Security update for helm (important)

An update that fixes two vulnerabilities is now available.

Description:

This update for helm fixes the following issues:

helm was updated to version 3.9.4:

• CVE-2022-36055: Fixed denial of service through string value parsing
  (bsc#1203054).
• Updating the certificates used for testing
• Updating index handling

helm was updated to version 3.9.3:

• CVE-2022-1996: Updated kube-openapi to fix an issue that could result in
  a CORS protection bypass (bsc#1200528).

• Fix missing array length check on release

helm was updated to version 3.9.2:

• Update of the circleci image

helm was updated to version 3.9.1:

• Update to support Kubernetes 1.24.2
• Improve logging and safety of statefulSetReady
• Make token caching an opt-in feature
• Bump github.com/lib/pq from 1.10.5 to 1.10.6
• Bump github.com/Masterminds/squirrel from 1.5.2 to 1.5.3

helm was updated to version 3.9.0:

• Added a --quiet flag to helm lint
• Added a --post-renderer-args flag to support arguments being passed to
  the post renderer
• Added more checks during the signing process
• Updated to add Kubernetes 1.24 support

helm was updated to version 3.8.2:

• Bump oras.land/oras-go from 1.1.0 to 1.1.1
• Fixing downloader plugin error handling
• Simplify testdata charts
• Simplify testdata charts
• Add tests for multi-level dependencies.
• Fix value precedence
• Bumping Kubernetes package versions
• Updating vcs to latest version
• Dont modify provided transport
• Pass http getter as pointer in tests
• Add docs block
• Add transport option and tests
• Reuse http transport
• Updating Kubernetes libs to 0.23.4 (latest)
• fix: remove deadcode
• fix: helm package tests
• fix: helm package with dependency update for charts with OCI dependencies
• Fix typo Unset the env var before func return in Unit Test
• add legal name check
• maint: fix syntax error in deploy.sh
• linting issue fixed
• only apply overwrite if version is canary
• overwrite flag added to az storage blob upload-batch
• Avoid querying for OCI tags can explicit version provided in chart
  dependencies
• Management of bearer tokens for tag listing
• Updating Kubernetes packages to 1.23.3
• refactor: use os.ReadDir for lightweight directory reading
• Add IngressClass to manifests to be (un)installed
• feat(comp): Shell completion for OCI
• Fix install memory/goroutine leak

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

• openSUSE Leap 15.4:

  zypper in -t patch openSUSE-SLE-15.4-2022-3666=1

• openSUSE Leap 15.3:

  zypper in -t patch openSUSE-SLE-15.3-2022-3666=1

• SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:

  zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-3666=1

• SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:

  zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-3666=1

• SUSE Linux Enterprise Module for Containers 15-SP4:

  zypper in -t patch SUSE-SLE-Module-Containers-15-SP4-2022-3666=1

• SUSE Linux Enterprise Module for Containers 15-SP3:

  zypper in -t patch SUSE-SLE-Module-Containers-15-SP3-2022-3666=1