SUSE-SU-2026:21952-1 Security update for helm

This update for helm fixes the following issues Security issues: - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265758. - CVE-2026-41888: github.com/distribution/distribution/v3: tag deletion bypasses the storage.delete.enabled...

GHSA-6PJF-3R9X-M592 Distribution's tag deletion bypasses `storage.delete.enabled` configuration

Summary Tag deletion via the DELETE /v2//manifests/ endpoint bypasses the storage.delete.enabled: false configuration, allowing any API client to remove tags from repositories even when the operator has explicitly disabled deletion. Details When storage.delete.enabled is configured to false,...

CVE-2015-3352

The Jammer module for Drupal is affected by CVE-2015-3352. A CSRF weakness in Jammer 6.x-1.x (before 6.x-1.8) and 7.x-1.x (before 7.x-1.4) lets an attacker cause an administrator to perform actions that delete settings for (1) hidden form elements or (2) status messages via the report administrat...