This release keeps dependencies and maintenance posture current for teams operating this tool.
✓ No known CVEs patched in this version
Topics
Summary
AI summaryMinor fixes and improvements.
Changes in this release
| Type | Severity | Summary | CVE |
|---|---|---|---|
| Security | Medium |
Images verified for provenance (SLSA level 3) via security documentation. Images verified for provenance (SLSA level 3) via security documentation. Source: granite4.1:8b-q6_K@2026-05-20 Confidence: high |
— |
| Dependency | Medium |
Container images built on GitHub hosted runners and signed with cosign and GitHub OIDC. Container images built on GitHub hosted runners and signed with cosign and GitHub OIDC. Source: granite4.1:8b-q6_K@2026-05-20 Confidence: low |
— |
| Dependency | Low |
Container images support architectures linux/amd64, linux/arm64, and linux/arm/v7. Container images support architectures linux/amd64, linux/arm64, and linux/arm/v7. Source: granite4.1:30b@2026-05-20-audit Confidence: low |
— |
Full changelog
Changelog
Container images
docker.io/fluxcd/image-automation-controller:v1.1.4ghcr.io/fluxcd/image-automation-controller:v1.1.4
Supported architectures: linux/amd64, linux/arm64 and linux/arm/v7.
The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC.
To verify the images and their provenance (SLSA level 3), please see the security documentation.
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About image-automation-controller
GitOps Toolkit controller that patches container image tags in Git
Related context
Related tools
Beta — feedback welcome: [email protected]