Helm - v3.9.4

Security

Helm v3.9.4 is a security (patch) release. Users are strongly recommended to update to this release.

While fuzz testing Helm, provided by the CNCF, a possible out of memory panic was discovered with the strvals package. Out of memory panics cannot be recovered from in Go. This can potentially be used to produce a denial of service (DOS). More details are available in the advisory.

The community keeps growing, and we'd love to see you there!

  • Join the discussion in Kubernetes Slack:
  • for questions and just to hang out
  • for discussing PRs, code, and bugs
  • Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
  • Test, debug, and contribute charts: ArtifactHub/packages

Installation and Upgrading

Download Helm v3.9.4. The common platform binaries are here:

This release was signed with 672C 657B E06B 4B30 969C 4A57 4614 49C2 5E36 B98E and can be found at @mattfarina keybase account. Please use the attached signatures for verifying this release using gpg.

The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.

What's Next

  • 3.10.0 is the next feature release and will be on September 14, 2022

Security

Security wording was detected, but no CVEs were found.

Details

date
Aug. 24, 2022, 8 p.m.
name
Helm 3.9.4
type
Patch
official page
https://github.com/helm/helm/releases/tag/v3.9.4
👇
Register or login to:
  • 🔍View and search all Helm releases.
  • 🛠️Create and share lists to track your tools.
  • 🚨Setup notifications for major, security, feature or patch updates.
  • 🚀Much more coming soon!
Continue with GitHub
Continue with Google
or