[SUSE-SU-2022:0751-1] Security Beta update for SUSE Manager Client Tools
Severity
Moderate
CVEs
12
Security Beta update for SUSE Manager Client Tools
This security update fixes the following issues:
golang-github-prometheus-prometheus:
- Upgrade to upstream version 2.32.1 (jsc#SLE-22863)
- Bugfixes:
- Scrape: Fix reporting metrics when sample limit is reached during the report. #9996
- Scrape: Ensure that scrape interval and scrape timeout are always set. #10023
- TSDB: Expose and fix bug in iterators' Seek() method. #10030
- Upgrade to upstream version 2.32.0
- Change:
- remote-write: Change default max retry time from 100ms to 5 seconds. #9634
- Features:
- Agent: New mode of operation optimized for remote-write only scenarios, without local storage.
- Promtool: Add promtool check service-discovery command. #8970
- Enhancements:
- Promtool: Improve test output. #8064
- Promtool: Use kahan summation for better numerical stability.
- Remote-write: Reuse memory for marshalling. #9412
- Scrape: Add scrape_body_size_bytes scrape metric behind the --enable-feature=extra-scrape-metrics flag. #9569
- TSDB: Add windows arm64 support. #9703
- TSDB: Optimize query by skipping unneeded sorting in TSDB.
- Templates: Support int and uint as datatypes for template formatting. #9680
- UI: Prefer rate over rad, delta over deg, and count over cos in autocomplete. #9688
- TSDB: Add more size checks when writing individual sections in the index. #9710
- PromQL: Make deriv() return zero values for constant series.
- TSDB: Fix panic when checkpoint directory is empty. #9687
- TSDB: Fix panic, out of order chunks, and race warning during WAL replay. #9856
- UI: Correctly render links for targets with IPv6 addresses that contain a Zone ID. #9853
- Promtool: Fix checking of authorization.credentials_file and bearer_token_file fields. #9883
- Uyuni SD: Fix null pointer exception during initialization.
- TSDB: Fix queries after a failed snapshot replay. #9980
- Upgrade to upstream version 2.31.1
- Bugfix:
- SD: Fix a panic when the experimental discovery manager receives targets during a reload. #9656
- Upgrade to upstream version 2.31.0
- UI: Remove standard PromQL editor in favour of the codemirror-based editor. #9452
- PromQL: Add trigonometric functions and atan2 binary operator. #9239 #9248 #9515
- Remote: Add support for exemplar in the remote write receiver endpoint. #9319 #9414
- SD: Add PuppetDB service discovery. #8883
- SD: Add Uyuni service discovery. #8190
- Web: Add support for security-related HTTP headers. #9546
- Azure SD: Add proxy_url, follow_redirects, tls_config. #9267
- Backfill: Add --max-block-duration in promtool create-blocks-from rules. #9511
- Config: Print human-readable sizes with unit instead of raw numbers. #9361
- HTTP: Re-enable HTTP/2. #9398
- Kubernetes SD: Warn user if number of endpoints exceeds limit. #9467
- OAuth2: Add TLS configuration to token requests. #9550
- PromQL: Several optimizations. #9365 #9360 #9362 #9552
- PromQL: Make aggregations deterministic in instant queries.
- Rules: Add the ability to limit number of alerts or series.
- SD: Experimental discovery manager to avoid restarts upon reload.
- UI: Debounce timerange setting changes. #9359
- Backfill: Apply rule labels after query labels. #9421
- Scrape: Resolve conflicts between multiple exported label prefixes. #9479 #9518
- Scrape: Restart scrape loops when scrape_interval is changed. #9551
- TSDB: Fix memory leak in samples deletion. #9151
- UI: Use consistent margin-bottom for all alert kinds. #9318
- Upgrade to upstream version 2.30.3
- TSDB: Fix panic on failed snapshot replay. #9438
- TSDB: Don't fail snapshot replay with exemplar storage disabled when the snapshot contains exemplars. #9438
- Upgrade to upstream version 2.30.2
- TSDB: Don't error on overlapping m-mapped chunks during WAL replay. #9381
- Upgrade to upstream version 2.30.1
- Remote Write: Redact remote write URL when used for metric label. #9383
- UI: Redact remote write URL and proxy URL passwords in the /config page. #9408
- promtool rules backfill: Prevent creation of data before the start time. #9339
- promtool rules backfill: Do not query after the end time.
- Azure SD: Fix panic when no computername is set. #9387
- Upgrade to upstream version 2.30.0
- experimental TSDB: Snapshot in-memory chunks on shutdown for faster restarts. #7229
- experimental Scrape: Configure scrape interval and scrape timeout via relabeling using scrape_interval and scrape_timeout labels respectively. #8911
- Scrape: Add scrape_timeout_seconds and scrape_sample_limit metric. #9247 #9295
- Scrape: Add --scrape.timestamp-tolerance flag to adjust scrape timestamp tolerance when enabled via --scrape.adjust-timestamps. #9283
- Remote Write: Improve throughput when sending exemplars.
- TSDB: Optimise WAL loading by removing extra map and caching min-time #9160
- promtool: Speed up checking for duplicate rules. #9262/#9306
- Scrape: Reduce allocations when parsing the metrics. #9299
- docker_sd: Support host network mode #9125
- Exemplars: Fix panic when resizing exemplar storage from 0 to a non-zero size. #9286
- TSDB: Correctly decrement prometheus_tsdb_head_active_appenders when the append has no samples. #9230
- promtool rules backfill: Return 1 if backfill was unsuccessful. #9303
- promtool rules backfill: Avoid creation of overlapping blocks. #9324
- config: Fix a panic when reloading configuration with a null relabel action. #9224
- Upgrade to upstream version 2.29.2
- Fix Kubernetes SD failing to discover Ingress in Kubernetes v1.22. #9205
- Fix data race in loading write-ahead-log (WAL). #9259
- Upgrade to upstream version 2.29.1
- TSDB: align atomically accessed int64 to prevent panic in 32-bit archs. #9192
- Upgrade to upstream version 2.29.0
- Changes:
- Promote --storage.tsdb.allow-overlapping-blocks flag to stable. #9117
- Promote --storage.tsdb.retention.size flag to stable. #9004
- Add Kuma service discovery. #8844
- Add present_over_time PromQL function. #9097
- Allow configuring exemplar storage via file and make it reloadable. #8974
- UI: Allow selecting time range with mouse drag. #8977
- promtool: Add feature flags flag --enable-feature. #8958
- promtool: Add file_sd file validation. #8950
- Reduce blocking of outgoing remote write requests from series garbage collection. #9109
- Improve write-ahead-log decoding performance. #9106
- Improve append performance in TSDB by reducing mutexes usage.
- Allow configuring max_samples_per_send for remote write metadata. #8959
- Add __meta_gce_interface_ipv4_<name> meta label to GCE discovery. #8978
- Add __meta_ec2_availability_zone_id meta label to EC2 discovery. #8896
- Add __meta_azure_machine_computer_name meta label to Azure discovery. #9112
- Add __meta_hetzner_hcloud_labelpresent_<labelname> meta label to Hetzner discovery. #9028
- promtool: Add compaction efficiency to promtool tsdb analyze reports. #8940
- promtool: Allow configuring max block duration for backfilling via --max-block-duration flag. #8919
- UI: Add sorting and filtering to flags page. #8988
- UI: Improve alerts page rendering performance. #9005
- Log when total symbol size exceeds 232 bytes, causing compaction to fail, and skip compaction. #9104
- Fix incorrect target_limit reloading of zero value. #9120
- Fix head GC and pending readers race condition. #9081
- Fix timestamp handling in OpenMetrics parser. #9008
- Fix potential duplicate metrics in /federate endpoint when specifying multiple matchers. #8885
- Fix server configuration and validation for authentication via client cert. #9123
- Allow start and end again as label names in PromQL queries. They were disallowed since the introduction of @ timestamp feature. #9119
- Upgrade to upstream version 2.28.1
- HTTP SD: Allow charset specification in Content-Type header.
- HTTP SD: Fix handling of disappeared target groups. #9019
- Fix incorrect log-level handling after moving to go-kit/log.
- Upgrade to upstream version 2.28.0
- UI: Make the new experimental PromQL editor the default.
- Linode SD: Add Linode service discovery. #8846
- HTTP SD: Add generic HTTP-based service discovery. #8839
- Kubernetes SD: Allow configuring API Server access via a kubeconfig file. #8811
- UI: Add exemplar display support to the graphing interface.
- Consul SD: Add namespace support for Consul Enterprise. #8900
- Promtool: Allow silencing output when importing / backfilling data. #8917
- Consul SD: Support reading tokens from file. #8926
- Rules: Add a new .ExternalURL alert field templating variable, containing the external URL of the Prometheus server. #8878
- Scrape: Add experimental body_size_limit scrape configuration setting to limit the allowed response body size for target scrapes. #8833 #8886
- Kubernetes SD: Add ingress class name label for ingress discovery. #8916
- UI: Show a startup screen with progress bar when the TSDB is not ready yet. #8662 #8908 #8909 #8946
- SD: Add a target creation failure counter prometheus_target_sync_failed_total and improve target creation failure handling. #8786
- TSDB: Improve validation of exemplar label set length. #8816
- TSDB: Add a prometheus_tsdb_clean_start metric that indicates whether a TSDB lockfile from a previous run still existed upon startup. #8824
- UI: In the experimental PromQL editor, fix autocompletion and parsing for special float values and improve series metadata fetching. #8856
- TSDB: When merging chunks, split resulting chunks if they would contain more than the maximum of 120 samples. #8582
- SD: Fix the computation of the prometheus_sd_discovered_targets metric when using multiple service discoveries. #8828
- Added hardening to systemd service(s) (bsc#1181400). Modified:
grafana:
- Update to version 8.3.5 (jsc#SLE-23439, jsc#SLE-23422)
- Security:
- Fixes XSS vulnerability in handling data sources (bsc#1195726, CVE-2022-21702)
- Fixes cross-origin request forgery vulnerability (bsc#1195727, CVE-2022-21703)
- Fixes Insecure Direct Object Reference vulnerability in Teams API (bsc#1195728, CVE-2022-21713)
- Update to Go 1.17.
- Update license to GNU Affero General Public License v3.0.
- Update to version 8.3.4
- GetUserInfo: return an error if no user was found (bsc#1194873, CVE-2022-21673)
- Features and enhancements:
- Alerting: Allow configuration of non-ready alertmanagers.
- Alerting: Allow customization of Google chat message.
- AppPlugins: Support app plugins with only default nav.
- InfluxDB: query editor: skip fields in metadata queries.
- Postgres/MySQL/MSSQL: Cancel in-flight SQL query if user cancels query in grafana.
- Prometheus: Forward oauth tokens after prometheus datasource migration.
- Bug fixes:
- Azure Monitor: Bug fix for variable interpolations in metrics dropdowns.
- Azure Monitor: Improved error messages for variable queries.
- CloudMonitoring: Fixes broken variable queries that use group bys.
- Configuration: You can now see your expired API keys if you have no active ones.
- Elasticsearch: Fix handling multiple datalinks for a single field.
- Export: Fix error being thrown when exporting dashboards using query variables that reference the default datasource.
- ImportDashboard: Fixes issue with importing dashboard and name ending up in uid.
- Login: Page no longer overflows on mobile.
- Plugins: Set backend metadata property for core plugins.
- Prometheus: Fill missing steps with null values.
- Prometheus: Fix interpolation of $__rate_interval variable.
- Prometheus: Interpolate variables with curly brackets syntax.
- Prometheus: Respect the http-method data source setting.
- Table: Fixes issue with field config applied to wrong fields when hiding columns.
- Toolkit: Fix bug with rootUrls not being properly parsed when signing a private plugin.
- Variables: Fix so data source variables are added to adhoc configuration.
- Plugin development fixes & changes:
- Toolkit: Revert build config so tslib is bundled with plugins to prevent plugins from crashing.
- Update to version 8.3.3:
- BarChart: Use new data error view component to show actions in panel edit.
- CloudMonitor: Iterate over pageToken for resources.
- Macaron: Prevent WriteHeader invalid HTTP status code panic.
- AnnoListPanel: Fix interpolation of variables in tags.
- CloudWatch: Allow queries to have no dimensions specified.
- CloudWatch: Fix broken queries for users migrating from 8.2.4/8.2.5 to 8.3.0.
- CloudWatch: Make sure MatchExact flag gets the right value.
- Dashboards: Fix so that empty folders can be deleted from the manage dashboards/folders page.
- InfluxDB: Improve handling of metadata query errors in InfluxQL.
- Loki: Fix adding of ad hoc filters for queries with parser and line_format expressions.
- Prometheus: Fix running of exemplar queries for non-histogram metrics.
- Prometheus: Interpolate template variables in interval.
- StateTimeline: Fix toolitp not showing when for frames with multiple fields.
- TraceView: Fix virtualized scrolling when trace view is opened in right pane in Explore.
- Variables: Fix repeating panels for on time range changed variables.
- Variables: Fix so queryparam option works for scoped
- Update to version 8.3.2
- Security: Fixes CVE-2021-43813 and CVE-2021-43815.
- Update to version 8.3.1
- Security: Fixes CVE-2021-43798.
- Update to version 8.3.0
- Alerting: Prevent folders from being deleted when they contain alerts.
- Alerting: Show full preview value in tooltip.
- BarGauge: Limit title width when name is really long.
- CloudMonitoring: Avoid to escape regexps in filters.
- CloudWatch: Add support for AWS Metric Insights.
- TooltipPlugin: Remove other panels' shared tooltip in edit panel.
- Visualizations: Limit y label width to 40% of visualization width.
- Alerting: Clear alerting rule evaluation errors after intermittent failures.
- Alerting: Fix refresh on legacy Alert List panel.
- Dashboard: Fix queries for panels with non-integer widths.
- Explore: Fix url update inconsistency.
- Prometheus: Fix range variables interpolation for time ranges smaller than 1 second.
- ValueMappings: Fixes issue with regex value mapping that only sets color.
- Update to version 8.3.0-beta2
- Breaking changes:
- Grafana 8 Alerting enabled by default for installations that do not use legacy alerting.
- Keep Last State for 'If execution error or timeout' when upgrading to Grafana 8 alerting.
- Alerting: Create DatasourceError alert if evaluation returns error.
- Alerting: Make Unified Alerting enabled by default for those who do not use legacy alerting.
- Alerting: Support mute timings configuration through the api for the embedded alert manager.
- CloudWatch: Add missing AWS/Events metrics.
- Docs: Add easier to find deprecation notices to certain data sources and to the changelog.
- Plugins Catalog: Enable install controls based on the pluginAdminEnabled flag.
- Table: Add space between values for the DefaultCell and JSONViewCell.
- Tracing: Make query editors available in dashboard for Tempo and Zipkin.
- AccessControl: Renamed orgs roles, removed fixed:orgs:reader introduced in beta1.
- Azure Monitor: Add trap focus for modals in grafana/ui and other small a11y fixes for Azure Monitor.
- CodeEditor: Prevent suggestions from being clipped.
- Dashboard: Fix cache timeout persistence.
- Datasource: Fix stable sort order of query responses.
- Explore: Fix error in query history when removing last item.
- Logs: Fix requesting of older logs when flipped order.
- Prometheus: Fix running of health check query based on access mode.
- TextPanel: Fix suggestions for existing panels.
- Tracing: Fix incorrect indentations due to reoccurring spanIDs.
- Tracing: Show start time of trace with milliseconds precision.
- Variables: Make renamed or missing variable section expandable.
- Select: Select menus now properly scroll during keyboard navigation.
- Update to version 8.3.0-beta1
- Alerting: Add UI for contact point testing with custom annotations and labels.
- Alerting: Make alert state indicator in panel header work with Grafana 8 alerts.
- Alerting: Option for Discord notifier to use webhook name.
- Annotations: Deprecate AnnotationsSrv.
- Auth: Omit all base64 paddings in JWT tokens for the JWT auth.
- Azure Monitor: Clean up fields when editing Metrics.
- AzureMonitor: Add new starter dashboards.
- AzureMonitor: Add starter dashboard for app monitoring with Application Insights.
- Barchart/Time series: Allow x axis label.
- CLI: Improve error handling for installing plugins.
- CloudMonitoring: Migrate to use backend plugin SDK contracts.
- CloudWatch Logs: Add retry strategy for hitting max concurrent queries.
- CloudWatch: Add AWS RoboMaker metrics and dimension.
- CloudWatch: Add AWS Transfer metrics and dimension.
- Dashboard: replace datasource name with a reference object.
- Dashboards: Show logs on time series when hovering.
- Elasticsearch: Add support for Elasticsearch 8.0 (Beta).
- Elasticsearch: Add time zone setting to Date Histogram aggregation.
- Elasticsearch: Enable full range log volume histogram.
- Elasticsearch: Full range logs volume.
- Explore: Allow changing the graph type.
- Explore: Show ANSI colors when highlighting matched words in the logs panel.
- Graph(old) panel: Listen to events from Time series panel.
- Import: Load gcom dashboards from URL.
- LibraryPanels: Improves export and import of library panels between orgs.
- OAuth: Support PKCE.
- Panel edit: Overrides now highlight correctly when searching.
- PanelEdit: Display drag indicators on draggable sections.
- Plugins: Refactor Plugin Management.
- Prometheus: Add custom query parameters when creating PromLink url.
- Prometheus: Remove limits on metrics, labels, and values in Metrics Browser.
- StateTimeline: Share cursor with rest of the panels.
- Tempo: Add error details when json upload fails.
- Tempo: Add filtering for service graph query.
- Tempo: Add links to nodes in Service Graph pointing to Prometheus metrics.
- Time series/Bar chart panel: Add ability to sort series via legend.
- TimeSeries: Allow multiple axes for the same unit.
- TraceView: Allow span links defined on dataFrame.
- Transformations: Support a rows mode in labels to fields.
- ValueMappings: Don't apply field config defaults to time fields.
- Variables: Only update panels that are impacted by variable change.
- API: Fix dashboard quota limit for imports.
- Alerting: Fix rule editor issues with Azure Monitor data source.
- Azure monitor: Make sure alert rule editor is not enabled when template variables are being used.
- CloudMonitoring: Fix annotation queries.
- CodeEditor: Trigger the latest getSuggestions() passed to CodeEditor.
- Dashboard: Remove the current panel from the list of options in the Dashboard datasource.
- Encryption: Fix decrypting secrets in alerting migration.
- InfluxDB: Fix corner case where index is too large in ALIAS
- NavBar: Order App plugins alphabetically.
- NodeGraph: Fix zooming sensitivity on touchpads.
- Plugins: Add OAuth pass-through logic to api/ds/query endpoint.
- Snapshots: Fix panel inspector for snapshot data.
- Tempo: Fix basic auth password reset on adding tag.
- ValueMapping: Fixes issue with regex mappings.
- grafana/ui: Enable slider marks display.
- Update to version 8.2.7
- Update to version 8.2.6
- Security: Upgrade Docker base image to Alpine 3.14.3.
- Security: Upgrade Go to 1.17.2.
- TimeSeries: Fix fillBelowTo wrongly affecting fills of unrelated series.
- Update to version 8.2.5
- Fix No Data behaviour in Legacy Alerting.
- Alerting: Fix a bug where the metric in the evaluation string was not correctly populated.
- Alerting: Fix no data behaviour in Legacy Alerting for alert rules using the AND operator.
- CloudMonitoring: Ignore min and max aggregation in MQL queries.
- Dashboards: 'Copy' is no longer added to new dashboard titles.
- DataProxy: Fix overriding response body when response is a WebSocket upgrade.
- Elasticsearch: Use field configured in query editor as field for date_histogram aggregations.
- Explore: Fix running queries without a datasource property set.
- InfluxDB: Fix numeric aliases in queries.
- Plugins: Ensure consistent plugin settings list response.
- Tempo: Fix validation of float durations.
- Tracing: Correct tags for each span are shown.
- Update to version 8.2.4
- Security: Fixes CVE-2021-41244.
- Update to version 8.2.3
- Security: Fixes CVE-2021-41174.
- Update to version 8.2.2
- Annotations: We have improved tag search performance.
- Application: You can now configure an error-template title.
- AzureMonitor: We removed a restriction from the resource filter query.
- Packaging: We removed the ProcSubset option in systemd. This option prevented Grafana from starting in LXC environments.
- Prometheus: We removed the autocomplete limit for metrics.
- Table: We improved the styling of the type icons to make them more distinct from column / field name.
- ValueMappings: You can now use value mapping in stat, gauge, bar gauge, and pie chart visualizations.
- Alerting: Fix panic when Slack's API sends unexpected response.
- Alerting: The Create Alert button now appears on the dashboard panel when you are working with a default datasource.
- Explore: We fixed the problem where the Explore log panel disappears when an Elasticsearch logs query returns no results.
- Graph: You can now see annotation descriptions on hover.
- Logs: The system now uses the JSON parser only if the line is parsed to an object.
- Prometheus: We fixed the issue where the system did not reuse TCP connections when querying from Grafana alerting.
- Prometheus: We fixed the problem that resulted in an error when a user created a query with a $__interval min step.
- RowsToFields: We fixed the issue where the system was not properly interpreting number values.
- Scale: We fixed how the system handles NaN percent when data min = data max.
- Table panel: You can now create a filter that includes special characters.
- Update to version 8.2.1
- Dashboard: Fix rendering of repeating panels.
- Datasources: Fix deletion of data source if plugin is not found.
- Packaging: Remove systemcallfilters sections from systemd unit files.
- Prometheus: Add Headers to HTTP client options.
- Update to version 8.2.0
- AWS: Updated AWS authentication documentation.
- Alerting: Added support Alertmanager data source for upstream Prometheus AM implementation.
- Alerting: Allows more characters in label names so notifications are sent.
- Alerting: Get alert rules for a dashboard or a panel using /api/v1/rules endpoints.
- Annotations: Improved rendering performance of event markers.
- CloudWatch Logs: Skip caching for log queries.
- Explore: Added an opt-in configuration for Node Graph in Jaeger, Zipkin, and Tempo.
- Packaging: Add stricter systemd unit options.
- Prometheus: Metrics browser can now handle label values with
- CodeEditor: Ensure that we trigger the latest onSave callback provided to the component.
- DashboardList/AlertList: Fix for missing All folder value.
- Plugins: Create a mock icon component to prevent console errors.
- Update to version 8.2.0-beta2
- AccessControl: Document new permissions restricting data source access.
- TimePicker: Add fiscal years and search to time picker.
- Alerting: Added support for Unified Alerting with Grafana HA.
- Alerting: Added support for tune rule evaluation using configuration options.
- Alerting: Cleanups alertmanager namespace from key-value store when disabling Grafana 8 alerts.
- Alerting: Remove ngalert feature toggle and introduce two new settings for enabling Grafana 8 alerts and disabling them for specific organisations.
- CloudWatch: Introduced new math expression where it is necessary to specify the period field.
- InfluxDB: Added support for $__interval and $__interval_ms in Flux queries for alerting.
- InfluxDB: Flux queries can use more precise start and end timestamps with nanosecond-precision.
- Plugins Catalog: Make the catalog the default way to interact with plugins.
- Prometheus: Removed autocomplete limit for metrics.
- Alerting: Fixed an issue where the edit page crashes if you tried to preview an alert without a condition set.
- Alerting: Fixed rules migration to keep existing Grafana 8 alert rules.
- Alerting: Fixed the silence file content generated during
- Analytics: Fixed an issue related to interaction event propagation in Azure Application Insights.
- BarGauge: Fixed an issue where the cell color was lit even though there was no data.
- BarGauge: Improved handling of streaming data.
- CloudMonitoring: Fixed INT64 label unmarshal error.
- ConfirmModal: Fixes confirm button focus on modal open.
- Dashboard: Add option to generate short URL for variables with values containing spaces.
- Explore: No longer hides errors containing refId property.
- Fixed an issue that produced State timeline panel tooltip error when data was not in sync.
- InfluxDB: InfluxQL query editor is set to always use resultFormat.
- Loki: Fixed creating context query for logs with parsed labels.
- PageToolbar: Fixed alignment of titles.
- Plugins Catalog: Update to the list of available panels after an install, update or uninstall.
- TimeSeries: Fixed an issue where the shared cursor was not showing when hovering over in old Graph panel.
- Variables: Fixed issues related to change of focus or refresh pages when pressing enter in a text box variable input.
- Variables: Panel no longer crash when using the adhoc variable in data links.
- Update to version 8.2.0-beta1
- AccessControl: Introduce new permissions to restrict access for reloading provisioning configuration.
- Alerting: Add UI to edit Cortex/Loki namespace, group names, and group evaluation interval.
- Alerting: Add a Test button to test contact point.
- Alerting: Allow creating/editing recording rules for Loki and Cortex.
- Alerting: Metrics should have the label org instead of user.
- Alerting: Sort notification channels by name to make them easier to locate.
- Alerting: Support org level isolation of notification
- AzureMonitor: Add data links to deep link to Azure Portal Azure Resource Graph.
- AzureMonitor: Add support for annotations from Azure Monitor Metrics and Azure Resource Graph services.
- AzureMonitor: Show error message when subscriptions request fails in ConfigEditor.
- Chore: Update to Golang 1.16.7.
- CloudWatch Logs: Add link to X-Ray data source for trace IDs in logs.
- CloudWatch Logs: Disable query path using websockets (Live) feature.
- CloudWatch/Logs: Don't group dataframes for non time series
- Cloudwatch: Migrate queries that use multiple stats to one query per stat.
- Dashboard: Keep live timeseries moving left (v2).
- Datasources: Introduce response_limit for datasource responses.
- Explore: Add filter by trace or span ID to trace to logs
- Explore: Download traces as JSON in Explore Inspector.
- Explore: Reuse Dashboard's QueryRows component.
- Explore: Support custom display label for derived fields buttons for Loki datasource.
- Grafana UI: Update monaco-related dependencies.
- Graphite: Deprecate browser access mode.
- InfluxDB: Improve handling of intervals in alerting.
- InfluxDB: InfluxQL query editor: Handle unusual characters in tag values better.
- Jaeger: Add ability to upload JSON file for trace data.
- LibraryElements: Enable specifying UID for new and existing library elements.
- LibraryPanels: Remove library panel icon from the panel header so you can no longer tell that a panel is a library panel from the dashboard view.
- Logs panel: Scroll to the bottom on page refresh when sorting in ascending order.
- Loki: Add fuzzy search to label browser.
- Navigation: Implement active state for items in the Sidemenu.
- Packaging: Update PID file location from /var/run to /run.
- Plugins: Add Hide OAuth Forward config option.
- Postgres/MySQL/MSSQL: Add setting to limit the maximum number of rows processed.
- Prometheus: Add browser access mode deprecation warning.
- Prometheus: Add interpolation for built-in-time variables to backend.
- Tempo: Add ability to upload trace data in JSON format.
- TimeSeries/XYChart: Allow grid lines visibility control in XYChart and TimeSeries panels.
- Transformations: Convert field types to time string number or boolean.
- Value mappings: Add regular-expression based value mapping.
- Zipkin: Add ability to upload trace JSON.
- Admin: Prevent user from deleting user's current/active organization.
- LibraryPanels: Fix library panel getting saved in the dashboard's folder.
- OAuth: Make generic teams URL and JMES path configurable.
- QueryEditor: Fix broken copy-paste for mouse middle-click
- Thresholds: Fix undefined color in 'Add threshold'.
- Timeseries: Add wide-to-long, and fix multi-frame output.
- TooltipPlugin: Fix behavior of Shared Crosshair when Tooltip is set to All.
- Grafana UI: Fix TS error property css is missing in type.
- Update to version 8.1.8
- Update to version 8.1.7
- Alerting: Fix alerts with evaluation interval more than 30 seconds resolving before notification.
- Elasticsearch/Prometheus: Fix usage of proper SigV4 service namespace.
- Update to version 8.1.6
- Security: Fixes CVE-2021-39226.
- Update to version 8.1.5
- BarChart: Fixes panel error that happens on second refresh.
- Update to version 8.1.4
- Features and enhancements
- Explore: Ensure logs volume bar colors match legend colors.
- LDAP: Search all DNs for users.
- Alerting: Fix notification channel migration.
- Annotations: Fix blank panels for queries with unknown data sources.
- BarChart: Fix stale values and x axis labels.
- Graph: Make old graph panel thresholds work even if ngalert is enabled.
- InfluxDB: Fix regex to identify / as separator.
- LibraryPanels: Fix update issues related to library panels in rows.
- Variables: Fix variables not updating inside a Panel when the preceding Row uses 'Repeat For'.
- Update to version 8.1.3
- Bug fixes
- Alerting: Fix alert flapping in the internal alertmanager.
- Alerting: Fix request handler failed to convert dataframe 'results' to plugins.DataTimeSeriesSlice: input frame is not recognized as a time series.
- Dashboard: Fix UIDs are not preserved when importing/creating dashboards thru importing .json file.
- Dashboard: Forces panel re-render when exiting panel edit.
- Dashboard: Prevent folder from changing when navigating to general settings.
- Docker: Force use of libcrypto1.1 and libssl1.1 versions to fix CVE-2021-3711.
- Elasticsearch: Fix metric names for alert queries.
- Elasticsearch: Limit Histogram field parameter to numeric values.
- Elasticsearch: Prevent pipeline aggregations to show up in terms order by options.
- LibraryPanels: Prevent duplicate repeated panels from being created.
- Loki: Fix ad-hoc filter in dashboard when used with parser.
- Plugins: Track signed files + add warn log for plugin assets which are not signed.
- Postgres/MySQL/MSSQL: Fix region annotations not displayed correctly.
- Prometheus: Fix validate selector in metrics browser.
- Security: Fix stylesheet injection vulnerability.
- Security: Fix short URL vulnerability.
- Update to version 8.1.2
- AzureMonitor: Add support for PostgreSQL and MySQL Flexible Servers.
- Datasource: Change HTTP status code for failed datasource health check to 400.
- Explore: Add span duration to left panel in trace viewer.
- Plugins: Use file extension allowlist when serving plugin assets instead of checking for UNIX executable.
- Profiling: Add support for binding pprof server to custom network interfaces.
- Search: Make search icon keyboard navigable.
- Template variables: Keyboard navigation improvements.
- Tooltip: Display ms within minute time range.
- Alerting: Fix saving LINE contact point.
- Annotations: Fix alerting annotation coloring.
- Annotations: Alert annotations are now visible in the correct Panel.
- Auth: Hide SigV4 config UI and disable middleware when its config flag is disabled.
- Dashboard: Prevent incorrect panel layout by comparing window width against theme breakpoints.
- Explore: Fix showing of full log context.
- PanelEdit: Fix 'Actual' size by passing the correct panel size to Dashboard.
- Plugins: Fix TLS datasource settings.
- Variables: Fix issue with empty drop downs on navigation.
- Variables: Fix URL util converting false into true.
- Toolkit: Fix matchMedia not found error.
- Update to version 8.1.1
- CloudWatch Logs: Fix crash when no region is selected.
- Update to version 8.1.0
- Alerting: Deduplicate receivers during migration.
- ColorPicker: Display colors as RGBA.
- Select: Make portalling the menu opt-in, but opt-in everywhere.
- TimeRangePicker: Improve accessibility.
- Annotations: Correct annotations that are displayed upon page refresh.
- Annotations: Fix Enabled button that disappeared from Grafana v8.0.6.
- Annotations: Fix data source template variable that was not available for annotations.
- AzureMonitor: Fix annotations query editor that does not load.
- Geomap: Fix scale calculations.
- GraphNG: Fix y-axis autosizing.
- Live: Display stream rate and fix duplicate channels in list
- Loki: Update labels in log browser when time range changes in dashboard.
- NGAlert: Send resolve signal to alertmanager on alerting -> Normal.
- PasswordField: Prevent a password from being displayed when you click the Enter button.
- Renderer: Remove debug.log file when Grafana is stopped.
- Security: Update dependencies to fix CVE-2021-36222.
- Update to version 8.1.0-beta3
- Alerting: Support label matcher syntax in alert rule list filter.
- IconButton: Put tooltip text as aria-label.
- Live: Experimental HA with Redis.
- UI: FileDropzone component.
- CloudWatch: Add AWS LookoutMetrics.
- Docker: Fix builds by delaying go mod verify until all required files are copied over.
- Exemplars: Fix disable exemplars only on the query that failed.
- SQL: Fix SQL dataframe resampling (fill mode + time intervals).
- Update to version 8.1.0-beta2
- Alerting: Expand the value string in alert annotations and
- Auth: Add Azure HTTP authentication middleware.
- Auth: Auth: Pass user role when using the authentication proxy.
- Gazetteer: Update countries.json file to allow for linking to 3-letter country codes.
- Config: Fix Docker builds by correcting formatting in sample.ini.
- Explore: Fix encoding of internal URLs.
- Update to version 8.1.0-beta1
- Alerting: Add Alertmanager notifications tab.
- Alerting: Add button to deactivate current Alertmanager
- Alerting: Add toggle in Loki/Prometheus data source configuration to opt out of alerting UI.
- Alerting: Allow any 'evaluate for' value >=0 in the alert rule form.
- Alerting: Load default configuration from status endpoint, if Cortex Alertmanager returns empty user configuration.
- Alerting: view to display alert rule and its underlying data.
- Annotation panel: Release the annotation panel.
- Annotations: Add typeahead support for tags in built-in annotations.
- AzureMonitor: Add curated dashboards for Azure services.
- AzureMonitor: Add support for deep links to Microsoft Azure portal for Metrics.
- AzureMonitor: Remove support for different credentials for Azure Monitor Logs.
- AzureMonitor: Support querying any Resource for Logs queries.
- Elasticsearch: Add frozen indices search support.
- Elasticsearch: Name fields after template variables values instead of their name.
- Elasticsearch: add rate aggregation.
- Email: Allow configuration of content types for email notifications.
- Explore: Add more meta information when line limit is hit.
- Explore: UI improvements to trace view.
- FieldOverrides: Added support to change display name in an override field and have it be matched by a later rule.
- HTTP Client: Introduce dataproxy_max_idle_connections config variable.
- InfluxDB: InfluxQL: adds tags to timeseries data.
- InfluxDB: InfluxQL: make measurement search case insensitive. Legacy Alerting: Replace simplejson with a struct in webhook notification channel.
- Legend: Updates display name for Last (not null) to just Last*.
- Logs panel: Add option to show common labels.
- Loki: Add $__range variable.
- Loki: Add support for 'label_values(log stream selector, label)' in templating.
- Loki: Add support for ad-hoc filtering in dashboard.
- MySQL Datasource: Add timezone parameter.
- NodeGraph: Show gradient fields in legend.
- PanelOptions: Don't mutate panel options/field config object when updating.
- PieChart: Make pie gradient more subtle to match other charts.
- Prometheus: Update PromQL typeahead and highlighting.
- Prometheus: interpolate variable for step field.
- Provisioning: Improve validation by validating across all dashboard providers.
- SQL Datasources: Allow multiple string/labels columns with time series.
- Select: Portal select menu to document.body.
- Team Sync: Add group mapping to support team sync in the Generic OAuth provider.
- Tooltip: Make active series more noticeable.
- Tracing: Add support to configure trace to logs start and end time.
- Transformations: Skip merge when there is only a single data frame.
- ValueMapping: Added support for mapping text to color, boolean values, NaN and Null. Improved UI for value mapping.
- Visualizations: Dynamically set any config (min, max, unit, color, thresholds) from query results.
- live: Add support to handle origin without a value for the port when matching with root_url.
- Alerting: Handle marshaling Inf values.
- AzureMonitor: Fix macro resolution for template variables.
- AzureMonitor: Fix queries with Microsoft.NetApp/../../volumes resources.
- AzureMonitor: Request and concat subsequent resource pages.
- Bug: Fix parse duration for day.
- Datasources: Improve error handling for error messages.
- Explore: Correct the functionality of shift-enter shortcut across all uses.
- Explore: Show all dataFrames in data tab in Inspector.
- GraphNG: Fix Tooltip mode 'All' for XYChart.
- Loki: Fix highlight of logs when using filter expressions with backticks.
- Modal: Force modal content to overflow with scroll.
- Plugins: Ignore symlinked folders when verifying plugin signature.
- Toolkit: Improve error messages when tasks fail.
- Update to version 8.0.7
- Update to version 8.0.6
- Alerting: Add annotation upon alert state change.
- Alerting: Allow space in label and annotation names.
- InfluxDB: Improve legend labels for InfluxDB query results.
- Alerting: Fix improper alert by changing the handling of empty labels.
- CloudWatch/Logs: Reestablish Cloud Watch alert behavior.
- Dashboard: Avoid migration breaking on fieldConfig without defaults field in folded panel.
- DashboardList: Fix issue not re-fetching dashboard list after variable change.
- Database: Fix incorrect format of isolation level configuration parameter for MySQL.
- InfluxDB: Correct tag filtering on InfluxDB data.
- Links: Fix links that caused a full page reload.
- Live: Fix HTTP error when InfluxDB metrics have an incomplete or asymmetrical field set.
- Postgres/MySQL/MSSQL: Change time field to 'Time' for time series queries.
- Postgres: Fix the handling of a null return value in query
- Tempo: Show hex strings instead of uints for IDs.
- TimeSeries: Improve tooltip positioning when tooltip overflows.
- Transformations: Add 'prepare time series' transformer.
- Update to version 8.0.5
- Cloudwatch Logs: Send error down to client.
- Folders: Return 409 Conflict status when folder already exists.
- TimeSeries: Do not show series in tooltip if it's hidden in the viz.
- AzureMonitor: Fix issue where resource group name is missing on the resource picker button.
- Chore: Fix AWS auth assuming role with workspace IAM.
- DashboardQueryRunner: Fixes unrestrained subscriptions being
- DateFormats: Fix reading correct setting key for use_browser_locale.
- Links: Fix links to other apps outside Grafana when under sub path.
- Snapshots: Fix snapshot absolute time range issue.
- Table: Fix data link color.
- Time Series: Fix X-axis time format when tick increment is larger than a year.
- Tooltip Plugin: Prevent tooltip render if field is undefined.
- Update to version 8.0.4
- Live: Rely on app url for origin check.
- PieChart: Sort legend descending, update placeholder.
- TimeSeries panel: Do not reinitialize plot when thresholds mode change.
- Elasticsearch: Allow case sensitive custom options in date_histogram interval.
- Elasticsearch: Restore previous field naming strategy when using variables.
- Explore: Fix import of queries between SQL data sources.
- InfluxDB: InfluxQL query editor: fix retention policy handling.
- Loki: Send correct time range in template variable queries.
- TimeSeries: Preserve RegExp series overrides when migrating from old graph panel.
- Update to version 8.0.3
- Alerting: Increase alertmanager_conf column if MySQL.
- Time series/Bar chart panel: Handle infinite numbers as nulls when converting to plot array.
- TimeSeries: Ensure series overrides that contain color are migrated, and migrate the previous fieldConfig when changing the panel type.
- ValueMappings: Improve singlestat value mappings migration.
- Annotations: Fix annotation line and marker colors.
- AzureMonitor: Fix KQL template variable queries without default workspace.
- CloudWatch/Logs: Fix missing response data for log queries.
- LibraryPanels: Fix crash in library panels list when panel plugin is not found.
- LogsPanel: Fix performance drop when moving logs panel in
- Loki: Parse log levels when ANSI coloring is enabled.
- MSSQL: Fix issue with hidden queries still being executed.
- PanelEdit: Display the VisualizationPicker that was not displayed if a panel has an unknown panel plugin.
- Plugins: Fix loading symbolically linked plugins.
- Prometheus: Fix issue where legend name was replaced with name Value in stat and gauge panels.
- State Timeline: Fix crash when hovering over panel.
- Update to version 8.0.2
- Datasource: Add support for max_conns_per_host in dataproxy settings.
- Configuration: Fix changing org preferences in FireFox.
- PieChart: Fix legend dimension limits.
- Postgres/MySQL/MSSQL: Fix panic in concurrent map writes.
- Variables: Hide default data source if missing from regex.
- Update to version 8.0.1
- Alerting/SSE: Fix 'count_non_null' reducer validation.
- Cloudwatch: Fix duplicated time series.
- Cloudwatch: Fix missing defaultRegion.
- Dashboard: Fix Dashboard init failed error on dashboards with old singlestat panels in collapsed rows.
- Datasource: Fix storing timeout option as numeric.
- Postgres/MySQL/MSSQL: Fix annotation parsing for empty
- Postgres/MySQL/MSSQL: Numeric/non-string values are now returned from query variables.
- Postgres: Fix an error that was thrown when the annotation query did not return any results.
- StatPanel: Fix an issue with the appearance of the graph when switching color mode.
- Visualizations: Fix an issue in the Stat/BarGauge/Gauge/PieChart panels where all values mode were showing the same name if they had the same value.
- Toolkit: Resolve external fonts when Grafana is served from a sub path.
- Update to version 8.0.0
- The following endpoints were deprecated for Grafana v5.0 and support for them has now been removed: GET /dashboards/db/:slug GET /dashboard-solo/db/:slug GET /api/dashboard/db/:slug DELETE /api/dashboards/db/:slug
- AzureMonitor: Require default subscription for workspaces() template variable query.
- AzureMonitor: Use resource type display names in the UI.
- Dashboard: Remove support for loading and deleting dashboard by slug.
- InfluxDB: Deprecate direct browser access in data source.
- VizLegend: Add a read-only property.
- AzureMonitor: Fix Azure Resource Graph queries in Azure China.
- Checkbox: Fix vertical layout issue with checkboxes due to fixed height.
- Dashboard: Fix Table view when editing causes the panel data to not update.
- Dashboard: Fix issues where unsaved-changes warning is not displayed.
- Login: Fixes Unauthorized message showing when on login page or snapshot page.
- NodeGraph: Fix sorting markers in grid view.
- Short URL: Include orgId in generated short URLs.
- Variables: Support raw values of boolean type.
- Update to version 8.0.0-beta3
- The default HTTP method for Prometheus data source is now POST.
- API: Support folder UID in dashboards API.
- Alerting: Add support for configuring avatar URL for the Discord notifier.
- Alerting: Clarify that Threema Gateway Alerts support only Basic IDs.
- Azure: Expose Azure settings to external plugins.
- AzureMonitor: Deprecate using separate credentials for Azure Monitor Logs.
- AzureMonitor: Display variables in resource picker for Azure
- AzureMonitor: Hide application insights for data sources not using it.
- AzureMonitor: Support querying subscriptions and resource groups in Azure Monitor Logs.
- AzureMonitor: remove requirement for default subscription.
- CloudWatch: Add Lambda@Edge Amazon CloudFront metrics.
- CloudWatch: Add missing AWS AppSync metrics.
- ConfirmModal: Auto focus delete button.
- Explore: Add caching for queries that are run from logs
- Loki: Add formatting for annotations.
- Loki: Bring back processed bytes as meta information.
- NodeGraph: Display node graph collapsed by default with trace view.
- Overrides: Include a manual override option to hide something from visualization.
- PieChart: Support row data in pie charts.
- Prometheus: Update default HTTP method to POST for existing data sources.
- Time series panel: Position tooltip correctly when window is scrolled or resized.
- Admin: Fix infinite loading edit on the profile page.
- Color: Fix issues with random colors in string and date
- Dashboard: Fix issue with title or folder change has no effect after exiting settings view.
- DataLinks: Fix an issue __series.name is not working in data link.
- Datasource: Fix dataproxy timeout should always be applied for outgoing data source HTTP requests.
- Elasticsearch: Fix NewClient not passing httpClientProvider to client impl.
- Explore: Fix Browser title not updated on Navigation to Explore.
- GraphNG: Remove fieldName and hideInLegend properties from UPlotSeriesBuilder.
- OAuth: Fix fallback to auto_assign_org_role setting for Azure AD OAuth when no role claims exists.
- PanelChrome: Fix issue with empty panel after adding a non data panel and coming back from panel edit.
- StatPanel: Fix data link tooltip not showing for single value.
- Table: Fix sorting for number fields.
- Table: Have text underline for datalink, and add support for image datalink.
- Transformations: Prevent FilterByValue transform from crashing panel edit.
- Update to version 8.0.0-beta2
- AppPlugins: Expose react-router to apps.
- AzureMonitor: Add Azure Resource Graph.
- AzureMonitor: Managed Identity configuration UI.
- AzureMonitor: Token provider with support for Managed Identities.
- AzureMonitor: Update Logs workspace() template variable query to return resource URIs.
- BarChart: Value label sizing.
- CloudMonitoring: Add support for preprocessing.
- CloudWatch: Add AWS/EFS StorageBytes metric.
- CloudWatch: Allow use of missing AWS namespaces using custom
- Datasource: Shared HTTP client provider for core backend data sources and any data source using the data source proxy.
- InfluxDB: InfluxQL: allow empty tag values in the query editor.
- Instrumentation: Instrument incoming HTTP request with histograms by default.
- Library Panels: Add name endpoint & unique name validation to AddLibraryPanelModal.
- Logs panel: Support details view.
- PieChart: Always show the calculation options dropdown in the
- PieChart: Remove beta flag.
- Plugins: Enforce signing for all plugins.
- Plugins: Remove support for deprecated backend plugin protocol version.
- Tempo/Jaeger: Add better display name to legend.
- Timeline: Add time range zoom.
- Timeline: Adds opacity & line width option.
- Timeline: Value text alignment option.
- ValueMappings: Add duplicate action, and disable dismiss on backdrop click.
- Zipkin: Add node graph view to trace response.
- Annotations panel: Remove subpath from dashboard links.
- Content Security Policy: Allow all image sources by default.
- Content Security Policy: Relax default template wrt. loading of scripts, due to nonces not working.
- Datasource: Fix tracing propagation for alert execution by introducing HTTP client outgoing tracing middleware.
- InfluxDB: InfluxQL always apply time interval end.
- Library Panels: Fixes 'error while loading library panels'.
- NewsPanel: Fixes rendering issue in Safari.
- PanelChrome: Fix queries being issued again when scrolling in and out of view.
- Plugins: Fix Azure token provider cache panic and auth param nil value.
- Snapshots: Fix key and deleteKey being ignored when creating an external snapshot.
- Table: Fix issue with cell border not showing with colored background cells.
- Table: Makes tooltip scrollable for long JSON values.
- TimeSeries: Fix for Connected null values threshold toggle during panel editing.
- Variables: Fixes inconsistent selected states on dashboard
- Variables: Refreshes all panels even if panel is full screen.
- QueryField: Remove carriage return character from pasted text.
- Update to version 8.0.0-beta1
- License update:
- AGPL License: Update license from Apache 2.0 to the GNU Affero General Public License (AGPL).
- Removes the never refresh option for Query variables.
- Removes the experimental Tags feature for Variables.
- Deprecations:
- The InfoBox & FeatureInfoBox are now deprecated please use the Alert component instead with severity info.
- API: Add org users with pagination.
- API: Return 404 when deleting nonexistent API key.
- API: Return query results as JSON rather than base64 encoded Arrow.
- Alerting: Allow sending notification tags to Opsgenie as extra properties.
- Alerts: Replaces all uses of InfoBox & FeatureInfoBox with Alert.
- Auth: Add support for JWT Authentication.
- AzureMonitor: Add support for Microsoft.SignalRService/SignalR metrics.
- AzureMonitor: Azure settings in Grafana server config.
- AzureMonitor: Migrate Metrics query editor to React.
- BarChart panel: enable series toggling via legend.
- BarChart panel: Adds support for Tooltip in BarChartPanel.
- PieChart panel: Change look of highlighted pie slices.
- CloudMonitoring: Migrate config editor from angular to react.
- CloudWatch: Add Amplify Console metrics and dimensions.
- CloudWatch: Add missing Redshift metrics to CloudWatch data
- CloudWatch: Add metrics for managed RabbitMQ service.
- DashboardList: Enable templating on search tag input.
- Datasource config: correctly remove single custom http header.
- Elasticsearch: Add generic support for template variables.
- Elasticsearch: Allow omitting field when metric supports inline script.
- Elasticsearch: Allow setting a custom limit for log queries.
- Elasticsearch: Guess field type from first non-empty value.
- Elasticsearch: Use application/x-ndjson content type for multisearch requests.
- Elasticsearch: Use semver strings to identify ES version.
- Explore: Add logs navigation to request more logs.
- Explore: Map Graphite queries to Loki.
- Explore: Scroll split panes in Explore independently.
- Explore: Wrap each panel in separate error boundary.
- FieldDisplay: Smarter naming of stat values when visualising row values (all values) in stat panels.
- Graphite: Expand metric names for variables.
- Graphite: Handle unknown Graphite functions without breaking the visual editor.
- Graphite: Show graphite functions descriptions.
- Graphite: Support request cancellation properly (Uses new backendSrv.fetch Observable request API).
- InfluxDB: Flux: Improve handling of complex response-structures.
- InfluxDB: Support region annotations.
- Inspector: Download logs for manual processing.
- Jaeger: Add node graph view for trace.
- Jaeger: Search traces.
- Loki: Use data source settings for alerting queries.
- NodeGraph: Exploration mode.
- OAuth: Add support for empty scopes.
- PanelChrome: New logic-less emotion based component with no dependency on PanelModel or DashboardModel.
- PanelEdit: Adds a table view toggle to quickly view data in table form.
- PanelEdit: Highlight matched words when searching options.
- PanelEdit: UX improvements.
- Plugins: PanelRenderer and simplified QueryRunner to be used from plugins.
- Plugins: AuthType in route configuration and params interpolation.
- Plugins: Enable plugin runtime install/uninstall capabilities.
- Plugins: Support set body content in plugin routes.
- Plugins: Introduce marketplace app.
- Plugins: Moving the DataSourcePicker to grafana/runtime so it can be reused in plugins.
- Prometheus: Add custom query params for alert and exemplars
- Prometheus: Use fuzzy string matching to autocomplete metric names and label.
- Routing: Replace Angular routing with react-router.
- Slack: Use chat.postMessage API by default.
- Tempo: Search for Traces by querying Loki directly from Tempo.
- Tempo: Show graph view of the trace.
- Themes: Switch theme without reload using global shortcut.
- TimeSeries panel: Add support for shared cursor.
- TimeSeries panel: Do not crash the panel if there is no time series data in the response.
- Variables: Do not save repeated panels, rows and scopedVars.
- Variables: Removes experimental Tags feature.
- Variables: Removes the never refresh option.
- Visualizations: Unify tooltip options across visualizations.
- Visualizations: Refactor and unify option creation between new visualizations.
- Visualizations: Remove singlestat panel.
- APIKeys: Fixes issue with adding first api key.
- Alerting: Add checks for non supported units - disable defaulting to seconds.
- Alerting: Fix issue where Slack notifications won't link to user IDs.
- Alerting: Omit empty message in PagerDuty notifier.
- AzureMonitor: Fix migration error from older versions of App Insights queries.
- CloudWatch: Fix AWS/Connect dimensions.
- CloudWatch: Fix broken AWS/MediaTailor dimension name.
- Dashboards: Allow string manipulation as advanced variable format option.
- DataLinks: Includes harmless extended characters like Cyrillic characters.
- Drawer: Fixes title overflowing its container.
- Explore: Fix issue when some query errors were not shown.
- Generic OAuth: Prevent adding duplicated users.
- Graphite: Handle invalid annotations.
- Graphite: Fix autocomplete when tags are not available.
- InfluxDB: Fix Cannot read property 'length' of undefined in when parsing response.
- Instrumentation: Enable tracing when Jaeger host and port are
- Instrumentation: Prefix metrics with grafana.
- MSSQL: By default let driver choose port.
- OAuth: Add optional strict parsing of role_attribute_path.
- Panel: Fixes description markdown with inline code being rendered on newlines and full width.
- PanelChrome: Ignore data updates & errors for non data panels.
- Permissions: Fix inherited folder permissions can prevent new permissions being added to a dashboard.
- Plugins: Remove pre-existing plugin installs when installing with grafana-cli.
- Plugins: Support installing to folders with whitespace and fix pluginUrl trailing and leading whitespace failures.
- Postgres/MySQL/MSSQL: Don't return connection failure details to the client.
- Postgres: Fix ms precision of interval in time group macro when TimescaleDB is enabled.
- Provisioning: Use dashboard checksum field as change indicator.
- SQL: Fix so that all captured errors are returned from sql engine.
- Shortcuts: Fixes panel shortcuts so they always work.
- Table: Fixes so border is visible for cells with links.
- Variables: Clear query when data source type changes.
- Variables: Filters out builtin variables from unknown list.
- Button: Introduce buttonStyle prop.
- DataQueryRequest: Remove deprecated props showingGraph and showingTabel and exploreMode.
- grafana/ui: Update React Hook Form to v7.
- IconButton: Introduce variant for red and blue icon buttons.
- Plugins: Expose the getTimeZone function to be able to get the current selected timeZone.
- TagsInput: Add className to TagsInput.
- VizLegend: Move onSeriesColorChanged to PanelContext (breaking change).
- Update to version 7.5.13
- Alerting: Fix NoDataFound for alert rules using AND operator.
salt:
- Update generated documentation to 3004
- Expose missing 'ansible' module functions in Salt 3004 (bsc#1195625)
- Fix salt-call event.send with pillar or grains
- Fix exception in batch_async caused by a bad function call
- Fix inspector module export function (bsc#1097531)
- Wipe NOTIFY_SOCKET from env in cmdmod (bsc#1193357)
- Update to version 3004, see release notes: https://docs.saltproject.io/en/master/topics/releases/3004.html
spacecmd:
- Version 4.3.7-1
- Include group formulas configuration in spacecmd group_backup and spacecmd group_restore. This changes backup format to json, previously used plain text is still supported for reading (bsc#1190462)
- Fix interactive mode for 'system_applyerrata' and 'errata_apply' (bsc#1194363)
- Version 4.3.6-1
- Update translation strings
spacewalk-client-tools:
- Version 4.3.6-1
- Update translation strings
- ID
- SUSE-SU-2022:0751-1
- Severity
- moderate
- URL
- https://www.suse.com/support/update/announcement/2022/suse-su-20220751-1/
- Published
-
2022-03-08T11:26:12
(2 years ago) - Modified
-
2022-03-08T11:26:12
(2 years ago) - Rights
- Copyright 2023 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALPINE:CVE-2021-36222
- ALPINE:CVE-2021-3711
- ALPINE:CVE-2021-41244
- ALPINE:CVE-2021-43798
- ALPINE:CVE-2021-43813
- ALPINE:CVE-2021-43815
- ALPINE:CVE-2022-21673
- ALPINE:CVE-2022-21702
- ALPINE:CVE-2022-21703
- ALPINE:CVE-2022-21713
- ALSA-2021:3576
- ALSA-2021:3771
- ALSA-2022:1781
- ALSA-2022:7519
- ALSA-2022:8057
- ASA-202111-5
- ASA-202111-6
- ASA-202112-11
- CISA-2022:0825
- DSA-4944-1
- DSA-4963-1
- ELSA-2021-3576
- ELSA-2021-3771
- ELSA-2022-1781
- ELSA-2022-7519
- ELSA-2022-8057
- FEDORA-2021-01588ab0bf
- FEDORA-2021-2bae525fd3
- FEDORA-2021-8b25e4642f
- FEDORA-2021-dd83dc8b0b
- FEDORA-2022-6e6b59a682
- FEDORA-2022-83405f9d5b
- FEDORA-2022-9dd03cab55
- FEDORA-2022-c5383675d9
- FEDORA-2022-c6ae206be7
- FREEBSD:4B478274-47A0-11EC-BD24-6C3BE5272ACD
- FREEBSD:757EE63B-269A-11EC-A616-6C3BE5272ACD
- FREEBSD:96811D4A-04EC-11EC-9B84-D4C9EF517024
- FREEBSD:99BFF2BD-4852-11EC-A828-6C3BE5272ACD
- FREEBSD:A994FF7D-5B3F-11EC-8398-6C3BE5272ACD
- FREEBSD:C2A7DE31-5B42-11EC-8398-6C3BE5272ACD
- FREEBSD:C9387E4D-2F5F-11EC-8BE6-D4C9EF517024
- FREEBSD:CECBC674-8B83-11EC-B369-6C3BE5272ACD
- FREEBSD:D4284C2E-8B83-11EC-B369-6C3BE5272ACD
- FREEBSD:D71D154A-8B83-11EC-B369-6C3BE5272ACD
- FREEBSD:E33880ED-5802-11EC-8398-6C3BE5272ACD
- GLSA-202209-02
- GLSA-202210-02
- GLSA-202405-11
- MS:CVE-2021-36222
- MS:CVE-2021-3711
- NPM:GHSA-3J9M-HCV9-RPJ8
- openSUSE-SU-2021:1182-1
- openSUSE-SU-2021:1188-1
- openSUSE-SU-2021:2800-1
- openSUSE-SU-2021:2830-1
- openSUSE-SU-2022:0140-1
- openSUSE-SU-2022:0283-1
- RHSA-2021:3576
- RHSA-2021:3771
- RHSA-2022:1781
- RHSA-2022:7519
- RHSA-2022:8057
- RLSA-2021:3771
- RLSA-2022:1781
- RLSA-2022:7519
- RLSA-2022:8057
- RUSTSEC-2021-0097
- SECADV-20210824-1
- SUSE-SU-2021:2800-1
- SUSE-SU-2021:2830-1
- SUSE-SU-2021:2833-1
- SUSE-SU-2022:0138-1
- SUSE-SU-2022:0139-1
- SUSE-SU-2022:0283-1
- SUSE-SU-2022:0310-1
- SUSE-SU-2022:0311-1
- SUSE-SU-2022:1396-1
- SUSE-SU-2022:1729-1
- SUSE-SU-2022:2134-1
- SUSE-SU-2022:3338-1
- SUSE-SU-2022:3339-1
- SUSE-SU-2022:3425-1
- SUSE-SU-2022:3676-1
- SUSE-SU-2022:3765-1
- SUSE-SU-2022:4428-1
- SUSE-SU-2022:4437-1
- SUSE-SU-2022:4439-1
- SUSE-SU-2024:0191-1
- SUSE-SU-2024:0196-1
- SUSE-SU-2024:0486-1
- SUSE-SU-2024:0487-1
- USN-5051-1
- USN-5959-1
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |