From ede2f1a00447f9d4cb9028db3497ff361b6139c2 Mon Sep 17 00:00:00 2001
From: Vasil Sudakov <vasil.sudakov@octopus.com>
Date: Thu, 18 Jun 2026 14:23:29 +0400
Subject: [PATCH] fix: various security vulnerabilities

---
 charts/codefresh/values.yaml | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/charts/codefresh/values.yaml b/charts/codefresh/values.yaml
index 3f3466b60..b377f4280 100644
--- a/charts/codefresh/values.yaml
+++ b/charts/codefresh/values.yaml
@@ -14,7 +14,7 @@ gencerts:
   image:
     registry: us-docker.pkg.dev/codefresh-inc/public-gcr-io
     repository: codefresh/kubectl
-    tag: 1.35.4
+    tag: 1.35.5
   rbac:
     enabled: true
   ttlSecondsAfterFinished: 300
@@ -492,7 +492,7 @@ hooks:
     image:
       registry: us-docker.pkg.dev/codefresh-inc/public-gcr-io
       repository: codefresh/kubectl
-      tag: 1.35.4
+      tag: 1.35.5
     affinity: {}
     nodeSelector: {}
     podSecurityContext: {}
@@ -534,13 +534,13 @@ postgresqlCleanJob:
 # -- runtimeImages
 # @default -- See below
 runtimeImages:
-  COMPOSE_IMAGE: quay.io/codefresh/compose:v5.1.4-1.6.5@sha256:4e92b2a8b9c6ff38dfae4245849a88ea27e74e5c7cd4b6a5a089d29dbb832b94
+  COMPOSE_IMAGE: quay.io/codefresh/compose:v5.1.4-1.6.6@sha256:62085a63c8452b1d3208c002051e89685499ff8372524b9ffaca4a3ef9b534c0
   CONTAINER_LOGGER_IMAGE: quay.io/codefresh/cf-container-logger:2.0.17@sha256:abef98caa641c974c59862307568d3436ab7d2ceb858a5d1c5e86b0764dc19eb
-  DIND_IMAGE: quay.io/codefresh/dind:29.5.2-3.0.16@sha256:b3966b621e9d3dcfbbc31b7ae3ba32327f5a0dc3fb0ea082449567ba5ed3502a
-  DOCKER_BUILDER_IMAGE: quay.io/codefresh/cf-docker-builder:1.6.1@sha256:817ebca78533e0bc3fd35e8c4498979fdd2f5435616ef0f2d495b94f8873563a
+  DIND_IMAGE: quay.io/codefresh/dind:29.5.3-3.0.17@sha256:a12a681c80cb619d5ea557f5873401eecae742bf108833cc8c69feabf8668e0f
+  DOCKER_BUILDER_IMAGE: quay.io/codefresh/cf-docker-builder:1.6.2@sha256:c50dc2797b7795314dfe1102494b3c474a5d463ed276a05b7ebfd4419451be45
   DOCKER_PULLER_IMAGE: quay.io/codefresh/cf-docker-puller:8.0.28@sha256:332cbc021029c1e8dccd7e90ce47832a2066b67ed4fc4c94e072b267ab44d72b
   DOCKER_PUSHER_IMAGE: quay.io/codefresh/cf-docker-pusher:6.0.27@sha256:c31fb1facbccbcc4f48b669f168acc96cd695dfbabb5dea7b95af24a4b29aef2
-  ENGINE_IMAGE: quay.io/codefresh/engine:3.2.11@sha256:2d4d9f74b41a66c770569eeb320abf041d226007ae749848de6c97a450618aab
+  ENGINE_IMAGE: quay.io/codefresh/engine:3.2.14@sha256:739ee01e0aa22270c9f6a0f3cca733548b6be5a158fcfa3c4de1227dc696cfcc
   FS_OPS_IMAGE: quay.io/codefresh/fs-ops:1.2.13@sha256:1f7ab2fddb3b8bb4153046261367e296c6c9ac3b224f48cd2028371a9f0e2bcf
   GIT_CLONE_IMAGE: quay.io/codefresh/cf-git-cloner:10.3.12@sha256:b820e97c9f40ee6dd6616168deeb90d6b2e969a9c0cd13ce4843692d8676676c
   KUBE_DEPLOY: quay.io/codefresh/cf-deploy-kubernetes:18.0.1@sha256:b48c83479464e7d5b1fc0e46c7a310557823b5908f0024a5146086ab40e33706
@@ -1316,7 +1316,7 @@ builder:
     image:
       registry: quay.io
       repository: codefresh/dind
-      tag: 29.5.2-3.0.16
+      tag: 29.5.3-3.0.17
   affinity: {}
   nodeSelector: {}
   podSecurityContext: {}