with 2025 status of helmfile project by @zhaque44 in #2040
 * build(deps): bump k8s.io/apimachinery from 0.33.0 to 0.33.1 by @dependabot in #2041
 * build(deps): bump github.com/zclconf/go-cty from 1.16.2 to 1.16.3 by @dependabot in #2043

 - Update to version 1.0.0:
 PLEASE READ https://github.com/helmfile/helmfile/blob/main/docs/proposals/towards-1.0.md

 What's Changed:
 * build(deps): bump github.com/helmfile/vals from 0.39.0 to 0.39.1 by @dependabot in #1926
 * Bump kubectl to current version (1.32.1) by @DerDaku in #1924
 * build(deps): bump github.com/goccy/go-yaml from 1.15.21 to 1.15.22 by @dependabot in #1925
 * build: update Helm to v3.17.1 and related dependencies by @yxxhero in #1928
 * build(deps): bump k8s.io/apimachinery from 0.32.1 to 0.32.2 by @dependabot in #1931
 * feat: inject cli state values (--state-values-set) into environment templating context by @Vince-Chenal in #1917
 * docs: add skipSchemaValidation to index.md and update related structs by @yxxhero in #1935
 * refactor(state): optimize HelmState flags handling by @yxxhero in #1937
 * Update vals package to v0.39.2 by @aditmeno in #1938
 * build(deps): bump github.com/spf13/cobra from 1.8.1 to 1.9.1 by @dependabot in #1940
 * build(deps): bump github.com/goccy/go-yaml from 1.15.22 to 1.15.23 by @dependabot in #1941
 * build(deps): bump github.com/helmfile/chartify from 0.20.8 to 0.20.9 by @dependabot in #1942
 * feat: colorized DELETED by @yurrriq in #1944
 * feat(docs): add proposal to remove charts and delete subcommands by @yxxhero in #1936
 * build(deps): bump github.com/google/go-cmp from 0.6.0 to 0.7.0 by @dependabot in #1945
 * build(deps): bump github.com/go-jose/go-jose/v4 from 4.0.4 to 4.0.5 by @dependabot in #1946
 * build: update golang version to 1.24 and golangci-lint to v1.64.5 by @yxxhero in #1949
 * build(deps): bump github.com/helmfile/vals from 0.39.2 to 0.39.3 by @dependabot in #1951
 * build(deps): bump github.com/helmfile/chartify from 0.20.9 to 0.21.0 by @dependabot in #1950
 * build(deps): bump golang.org/x/sync from 0.11.0 to 0.12.0 by @dependabot in #1955
 * build(deps): bump jinja2 from 3.1.5 to 3.1.6 in /docs by @dependabot in #1956
 * Don't warn if this and the needed release set installed: false by @jayme-github in #1958
 * build(deps): bump golang.org/x/term from 0.29.0 to 0.30.0 by @dependabot in #1959
 * Remove all v0.x references by @yxxhero in #1919
 * build(deps): bump k8s.io/apimachinery from 0.32.2 to 0.32.3 by @dependabot in #1960
 * build(deps): bump golang.org/x/net from 0.35.0 to 0.36.0 by @dependabot in #1961
 * build(deps): bump github.com/helmfile/vals from 0.39.3 to 0.39.4 by @dependabot in #1962
 * build: update Helm to v3.17.2 and related dependencies by @yxxhero in #1965
 * build: update yaml.v3 dependency and remove colega/go-yaml-yaml by @yxxhero in #1929
 * build(deps): bump github.com/containerd/containerd from 1.7.24 to 1.7.27 by @dependabot in #1966
 * build(deps): bump github.com/goccy/go-yaml from 1.15.23 to 1.16.0 by @dependabot in #1967
 * build(deps): bump github.com/golang-jwt/jwt/v5 from 5.2.1 to 5.2.2 by @dependabot in #1969
 * build(deps): bump github.com/golang-jwt/jwt/v4 from 4.5.1 to 4.5.2 by @dependabot in #1970
 * build(deps): bump golangci/golangci-lint-action from 6 to 7 by @dependabot in #1975
 * build(deps): bump github.com/helmfile/vals from 0.39.4 to 0.40.0 by @dependabot in #1978
 * build(deps): bump github.com/helmfile/chartify from 0.21.0 to 0.21.1 by @dependabot in #1979
 * docs(fix): correct typo in 'tier=fronted' to 'tier=frontend' by @yxxhero in #1980
 * feat: add labels for helm release by @yxxhero in #1046
 * build(deps): bump github.com/helmfile/vals from 0.40.0 to 0.40.1 by @dependabot in #1981
 * build(deps): bump github.com/goccy/go-yaml from 1.16.0 to 1.17.1 by @dependabot in #1982
 * fix: Check needs with context and namespace by @aarnq in #1986
 * build(deps): bump golang.org/x/sync from 0.12.0 to 0.13.0 by @dependabot in #1991
 * build(deps): bump golang.org/x/term from 0.30.0 to 0.31.0 by @dependabot in #1990
 * fix(state): enhance error message for missing .gotmpl extension in helmfile v1 by @yxxhero in #1989
 * build(deps): bump github.com/helmfile/chartify from 0.21.1 to 0.22.0 by @dependabot in #1996
 * build: update Helm plugin versions in CI and Dockerfiles by @yxxhero in #1995
 * build: update Helm to v3.17.3 and update related Dockerfiles by @yxxhero in #1993
 * build(deps): bump golang.org/x/net from 0.37.0 to 0.38.0 by @dependabot in #2010
 * feat: add helmfile archive configuration in goreleaser by @yxxhero in #2000
 * docs: add more complex examples section in README by @yxxhero in #2013
 * Feat: setting reuseValues flag in release by @blaskoa in #2004
 * build(deps): bump k8s.io/apimachinery from 0.32.3 to 0.32.4 by @dependabot in #2016
 * build(deps): bump github.com/aws/aws-sdk-go from 1.55.6 to 1.55.7 by @dependabot in #2015
 * chore: support parsing any type with fromYaml by @ProbstDJakob in #2017
 * build(deps): bump k8s.io/apimachinery from 0.32.4 to 0.33.0 by @dependabot in #2018
 * feat: add --take-ownership flag to helm diff and related config by @yxxhero in #1992

 - Update to version 0.171.0:
 * feat: execute templates against postRendererHooks by @allanger in #1839
 * build(deps): bump github.com/spf13/pflag from 1.0.5 to 1.0.6 by @dependabot in #1897
 * build(deps): bump github.com/goccy/go-yaml from 1.15.15 to 1.15.16 by @dependabot in #1901
 * build(deps): bump github.com/goccy/go-yaml from 1.15.16 to 1.15.17 by @dependabot in #1905
 * Use a regex to match --state-values-set-string arguments by @gllb in #1902
 * build(deps): bump golang.org/x/sync from 0.10.0 to 0.11.0 by @dependabot in #1911
 * Chartify v0.20.8 update by @scodeman in #1908
 * cleanup: remove all about v0.x by @yxxhero in #1903
 * build(deps): bump golang.org/x/term from 0.28.0 to 0.29.0 by @dependabot in #1913
 * chore: update babel to resolve CVEs by @zhaque44 in #1916
 * remove deprecated charts.yaml by @yxxhero in #1437
 * Revert cleanup: remove all about v0.x by @yxxhero in #1918
 * build(deps): bump github.com/goccy/go-yaml from 1.15.17 to 1.15.19 by @dependabot in #1920
 * build(deps): bump github.com/goccy/go-yaml from 1.15.19 to 1.15.20 by @dependabot in #1921
 * feat: Add support for --wait-retries flag. by @connyay in #1922
 * build: update go-yaml to v1.15.21 by @yxxhero in #1923

 - Update to version 0.170.1:
 * build(deps): bump github.com/goccy/go-yaml from 1.15.14 to 1.15.15 by @dependabot in #1882
 * build(deps): bump github.com/hashicorp/go-slug from 0.15.0 to 0.16.3 by @dependabot in #1886 (CVE-2025-0377)
 * Ensure 'helm repo add' is also not pollute on helmfile template by @baurmatt in #1887
 * build(deps): bump github.com/zclconf/go-cty from 1.16.1 to 1.16.2 by @dependabot in #1888
 * fix: using correct option for takeOwnership flag by @blaskoa in #1892
 * fix typo in docs by @adamab48 in #1889

 - Update to version 0.170.0:
 * build(deps): bump github.com/goccy/go-yaml from 1.15.6 to 1.15.7 by @dependabot in #1818
 * build(deps): bump golang.org/x/term from 0.26.0 to 0.27.0 by @dependabot in #1817
 * chore(doc): fix the indent of the selector usage sample yaml by @Ladicle in #1819
 * feat(state): add support for setString in ReleaseSpec and HelmState by @yxxhero in #1821
 * build(deps): bump github.com/goccy/go-yaml from 1.15.7 to 1.15.8 by @dependabot in #1822
 * test(state): add TestHelmState_setStringFlags for setStringFlags method by @yxxhero in #1823
 * build(deps): bump k8s.io/apimachinery from 0.31.3 to 0.31.4 by @dependabot in #1826
 * build(deps): bump golang.org/x/crypto from 0.29.0 to 0.31.0 by @dependabot in #1828
 * build(deps): bump github.com/goccy/go-yaml from 1.15.8 to 1.15.9 by @dependabot in #1831
 * build(deps): bump k8s.io/apimachinery from 0.31.4 to 0.32.0 by @dependabot in #1830
 * feat: updating sops version to 3.9.2 by @zhaque44 in #1834
 * build(deps): bump github.com/goccy/go-yaml from 1.15.9 to 1.15.10 by @dependabot in #1835
 * build(deps): bump helm.sh/helm/v3 from 3.16.3 to 3.16.4 by @dependabot in #1836
 * build: update Helm version to v3.16.4 in CI and Dockerfiles by @yxxhero in #1837
 * build(deps): bump github.com/goccy/go-yaml from 1.15.10 to 1.15.11 by @dependabot in #1838
 * build(deps): bump filippo.io/age from 1.2.0 to 1.2.1 by @dependabot in #1840
 * build(deps): bump github.com/goccy/go-yaml from 1.15.11 to 1.15.12 by @dependabot in #1843
 * build: update helm-diff to v3.9.13 in Dockerfiles and init.go by @yxxhero in #1841
 * build(deps): bump github.com/helmfile/chartify from 0.20.4 to 0.20.5 by @dependabot in #1845
 * build(deps): bump github.com/goccy/go-yaml from 1.15.12 to 1.15.13 by @dependabot in #1844
 * build(deps): bump jinja2 from 3.1.4 to 3.1.5 in /docs by @dependabot in #1846
 * CVE-2024-45338: updating golang.org/x/net: to version: v0.33.0 by @zhaque44 in #1849
 * build(deps): bump github.com/zclconf/go-cty from 1.15.1 to 1.16.0 by @dependabot in #1851
 * build(deps): bump golang.org/x/term from 0.27.0 to 0.28.0 by @dependabot in #1852
 * update sops versions to 3.9.3 by @zhaque44 in #1861
 * build(deps): bump github.com/hashicorp/go-getter from 1.7.6 to 1.7.7 by @dependabot in #1862
 * feat: add --take-ownership flag to apply and sync commands by @yxxhero in #1863
 * fix: ensure plain http is supported across all helmfile commands by @purpleclay in #1858
 * fix: ensure development versions of charts can be used across helmfile commands by @purpleclay in #1865
 * build(deps): bump github.com/helmfile/chartify from 0.20.5 to 0.20.6 by @dependabot in #1866
 * update kubectl version (1.30) to stay up to date with new releases by @zhaque44 in #1867
 * build(deps): bump github.com/zclconf/go-cty from 1.16.0 to 1.16.1 by @dependabot in #1870
 * build(deps): bump github.com/hashicorp/go-getter from 1.7.7 to 1.7.8 by @dependabot in #1869
 * feat: Add --no-hooks to helmfile template by @jwlai in #1813
 * update helm and k8s versions in ci, dockerfiles, and go.mod by @yxxhero in #1872
 * build(deps): bump github.com/helmfile/vals from 0.38.0 to 0.39.0 by @dependabot in #1876
 * build(deps): bump k8s.io/apimachinery from 0.32.0 to 0.32.1 by @dependabot in #1873
 * build(deps): bump github.com/goccy/go-yaml from 1.15.13 to 1.15.14 by @dependabot in #1874
 * build: update helm-diff to v3.9.14 in Dockerfiles and init.go by @yxxhero in #1877

 - Update to version 0.169.2:
 * build(deps): bump github.com/helmfile/vals from 0.37.6 to 0.37.7 by @dependabot in #1747
 * build(deps): bump k8s.io/apimachinery from 0.31.1 to 0.31.2 by @dependabot in #1754
 * Reset extra args before running 'dependency build' by @baurmatt in #1751
 * Introducing Helmfile Guru on Gurubase.io by @kursataktas in #1748
 * feat: add skip json schema validation during the install /upgrade of a Chart by @zhaque44 in #1737
 * fix(maputil): prevent nil value overwrite by @ban11111 in #1755
 * build(deps): bump github.com/goccy/go-yaml from 1.12.0 to 1.13.0 by @dependabot in #1759
 * fix: this url doesn't work anymore by @zekena2 in #1760
 * build(deps): bump github.com/goccy/go-yaml from 1.13.0 to 1.13.1 by @dependabot in #1762
 * build(deps): bump github.com/goccy/go-yaml from 1.13.1 to 1.13.2 by @dependabot in #1763
 * build(deps): bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1 by @dependabot in #1767
 * build(deps): bump github.com/helmfile/vals from 0.37.7 to 0.37.8 by @dependabot in #1764
 * build(deps): bump github.com/goccy/go-yaml from 1.13.2 to 1.13.4 by @dependabot in #1765
 * fix(integration-tests): read correct minikube status (#1768) by @ceriath in #1769
 * build(deps): bump github.com/goccy/go-yaml from 1.13.4 to 1.13.5 by @dependabot in #1770
 * Add integration tests for #1749 by @baurmatt in #1766
 * fix: update acme chart URL in input.yaml by @yxxhero in #1773
 * build(deps): bump github.com/goccy/go-yaml from 1.13.5 to 1.13.6 by @dependabot in #1771
 * build(deps): bump golang.org/x/sync from 0.8.0 to 0.9.0 by @dependabot in #1775
 * build(deps): bump golang.org/x/term from 0.25.0 to 0.26.0 by @dependabot in #1774
 * Revive dead badge links by @eggplants in #1776
 * feat: refactor label creation in state.go by @yxxhero in #1758
 * docs: Add Gurubase badge to README-zh_CN by @yxxhero in #1777
 * build(deps): bump github.com/goccy/go-yaml from 1.13.6 to 1.13.9 by @dependabot in #1781
 * build(deps): bump github.com/goccy/go-yaml from 1.13.9 to 1.14.0 by @dependabot in #1782
 * build(deps): bump github.com/goccy/go-yaml from 1.14.0 to 1.14.3 by @dependabot in #1788
 * build(deps): bump helm.sh/helm/v3 from 3.16.2 to 3.16.3 by @dependabot in #1786
 * fix: update helm-diff to version 3.9.12 in CI and Dockerfiles by @yxxhero in #1792
 * build: update Helm version to v3.16.3 in CI and Dockerfiles by @yxxhero in #1791
 * feat: add HELMFILE_INTERACTIVE env var to enable interactive mode by @thevops in #1787
 * build(deps): bump github.com/hashicorp/hcl/v2 from 2.22.0 to 2.23.0 by @dependabot in #1793
 * build(deps): bump github.com/Masterminds/semver/v3 from 3.3.0 to 3.3.1 by @dependabot in #1795
 * chore: update with testify/assert assertion and table driven tests for fs.go by @zhaque44 in #1794
 * build(deps): bump k8s.io/apimachinery from 0.31.2 to 0.31.3 by @dependabot in #1798
 * build(deps): bump github.com/stretchr/testify from 1.9.0 to 1.10.0 by @dependabot in #1800
 * build(deps): bump github.com/goccy/go-yaml from 1.14.3 to 1.15.0 by @dependabot in #1804
 * build(deps): bump github.com/goccy/go-yaml from 1.15.0 to 1.15.1 by @dependabot in #1807
 * build(deps): bump github.com/zclconf/go-cty from 1.15.0 to 1.15.1 by @dependabot in #1806
 * update example chart URL in remote-secrets doc by @daveneeley in #1809
 * build(deps): bump github.com/goccy/go-yaml from 1.15.1 to 1.15.3 by @dependabot in #1811
 * build(deps): bump github.com/goccy/go-yaml from 1.15.3 to 1.15.6 by @dependabot in #1812
 * fix: inject global values in Chartify by @xabufr in #1805
 * build(deps): bump github.com/helmfile/vals from 0.37.8 to 0.38.0 by @dependabot in #1814
 * build(deps): bump github.com/helmfile/chartify from 0.20.3 to 0.20.4 by @dependabot in #1815
 * build(deps): bump golang.org/x/sync from 0.9.0 to 0.10.0 by @dependabot in #1816

 - Update to version 0.169.1:
 * feat: update sops version to 3.9.1 by @zhaque44 in #1742
 * chore: improve test assertions and descriptions for file download test by @zhaque44 in #1745
 * feat: add 'hide-notes' flag to helm in sync and apply commands by @yxxhero in #1746

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected helmfile, helmfile-bash-completion, helmfile-fish-completion and / or helmfile-zsh-completion packages.

See Also

https://www.suse.com/security/cve/CVE-2024-45338

https://www.suse.com/security/cve/CVE-2025-0377

Plugin Details

Severity: High

ID: 277011

File Name: openSUSE-2025-20097-1.nasl

Version: 1.1

Type: local

Agent: unix

Published: 12/2/2025

Updated: 12/2/2025

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.0

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

CVSS Score Source: CVE-2025-0377

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

CVSS v4

Risk Factor: High

Base Score: 8.7

Threat Score: 6.6

Threat Vector: CVSS:4.0/E:U

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

CVSS Score Source: CVE-2024-45338

Vulnerability Information

CPE: cpe:/o:novell:opensuse:16.0, p-cpe:/a:novell:opensuse:helmfile-bash-completion, p-cpe:/a:novell:opensuse:helmfile-zsh-completion, p-cpe:/a:novell:opensuse:helmfile-fish-completion, p-cpe:/a:novell:opensuse:helmfile

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 11/26/2025

Vulnerability Publication Date: 12/18/2024

Reference Information

CVE: CVE-2024-45338, CVE-2025-0377