From 949d6061c8bdfdaba19cc6644af680f50ace1730 Mon Sep 17 00:00:00 2001 From: TrueCharts Bot Date: Sat, 14 Mar 2026 03:13:39 +0100 Subject: [PATCH] =?UTF-8?q?fix(sftpgo):=20update=20image=20ghcr.io/drakkan?= =?UTF-8?q?/sftpgo=20v2.7.0=20=E2=86=92=20v2.7.1=20(#46030)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/drakkan/sftpgo](https://redirect.github.com/drakkan/sftpgo) | patch | `f31c63e` → `036a669` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes
drakkan/sftpgo (ghcr.io/drakkan/sftpgo) ### [`v2.7.1`](https://redirect.github.com/drakkan/sftpgo/releases/tag/v2.7.1) [Compare Source](https://redirect.github.com/drakkan/sftpgo/compare/v2.7.0...v2.7.1) ##### New features - SFTPD: Added support for [OpenPubkey SSH](https://redirect.github.com/openpubkey/opkssh), enabling tighter integration between OpenID Connect and SFTP. ##### Bug fixes - Enforced password validation rules also when applied through a group. - Fixed an issue where JSON dumps containing command actions failed to load correctly at startup when loaded as initial data. - Data Provider: Fixed lock handling issues during migrations that could affect MySQL when migrations are executed concurrently by multiple instances. ##### Security fixes - Fixed a potential path traversal and permission bypass involving specially crafted paths. [CVE-2026-30914](https://redirect.github.com/drakkan/sftpgo/security/advisories/GHSA-m83q-5wr4-4gfp). - Fixed placeholder sanitization in group home directories and key prefixes. [CVE-2026-30915](https://redirect.github.com/drakkan/sftpgo/security/advisories/GHSA-m83q-5wr4-4gfp). ##### Backward incompatible changes - Unified path handling: Prior to this release, the backslash character (`\`) was treated differently depending on the host operating system: on Linux, it was considered a standard character within a file or directory name, while on Windows, it acted as a path separator. We have now unified path handling across all platforms. Moving forward, both forward slashes (`/`) and backslashes (`\`) are strictly evaluated as path separators, independently of the underlying OS.
--- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). --- charts/stable/sftpgo/Chart.yaml | 4 ++-- charts/stable/sftpgo/values.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/stable/sftpgo/Chart.yaml b/charts/stable/sftpgo/Chart.yaml index ddd6bb20bcc..657ae66d67f 100644 --- a/charts/stable/sftpgo/Chart.yaml +++ b/charts/stable/sftpgo/Chart.yaml @@ -14,7 +14,7 @@ annotations: trueforge.org/min_helm_version: "3.14" trueforge.org/train: stable apiVersion: v2 -appVersion: 2.7.0 +appVersion: 2.7.1 dependencies: - name: common version: 28.33.4 @@ -41,5 +41,5 @@ sources: - https://github.com/drakkan/sftpgo - https://github.com/trueforge-org/truecharts/tree/master/charts/stable/sftpgo type: application -version: 9.18.2 +version: 9.18.3 diff --git a/charts/stable/sftpgo/values.yaml b/charts/stable/sftpgo/values.yaml index 59e7cd06bcb..0de92f88b36 100644 --- a/charts/stable/sftpgo/values.yaml +++ b/charts/stable/sftpgo/values.yaml @@ -2,7 +2,7 @@ image: pullPolicy: IfNotPresent repository: ghcr.io/drakkan/sftpgo - tag: v2.7.0-plugins@sha256:f31c63ecbb1633126010d0fc16d60cab0621a6e586ef3e7cabc4cc43990abf01 + tag: v2.7.1-plugins@sha256:036a6695a13e227300f2728ee98d62f5ad18d78495173bca1a1450278f1f783f securityContext: container: runAsNonRoot: false