From 493dcf0e15ebf2a059fc93618e06a7f654df26c8 Mon Sep 17 00:00:00 2001 From: Michael Zalimeni Date: Fri, 16 Feb 2024 09:45:08 -0500 Subject: [PATCH] Add changelog --- .changelog/3625.txt | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 .changelog/3625.txt diff --git a/.changelog/3625.txt b/.changelog/3625.txt new file mode 100644 index 0000000000..d88070d79d --- /dev/null +++ b/.changelog/3625.txt @@ -0,0 +1,19 @@ +```release-note:security +Upgrade `helm/v3` to 3.11.3. This resolves the following security vulnerabilities: +[CVE-2023-25165](https://osv.dev/vulnerability/CVE-2023-25165) +[CVE-2022-23524](https://osv.dev/vulnerability/CVE-2022-23524) +[CVE-2022-23526](https://osv.dev/vulnerability/CVE-2022-23526) +[CVE-2022-23525](https://osv.dev/vulnerability/CVE-2022-23525) +``` +```release-note:security +security: upgrade containerd to 1.7.13 (latest) to resolve [GHSA-7ww5-4wqc-m92c](https://osv.dev/vulnerability/GO-2023-2412). +``` +```release-note:security +Upgrade docker/docker to 25.0.3+incompatible (latest) to resolve [GHSA-jq35-85cj-fj4p](https://osv.dev/vulnerability/GHSA-jq35-85cj-fj4p). +``` +```release-note:security +Upgrade docker/distribution to 2.8.3+incompatible (latest) to resolve [CVE-2023-2253](https://osv.dev/vulnerability/CVE-2023-2253). +``` +```release-note:security +Upgrade filepath-securejoin to 0.2.4 (latest) to resolve [GO-2023-2048](https://osv.dev/vulnerability/GO-2023-2048). +```