Skip to content

apko

v1.2.12 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 23d Build & Package
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 1 known CVE

Topics

containers docker

ReleasePort's take

Light signal
editorial:auto 13d

The v1.2.12 release hardens CI against template injection and credential exposure.

Why it matters: Patch to v1.2.12 immediately to mitigate the identified CI security risks.

Summary

AI summary

Fixed CI template injection vulnerability and prevented credential exposure.

Changes in this release

Security Medium

Hardens CI against template injection and credential exposure

Hardens CI against template injection and credential exposure

Source: llm_adapter@2026-05-21

Confidence: low
Full changelog

Changelog

  • b7931baa8cd8aa1718dcea63208eacebb27148d9 build(deps): bump chainguard-dev/actions from 1.6.17 to 1.6.19 (#2219)
  • 34a75306b40ee67508c6ce6ee34e447dd1454fec fix(ci): harden against template injection and credential exposure (#2217)

Security Fixes

  • Harden against template injection and credential exposure in CI pipelines
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track apko

Get notified when new releases ship.

Sign up free

About apko

Build OCI images from APK packages directly without Dockerfile

All releases →

Related context

Beta — feedback welcome: [email protected]