Helm v3.10.3
v3.10.3
Helm v3.10.3 is a security (patch) release. Users are strongly recommended to update to this release.
While fuzz testing Helm, provided by the CNCF:
- a possible stack overflow was discovered with the strvals package. Stack overflow cannot be recovered from in Go. This can potentially be used to produce a denial of service (DOS) for SDK users. More details are available in the advisory.
- a possible segmentation violation was discovered with the repo package. Some segmentation violations cannot be recovered from in Go. This can potentially be used to produce a denial of service (DOS) for SDK users. More details are available in the advisory.
- a possible segmentation violation was discovered with the chartutil package. This can potentially be used to produce a denial of service (DOS) for SDK users. More details are available in the advisory
The community keeps growing, and we'd love to see you there!
- Join the discussion in Kubernetes Slack:
- for questions and just to hang out
- for discussing PRs, code, and bugs
- Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
- Test, debug, and contribute charts: ArtifactHub/packages
Installation and Upgrading
Download Helm v3.10.3. The common platform binaries are here:
- MacOS amd64 (checksum / 77a94ebd37eab4d14aceaf30a372348917830358430fcd7e09761eed69f08be5)
- MacOS arm64 (checksum / 4f3490654349d6fee8d4055862efdaaf9422eca1ffd2a15393394fd948ae3377)
- Linux amd64 (checksum / 950439759ece902157cf915b209b8d694e6f675eaab5099fb7894f30eeaee9a2)
- Linux arm (checksum / dca718eb68c72c51fc7157c4c2ebc8ce7ac79b95fc9355c5427ded99e913ec4c)
- Linux arm64 (checksum / 260cda5ff2ed5d01dd0fd6e7e09bc80126e00d8bdc55f3269d05129e32f6f99d)
- Linux i386 (checksum / 592e98a492cb782aa7cd67e9afad76e51cd68f5160367600fe542c2d96aa0ad4)
- Linux ppc64le (checksum / 93cdf398abc68e388d1b46d49d8e1197544930ecd3e81cc58d0a87a4579d60ed)
- Linux s390x (checksum / 6cfa0b9078221f980ef400dc40c95eb71be81d14fdf247ca55efedb068e1d4fa)
- Windows amd64 (checksum / 5d97aa26830c1cd6c520815255882f148040587fd7cdddb61ef66e4c081566e0)
This release was signed with F126 1BDE 9290 12C8 FF2E 501D 6EA5 D759 8529 A53E and can be found at @hickeyma keybase account. Please use the attached signatures for verifying this release using gpg.
The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.
What's Next
- 3.11.0 is the next feature release and will be on January 18, 2023.