1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2022:0751-1

[SUSE-SU-2022:0751-1] Security Beta update for SUSE Manager Client Tools

Severity Moderate
CVEs 12
Info References Vulnerabilities

Security Beta update for SUSE Manager Client Tools

This security update fixes the following issues:

golang-github-prometheus-prometheus:

  • Upgrade to upstream version 2.32.1 (jsc#SLE-22863)
    • Bugfixes:
    • Scrape: Fix reporting metrics when sample limit is reached during the report. #9996
    • Scrape: Ensure that scrape interval and scrape timeout are always set. #10023
    • TSDB: Expose and fix bug in iterators' Seek() method. #10030
  • Upgrade to upstream version 2.32.0
    • Change:
    • remote-write: Change default max retry time from 100ms to 5 seconds. #9634
    • Features:
    • Agent: New mode of operation optimized for remote-write only scenarios, without local storage.
    • Promtool: Add promtool check service-discovery command. #8970
    • Enhancements:
    • Promtool: Improve test output. #8064
    • Promtool: Use kahan summation for better numerical stability.
    • Remote-write: Reuse memory for marshalling. #9412
    • Scrape: Add scrape_body_size_bytes scrape metric behind the --enable-feature=extra-scrape-metrics flag. #9569
    • TSDB: Add windows arm64 support. #9703
    • TSDB: Optimize query by skipping unneeded sorting in TSDB.
    • Templates: Support int and uint as datatypes for template formatting. #9680
    • UI: Prefer rate over rad, delta over deg, and count over cos in autocomplete. #9688
    • TSDB: Add more size checks when writing individual sections in the index. #9710
    • PromQL: Make deriv() return zero values for constant series.
    • TSDB: Fix panic when checkpoint directory is empty. #9687
    • TSDB: Fix panic, out of order chunks, and race warning during WAL replay. #9856
    • UI: Correctly render links for targets with IPv6 addresses that contain a Zone ID. #9853
    • Promtool: Fix checking of authorization.credentials_file and bearer_token_file fields. #9883
    • Uyuni SD: Fix null pointer exception during initialization.
    • TSDB: Fix queries after a failed snapshot replay. #9980
  • Upgrade to upstream version 2.31.1
    • Bugfix:
    • SD: Fix a panic when the experimental discovery manager receives targets during a reload. #9656
  • Upgrade to upstream version 2.31.0
    • UI: Remove standard PromQL editor in favour of the codemirror-based editor. #9452
    • PromQL: Add trigonometric functions and atan2 binary operator. #9239 #9248 #9515
    • Remote: Add support for exemplar in the remote write receiver endpoint. #9319 #9414
    • SD: Add PuppetDB service discovery. #8883
    • SD: Add Uyuni service discovery. #8190
    • Web: Add support for security-related HTTP headers. #9546
    • Azure SD: Add proxy_url, follow_redirects, tls_config. #9267
    • Backfill: Add --max-block-duration in promtool create-blocks-from rules. #9511
    • Config: Print human-readable sizes with unit instead of raw numbers. #9361
    • HTTP: Re-enable HTTP/2. #9398
    • Kubernetes SD: Warn user if number of endpoints exceeds limit. #9467
    • OAuth2: Add TLS configuration to token requests. #9550
    • PromQL: Several optimizations. #9365 #9360 #9362 #9552
    • PromQL: Make aggregations deterministic in instant queries.
    • Rules: Add the ability to limit number of alerts or series.
    • SD: Experimental discovery manager to avoid restarts upon reload.
    • UI: Debounce timerange setting changes. #9359
    • Backfill: Apply rule labels after query labels. #9421
    • Scrape: Resolve conflicts between multiple exported label prefixes. #9479 #9518
    • Scrape: Restart scrape loops when scrape_interval is changed. #9551
    • TSDB: Fix memory leak in samples deletion. #9151
    • UI: Use consistent margin-bottom for all alert kinds. #9318
  • Upgrade to upstream version 2.30.3
    • TSDB: Fix panic on failed snapshot replay. #9438
    • TSDB: Don't fail snapshot replay with exemplar storage disabled when the snapshot contains exemplars. #9438
  • Upgrade to upstream version 2.30.2
    • TSDB: Don't error on overlapping m-mapped chunks during WAL replay. #9381
  • Upgrade to upstream version 2.30.1
    • Remote Write: Redact remote write URL when used for metric label. #9383
    • UI: Redact remote write URL and proxy URL passwords in the /config page. #9408
    • promtool rules backfill: Prevent creation of data before the start time. #9339
    • promtool rules backfill: Do not query after the end time.
    • Azure SD: Fix panic when no computername is set. #9387
  • Upgrade to upstream version 2.30.0
    • experimental TSDB: Snapshot in-memory chunks on shutdown for faster restarts. #7229
    • experimental Scrape: Configure scrape interval and scrape timeout via relabeling using scrape_interval and scrape_timeout labels respectively. #8911
    • Scrape: Add scrape_timeout_seconds and scrape_sample_limit metric. #9247 #9295
    • Scrape: Add --scrape.timestamp-tolerance flag to adjust scrape timestamp tolerance when enabled via --scrape.adjust-timestamps. #9283
    • Remote Write: Improve throughput when sending exemplars.
    • TSDB: Optimise WAL loading by removing extra map and caching min-time #9160
    • promtool: Speed up checking for duplicate rules. #9262/#9306
    • Scrape: Reduce allocations when parsing the metrics. #9299
    • docker_sd: Support host network mode #9125
    • Exemplars: Fix panic when resizing exemplar storage from 0 to a non-zero size. #9286
    • TSDB: Correctly decrement prometheus_tsdb_head_active_appenders when the append has no samples. #9230
    • promtool rules backfill: Return 1 if backfill was unsuccessful. #9303
    • promtool rules backfill: Avoid creation of overlapping blocks. #9324
    • config: Fix a panic when reloading configuration with a null relabel action. #9224
  • Upgrade to upstream version 2.29.2
    • Fix Kubernetes SD failing to discover Ingress in Kubernetes v1.22. #9205
    • Fix data race in loading write-ahead-log (WAL). #9259
  • Upgrade to upstream version 2.29.1
    • TSDB: align atomically accessed int64 to prevent panic in 32-bit archs. #9192
  • Upgrade to upstream version 2.29.0
    • Changes:
    • Promote --storage.tsdb.allow-overlapping-blocks flag to stable. #9117
    • Promote --storage.tsdb.retention.size flag to stable. #9004
    • Add Kuma service discovery. #8844
    • Add present_over_time PromQL function. #9097
    • Allow configuring exemplar storage via file and make it reloadable. #8974
    • UI: Allow selecting time range with mouse drag. #8977
    • promtool: Add feature flags flag --enable-feature. #8958
    • promtool: Add file_sd file validation. #8950
    • Reduce blocking of outgoing remote write requests from series garbage collection. #9109
    • Improve write-ahead-log decoding performance. #9106
    • Improve append performance in TSDB by reducing mutexes usage.
    • Allow configuring max_samples_per_send for remote write metadata. #8959
    • Add __meta_gce_interface_ipv4_<name> meta label to GCE discovery. #8978
    • Add __meta_ec2_availability_zone_id meta label to EC2 discovery. #8896
    • Add __meta_azure_machine_computer_name meta label to Azure discovery. #9112
    • Add __meta_hetzner_hcloud_labelpresent_<labelname> meta label to Hetzner discovery. #9028
    • promtool: Add compaction efficiency to promtool tsdb analyze reports. #8940
    • promtool: Allow configuring max block duration for backfilling via --max-block-duration flag. #8919
    • UI: Add sorting and filtering to flags page. #8988
    • UI: Improve alerts page rendering performance. #9005
    • Log when total symbol size exceeds 232 bytes, causing compaction to fail, and skip compaction. #9104
    • Fix incorrect target_limit reloading of zero value. #9120
    • Fix head GC and pending readers race condition. #9081
    • Fix timestamp handling in OpenMetrics parser. #9008
    • Fix potential duplicate metrics in /federate endpoint when specifying multiple matchers. #8885
    • Fix server configuration and validation for authentication via client cert. #9123
    • Allow start and end again as label names in PromQL queries. They were disallowed since the introduction of @ timestamp feature. #9119
  • Upgrade to upstream version 2.28.1
    • HTTP SD: Allow charset specification in Content-Type header.
    • HTTP SD: Fix handling of disappeared target groups. #9019
    • Fix incorrect log-level handling after moving to go-kit/log.
  • Upgrade to upstream version 2.28.0
    • UI: Make the new experimental PromQL editor the default.
    • Linode SD: Add Linode service discovery. #8846
    • HTTP SD: Add generic HTTP-based service discovery. #8839
    • Kubernetes SD: Allow configuring API Server access via a kubeconfig file. #8811
    • UI: Add exemplar display support to the graphing interface.
    • Consul SD: Add namespace support for Consul Enterprise. #8900
    • Promtool: Allow silencing output when importing / backfilling data. #8917
    • Consul SD: Support reading tokens from file. #8926
    • Rules: Add a new .ExternalURL alert field templating variable, containing the external URL of the Prometheus server. #8878
    • Scrape: Add experimental body_size_limit scrape configuration setting to limit the allowed response body size for target scrapes. #8833 #8886
    • Kubernetes SD: Add ingress class name label for ingress discovery. #8916
    • UI: Show a startup screen with progress bar when the TSDB is not ready yet. #8662 #8908 #8909 #8946
    • SD: Add a target creation failure counter prometheus_target_sync_failed_total and improve target creation failure handling. #8786
    • TSDB: Improve validation of exemplar label set length. #8816
    • TSDB: Add a prometheus_tsdb_clean_start metric that indicates whether a TSDB lockfile from a previous run still existed upon startup. #8824
    • UI: In the experimental PromQL editor, fix autocompletion and parsing for special float values and improve series metadata fetching. #8856
    • TSDB: When merging chunks, split resulting chunks if they would contain more than the maximum of 120 samples. #8582
    • SD: Fix the computation of the prometheus_sd_discovered_targets metric when using multiple service discoveries. #8828
  • Added hardening to systemd service(s) (bsc#1181400). Modified:

grafana:

  • Update to version 8.3.5 (jsc#SLE-23439, jsc#SLE-23422)
    • Security:
    • Fixes XSS vulnerability in handling data sources (bsc#1195726, CVE-2022-21702)
    • Fixes cross-origin request forgery vulnerability (bsc#1195727, CVE-2022-21703)
    • Fixes Insecure Direct Object Reference vulnerability in Teams API (bsc#1195728, CVE-2022-21713)
  • Update to Go 1.17.
  • Update license to GNU Affero General Public License v3.0.
  • Update to version 8.3.4
    • GetUserInfo: return an error if no user was found (bsc#1194873, CVE-2022-21673)
    • Features and enhancements:
    • Alerting: Allow configuration of non-ready alertmanagers.
    • Alerting: Allow customization of Google chat message.
    • AppPlugins: Support app plugins with only default nav.
    • InfluxDB: query editor: skip fields in metadata queries.
    • Postgres/MySQL/MSSQL: Cancel in-flight SQL query if user cancels query in grafana.
    • Prometheus: Forward oauth tokens after prometheus datasource migration.
    • Bug fixes:
    • Azure Monitor: Bug fix for variable interpolations in metrics dropdowns.
    • Azure Monitor: Improved error messages for variable queries.
    • CloudMonitoring: Fixes broken variable queries that use group bys.
    • Configuration: You can now see your expired API keys if you have no active ones.
    • Elasticsearch: Fix handling multiple datalinks for a single field.
    • Export: Fix error being thrown when exporting dashboards using query variables that reference the default datasource.
    • ImportDashboard: Fixes issue with importing dashboard and name ending up in uid.
    • Login: Page no longer overflows on mobile.
    • Plugins: Set backend metadata property for core plugins.
    • Prometheus: Fill missing steps with null values.
    • Prometheus: Fix interpolation of $__rate_interval variable.
    • Prometheus: Interpolate variables with curly brackets syntax.
    • Prometheus: Respect the http-method data source setting.
    • Table: Fixes issue with field config applied to wrong fields when hiding columns.
    • Toolkit: Fix bug with rootUrls not being properly parsed when signing a private plugin.
    • Variables: Fix so data source variables are added to adhoc configuration.
    • Plugin development fixes & changes:
    • Toolkit: Revert build config so tslib is bundled with plugins to prevent plugins from crashing.
  • Update to version 8.3.3:
    • BarChart: Use new data error view component to show actions in panel edit.
    • CloudMonitor: Iterate over pageToken for resources.
    • Macaron: Prevent WriteHeader invalid HTTP status code panic.
    • AnnoListPanel: Fix interpolation of variables in tags.
    • CloudWatch: Allow queries to have no dimensions specified.
    • CloudWatch: Fix broken queries for users migrating from 8.2.4/8.2.5 to 8.3.0.
    • CloudWatch: Make sure MatchExact flag gets the right value.
    • Dashboards: Fix so that empty folders can be deleted from the manage dashboards/folders page.
    • InfluxDB: Improve handling of metadata query errors in InfluxQL.
    • Loki: Fix adding of ad hoc filters for queries with parser and line_format expressions.
    • Prometheus: Fix running of exemplar queries for non-histogram metrics.
    • Prometheus: Interpolate template variables in interval.
    • StateTimeline: Fix toolitp not showing when for frames with multiple fields.
    • TraceView: Fix virtualized scrolling when trace view is opened in right pane in Explore.
    • Variables: Fix repeating panels for on time range changed variables.
    • Variables: Fix so queryparam option works for scoped
  • Update to version 8.3.2
    • Security: Fixes CVE-2021-43813 and CVE-2021-43815.
  • Update to version 8.3.1
    • Security: Fixes CVE-2021-43798.
  • Update to version 8.3.0
    • Alerting: Prevent folders from being deleted when they contain alerts.
    • Alerting: Show full preview value in tooltip.
    • BarGauge: Limit title width when name is really long.
    • CloudMonitoring: Avoid to escape regexps in filters.
    • CloudWatch: Add support for AWS Metric Insights.
    • TooltipPlugin: Remove other panels' shared tooltip in edit panel.
    • Visualizations: Limit y label width to 40% of visualization width.
    • Alerting: Clear alerting rule evaluation errors after intermittent failures.
    • Alerting: Fix refresh on legacy Alert List panel.
    • Dashboard: Fix queries for panels with non-integer widths.
    • Explore: Fix url update inconsistency.
    • Prometheus: Fix range variables interpolation for time ranges smaller than 1 second.
    • ValueMappings: Fixes issue with regex value mapping that only sets color.
  • Update to version 8.3.0-beta2
    • Breaking changes:
    • Grafana 8 Alerting enabled by default for installations that do not use legacy alerting.
    • Keep Last State for 'If execution error or timeout' when upgrading to Grafana 8 alerting.
    • Alerting: Create DatasourceError alert if evaluation returns error.
    • Alerting: Make Unified Alerting enabled by default for those who do not use legacy alerting.
    • Alerting: Support mute timings configuration through the api for the embedded alert manager.
    • CloudWatch: Add missing AWS/Events metrics.
    • Docs: Add easier to find deprecation notices to certain data sources and to the changelog.
    • Plugins Catalog: Enable install controls based on the pluginAdminEnabled flag.
    • Table: Add space between values for the DefaultCell and JSONViewCell.
    • Tracing: Make query editors available in dashboard for Tempo and Zipkin.
    • AccessControl: Renamed orgs roles, removed fixed:orgs:reader introduced in beta1.
    • Azure Monitor: Add trap focus for modals in grafana/ui and other small a11y fixes for Azure Monitor.
    • CodeEditor: Prevent suggestions from being clipped.
    • Dashboard: Fix cache timeout persistence.
    • Datasource: Fix stable sort order of query responses.
    • Explore: Fix error in query history when removing last item.
    • Logs: Fix requesting of older logs when flipped order.
    • Prometheus: Fix running of health check query based on access mode.
    • TextPanel: Fix suggestions for existing panels.
    • Tracing: Fix incorrect indentations due to reoccurring spanIDs.
    • Tracing: Show start time of trace with milliseconds precision.
    • Variables: Make renamed or missing variable section expandable.
    • Select: Select menus now properly scroll during keyboard navigation.
  • Update to version 8.3.0-beta1
    • Alerting: Add UI for contact point testing with custom annotations and labels.
    • Alerting: Make alert state indicator in panel header work with Grafana 8 alerts.
    • Alerting: Option for Discord notifier to use webhook name.
    • Annotations: Deprecate AnnotationsSrv.
    • Auth: Omit all base64 paddings in JWT tokens for the JWT auth.
    • Azure Monitor: Clean up fields when editing Metrics.
    • AzureMonitor: Add new starter dashboards.
    • AzureMonitor: Add starter dashboard for app monitoring with Application Insights.
    • Barchart/Time series: Allow x axis label.
    • CLI: Improve error handling for installing plugins.
    • CloudMonitoring: Migrate to use backend plugin SDK contracts.
    • CloudWatch Logs: Add retry strategy for hitting max concurrent queries.
    • CloudWatch: Add AWS RoboMaker metrics and dimension.
    • CloudWatch: Add AWS Transfer metrics and dimension.
    • Dashboard: replace datasource name with a reference object.
    • Dashboards: Show logs on time series when hovering.
    • Elasticsearch: Add support for Elasticsearch 8.0 (Beta).
    • Elasticsearch: Add time zone setting to Date Histogram aggregation.
    • Elasticsearch: Enable full range log volume histogram.
    • Elasticsearch: Full range logs volume.
    • Explore: Allow changing the graph type.
    • Explore: Show ANSI colors when highlighting matched words in the logs panel.
    • Graph(old) panel: Listen to events from Time series panel.
    • Import: Load gcom dashboards from URL.
    • LibraryPanels: Improves export and import of library panels between orgs.
    • OAuth: Support PKCE.
    • Panel edit: Overrides now highlight correctly when searching.
    • PanelEdit: Display drag indicators on draggable sections.
    • Plugins: Refactor Plugin Management.
    • Prometheus: Add custom query parameters when creating PromLink url.
    • Prometheus: Remove limits on metrics, labels, and values in Metrics Browser.
    • StateTimeline: Share cursor with rest of the panels.
    • Tempo: Add error details when json upload fails.
    • Tempo: Add filtering for service graph query.
    • Tempo: Add links to nodes in Service Graph pointing to Prometheus metrics.
    • Time series/Bar chart panel: Add ability to sort series via legend.
    • TimeSeries: Allow multiple axes for the same unit.
    • TraceView: Allow span links defined on dataFrame.
    • Transformations: Support a rows mode in labels to fields.
    • ValueMappings: Don't apply field config defaults to time fields.
    • Variables: Only update panels that are impacted by variable change.
    • API: Fix dashboard quota limit for imports.
    • Alerting: Fix rule editor issues with Azure Monitor data source.
    • Azure monitor: Make sure alert rule editor is not enabled when template variables are being used.
    • CloudMonitoring: Fix annotation queries.
    • CodeEditor: Trigger the latest getSuggestions() passed to CodeEditor.
    • Dashboard: Remove the current panel from the list of options in the Dashboard datasource.
    • Encryption: Fix decrypting secrets in alerting migration.
    • InfluxDB: Fix corner case where index is too large in ALIAS
    • NavBar: Order App plugins alphabetically.
    • NodeGraph: Fix zooming sensitivity on touchpads.
    • Plugins: Add OAuth pass-through logic to api/ds/query endpoint.
    • Snapshots: Fix panel inspector for snapshot data.
    • Tempo: Fix basic auth password reset on adding tag.
    • ValueMapping: Fixes issue with regex mappings.
    • grafana/ui: Enable slider marks display.
  • Update to version 8.2.7
  • Update to version 8.2.6
    • Security: Upgrade Docker base image to Alpine 3.14.3.
    • Security: Upgrade Go to 1.17.2.
    • TimeSeries: Fix fillBelowTo wrongly affecting fills of unrelated series.
  • Update to version 8.2.5
    • Fix No Data behaviour in Legacy Alerting.
    • Alerting: Fix a bug where the metric in the evaluation string was not correctly populated.
    • Alerting: Fix no data behaviour in Legacy Alerting for alert rules using the AND operator.
    • CloudMonitoring: Ignore min and max aggregation in MQL queries.
    • Dashboards: 'Copy' is no longer added to new dashboard titles.
    • DataProxy: Fix overriding response body when response is a WebSocket upgrade.
    • Elasticsearch: Use field configured in query editor as field for date_histogram aggregations.
    • Explore: Fix running queries without a datasource property set.
    • InfluxDB: Fix numeric aliases in queries.
    • Plugins: Ensure consistent plugin settings list response.
    • Tempo: Fix validation of float durations.
    • Tracing: Correct tags for each span are shown.
  • Update to version 8.2.4
    • Security: Fixes CVE-2021-41244.
  • Update to version 8.2.3
    • Security: Fixes CVE-2021-41174.
  • Update to version 8.2.2
    • Annotations: We have improved tag search performance.
    • Application: You can now configure an error-template title.
    • AzureMonitor: We removed a restriction from the resource filter query.
    • Packaging: We removed the ProcSubset option in systemd. This option prevented Grafana from starting in LXC environments.
    • Prometheus: We removed the autocomplete limit for metrics.
    • Table: We improved the styling of the type icons to make them more distinct from column / field name.
    • ValueMappings: You can now use value mapping in stat, gauge, bar gauge, and pie chart visualizations.
    • Alerting: Fix panic when Slack's API sends unexpected response.
    • Alerting: The Create Alert button now appears on the dashboard panel when you are working with a default datasource.
    • Explore: We fixed the problem where the Explore log panel disappears when an Elasticsearch logs query returns no results.
    • Graph: You can now see annotation descriptions on hover.
    • Logs: The system now uses the JSON parser only if the line is parsed to an object.
    • Prometheus: We fixed the issue where the system did not reuse TCP connections when querying from Grafana alerting.
    • Prometheus: We fixed the problem that resulted in an error when a user created a query with a $__interval min step.
    • RowsToFields: We fixed the issue where the system was not properly interpreting number values.
    • Scale: We fixed how the system handles NaN percent when data min = data max.
    • Table panel: You can now create a filter that includes special characters.
  • Update to version 8.2.1
    • Dashboard: Fix rendering of repeating panels.
    • Datasources: Fix deletion of data source if plugin is not found.
    • Packaging: Remove systemcallfilters sections from systemd unit files.
    • Prometheus: Add Headers to HTTP client options.
  • Update to version 8.2.0
    • AWS: Updated AWS authentication documentation.
    • Alerting: Added support Alertmanager data source for upstream Prometheus AM implementation.
    • Alerting: Allows more characters in label names so notifications are sent.
    • Alerting: Get alert rules for a dashboard or a panel using /api/v1/rules endpoints.
    • Annotations: Improved rendering performance of event markers.
    • CloudWatch Logs: Skip caching for log queries.
    • Explore: Added an opt-in configuration for Node Graph in Jaeger, Zipkin, and Tempo.
    • Packaging: Add stricter systemd unit options.
    • Prometheus: Metrics browser can now handle label values with
    • CodeEditor: Ensure that we trigger the latest onSave callback provided to the component.
    • DashboardList/AlertList: Fix for missing All folder value.
    • Plugins: Create a mock icon component to prevent console errors.
  • Update to version 8.2.0-beta2
    • AccessControl: Document new permissions restricting data source access.
    • TimePicker: Add fiscal years and search to time picker.
    • Alerting: Added support for Unified Alerting with Grafana HA.
    • Alerting: Added support for tune rule evaluation using configuration options.
    • Alerting: Cleanups alertmanager namespace from key-value store when disabling Grafana 8 alerts.
    • Alerting: Remove ngalert feature toggle and introduce two new settings for enabling Grafana 8 alerts and disabling them for specific organisations.
    • CloudWatch: Introduced new math expression where it is necessary to specify the period field.
    • InfluxDB: Added support for $__interval and $__interval_ms in Flux queries for alerting.
    • InfluxDB: Flux queries can use more precise start and end timestamps with nanosecond-precision.
    • Plugins Catalog: Make the catalog the default way to interact with plugins.
    • Prometheus: Removed autocomplete limit for metrics.
    • Alerting: Fixed an issue where the edit page crashes if you tried to preview an alert without a condition set.
    • Alerting: Fixed rules migration to keep existing Grafana 8 alert rules.
    • Alerting: Fixed the silence file content generated during
    • Analytics: Fixed an issue related to interaction event propagation in Azure Application Insights.
    • BarGauge: Fixed an issue where the cell color was lit even though there was no data.
    • BarGauge: Improved handling of streaming data.
    • CloudMonitoring: Fixed INT64 label unmarshal error.
    • ConfirmModal: Fixes confirm button focus on modal open.
    • Dashboard: Add option to generate short URL for variables with values containing spaces.
    • Explore: No longer hides errors containing refId property.
    • Fixed an issue that produced State timeline panel tooltip error when data was not in sync.
    • InfluxDB: InfluxQL query editor is set to always use resultFormat.
    • Loki: Fixed creating context query for logs with parsed labels.
    • PageToolbar: Fixed alignment of titles.
    • Plugins Catalog: Update to the list of available panels after an install, update or uninstall.
    • TimeSeries: Fixed an issue where the shared cursor was not showing when hovering over in old Graph panel.
    • Variables: Fixed issues related to change of focus or refresh pages when pressing enter in a text box variable input.
    • Variables: Panel no longer crash when using the adhoc variable in data links.
  • Update to version 8.2.0-beta1
    • AccessControl: Introduce new permissions to restrict access for reloading provisioning configuration.
    • Alerting: Add UI to edit Cortex/Loki namespace, group names, and group evaluation interval.
    • Alerting: Add a Test button to test contact point.
    • Alerting: Allow creating/editing recording rules for Loki and Cortex.
    • Alerting: Metrics should have the label org instead of user.
    • Alerting: Sort notification channels by name to make them easier to locate.
    • Alerting: Support org level isolation of notification
    • AzureMonitor: Add data links to deep link to Azure Portal Azure Resource Graph.
    • AzureMonitor: Add support for annotations from Azure Monitor Metrics and Azure Resource Graph services.
    • AzureMonitor: Show error message when subscriptions request fails in ConfigEditor.
    • Chore: Update to Golang 1.16.7.
    • CloudWatch Logs: Add link to X-Ray data source for trace IDs in logs.
    • CloudWatch Logs: Disable query path using websockets (Live) feature.
    • CloudWatch/Logs: Don't group dataframes for non time series
    • Cloudwatch: Migrate queries that use multiple stats to one query per stat.
    • Dashboard: Keep live timeseries moving left (v2).
    • Datasources: Introduce response_limit for datasource responses.
    • Explore: Add filter by trace or span ID to trace to logs
    • Explore: Download traces as JSON in Explore Inspector.
    • Explore: Reuse Dashboard's QueryRows component.
    • Explore: Support custom display label for derived fields buttons for Loki datasource.
    • Grafana UI: Update monaco-related dependencies.
    • Graphite: Deprecate browser access mode.
    • InfluxDB: Improve handling of intervals in alerting.
    • InfluxDB: InfluxQL query editor: Handle unusual characters in tag values better.
    • Jaeger: Add ability to upload JSON file for trace data.
    • LibraryElements: Enable specifying UID for new and existing library elements.
    • LibraryPanels: Remove library panel icon from the panel header so you can no longer tell that a panel is a library panel from the dashboard view.
    • Logs panel: Scroll to the bottom on page refresh when sorting in ascending order.
    • Loki: Add fuzzy search to label browser.
    • Navigation: Implement active state for items in the Sidemenu.
    • Packaging: Update PID file location from /var/run to /run.
    • Plugins: Add Hide OAuth Forward config option.
    • Postgres/MySQL/MSSQL: Add setting to limit the maximum number of rows processed.
    • Prometheus: Add browser access mode deprecation warning.
    • Prometheus: Add interpolation for built-in-time variables to backend.
    • Tempo: Add ability to upload trace data in JSON format.
    • TimeSeries/XYChart: Allow grid lines visibility control in XYChart and TimeSeries panels.
    • Transformations: Convert field types to time string number or boolean.
    • Value mappings: Add regular-expression based value mapping.
    • Zipkin: Add ability to upload trace JSON.
    • Admin: Prevent user from deleting user's current/active organization.
    • LibraryPanels: Fix library panel getting saved in the dashboard's folder.
    • OAuth: Make generic teams URL and JMES path configurable.
    • QueryEditor: Fix broken copy-paste for mouse middle-click
    • Thresholds: Fix undefined color in 'Add threshold'.
    • Timeseries: Add wide-to-long, and fix multi-frame output.
    • TooltipPlugin: Fix behavior of Shared Crosshair when Tooltip is set to All.
    • Grafana UI: Fix TS error property css is missing in type.
  • Update to version 8.1.8
  • Update to version 8.1.7
    • Alerting: Fix alerts with evaluation interval more than 30 seconds resolving before notification.
    • Elasticsearch/Prometheus: Fix usage of proper SigV4 service namespace.
  • Update to version 8.1.6
    • Security: Fixes CVE-2021-39226.
  • Update to version 8.1.5
    • BarChart: Fixes panel error that happens on second refresh.
  • Update to version 8.1.4
    • Features and enhancements
    • Explore: Ensure logs volume bar colors match legend colors.
    • LDAP: Search all DNs for users.
    • Alerting: Fix notification channel migration.
    • Annotations: Fix blank panels for queries with unknown data sources.
    • BarChart: Fix stale values and x axis labels.
    • Graph: Make old graph panel thresholds work even if ngalert is enabled.
    • InfluxDB: Fix regex to identify / as separator.
    • LibraryPanels: Fix update issues related to library panels in rows.
    • Variables: Fix variables not updating inside a Panel when the preceding Row uses 'Repeat For'.
  • Update to version 8.1.3
    • Bug fixes
    • Alerting: Fix alert flapping in the internal alertmanager.
    • Alerting: Fix request handler failed to convert dataframe 'results' to plugins.DataTimeSeriesSlice: input frame is not recognized as a time series.
    • Dashboard: Fix UIDs are not preserved when importing/creating dashboards thru importing .json file.
    • Dashboard: Forces panel re-render when exiting panel edit.
    • Dashboard: Prevent folder from changing when navigating to general settings.
    • Docker: Force use of libcrypto1.1 and libssl1.1 versions to fix CVE-2021-3711.
    • Elasticsearch: Fix metric names for alert queries.
    • Elasticsearch: Limit Histogram field parameter to numeric values.
    • Elasticsearch: Prevent pipeline aggregations to show up in terms order by options.
    • LibraryPanels: Prevent duplicate repeated panels from being created.
    • Loki: Fix ad-hoc filter in dashboard when used with parser.
    • Plugins: Track signed files + add warn log for plugin assets which are not signed.
    • Postgres/MySQL/MSSQL: Fix region annotations not displayed correctly.
    • Prometheus: Fix validate selector in metrics browser.
    • Security: Fix stylesheet injection vulnerability.
    • Security: Fix short URL vulnerability.
  • Update to version 8.1.2
    • AzureMonitor: Add support for PostgreSQL and MySQL Flexible Servers.
    • Datasource: Change HTTP status code for failed datasource health check to 400.
    • Explore: Add span duration to left panel in trace viewer.
    • Plugins: Use file extension allowlist when serving plugin assets instead of checking for UNIX executable.
    • Profiling: Add support for binding pprof server to custom network interfaces.
    • Search: Make search icon keyboard navigable.
    • Template variables: Keyboard navigation improvements.
    • Tooltip: Display ms within minute time range.
    • Alerting: Fix saving LINE contact point.
    • Annotations: Fix alerting annotation coloring.
    • Annotations: Alert annotations are now visible in the correct Panel.
    • Auth: Hide SigV4 config UI and disable middleware when its config flag is disabled.
    • Dashboard: Prevent incorrect panel layout by comparing window width against theme breakpoints.
    • Explore: Fix showing of full log context.
    • PanelEdit: Fix 'Actual' size by passing the correct panel size to Dashboard.
    • Plugins: Fix TLS datasource settings.
    • Variables: Fix issue with empty drop downs on navigation.
    • Variables: Fix URL util converting false into true.
    • Toolkit: Fix matchMedia not found error.
  • Update to version 8.1.1
    • CloudWatch Logs: Fix crash when no region is selected.
  • Update to version 8.1.0
    • Alerting: Deduplicate receivers during migration.
    • ColorPicker: Display colors as RGBA.
    • Select: Make portalling the menu opt-in, but opt-in everywhere.
    • TimeRangePicker: Improve accessibility.
    • Annotations: Correct annotations that are displayed upon page refresh.
    • Annotations: Fix Enabled button that disappeared from Grafana v8.0.6.
    • Annotations: Fix data source template variable that was not available for annotations.
    • AzureMonitor: Fix annotations query editor that does not load.
    • Geomap: Fix scale calculations.
    • GraphNG: Fix y-axis autosizing.
    • Live: Display stream rate and fix duplicate channels in list
    • Loki: Update labels in log browser when time range changes in dashboard.
    • NGAlert: Send resolve signal to alertmanager on alerting -> Normal.
    • PasswordField: Prevent a password from being displayed when you click the Enter button.
    • Renderer: Remove debug.log file when Grafana is stopped.
    • Security: Update dependencies to fix CVE-2021-36222.
  • Update to version 8.1.0-beta3
    • Alerting: Support label matcher syntax in alert rule list filter.
    • IconButton: Put tooltip text as aria-label.
    • Live: Experimental HA with Redis.
    • UI: FileDropzone component.
    • CloudWatch: Add AWS LookoutMetrics.
    • Docker: Fix builds by delaying go mod verify until all required files are copied over.
    • Exemplars: Fix disable exemplars only on the query that failed.
    • SQL: Fix SQL dataframe resampling (fill mode + time intervals).
  • Update to version 8.1.0-beta2
    • Alerting: Expand the value string in alert annotations and
    • Auth: Add Azure HTTP authentication middleware.
    • Auth: Auth: Pass user role when using the authentication proxy.
    • Gazetteer: Update countries.json file to allow for linking to 3-letter country codes.
    • Config: Fix Docker builds by correcting formatting in sample.ini.
    • Explore: Fix encoding of internal URLs.
  • Update to version 8.1.0-beta1
    • Alerting: Add Alertmanager notifications tab.
    • Alerting: Add button to deactivate current Alertmanager
    • Alerting: Add toggle in Loki/Prometheus data source configuration to opt out of alerting UI.
    • Alerting: Allow any 'evaluate for' value >=0 in the alert rule form.
    • Alerting: Load default configuration from status endpoint, if Cortex Alertmanager returns empty user configuration.
    • Alerting: view to display alert rule and its underlying data.
    • Annotation panel: Release the annotation panel.
    • Annotations: Add typeahead support for tags in built-in annotations.
    • AzureMonitor: Add curated dashboards for Azure services.
    • AzureMonitor: Add support for deep links to Microsoft Azure portal for Metrics.
    • AzureMonitor: Remove support for different credentials for Azure Monitor Logs.
    • AzureMonitor: Support querying any Resource for Logs queries.
    • Elasticsearch: Add frozen indices search support.
    • Elasticsearch: Name fields after template variables values instead of their name.
    • Elasticsearch: add rate aggregation.
    • Email: Allow configuration of content types for email notifications.
    • Explore: Add more meta information when line limit is hit.
    • Explore: UI improvements to trace view.
    • FieldOverrides: Added support to change display name in an override field and have it be matched by a later rule.
    • HTTP Client: Introduce dataproxy_max_idle_connections config variable.
    • InfluxDB: InfluxQL: adds tags to timeseries data.
    • InfluxDB: InfluxQL: make measurement search case insensitive. Legacy Alerting: Replace simplejson with a struct in webhook notification channel.
    • Legend: Updates display name for Last (not null) to just Last*.
    • Logs panel: Add option to show common labels.
    • Loki: Add $__range variable.
    • Loki: Add support for 'label_values(log stream selector, label)' in templating.
    • Loki: Add support for ad-hoc filtering in dashboard.
    • MySQL Datasource: Add timezone parameter.
    • NodeGraph: Show gradient fields in legend.
    • PanelOptions: Don't mutate panel options/field config object when updating.
    • PieChart: Make pie gradient more subtle to match other charts.
    • Prometheus: Update PromQL typeahead and highlighting.
    • Prometheus: interpolate variable for step field.
    • Provisioning: Improve validation by validating across all dashboard providers.
    • SQL Datasources: Allow multiple string/labels columns with time series.
    • Select: Portal select menu to document.body.
    • Team Sync: Add group mapping to support team sync in the Generic OAuth provider.
    • Tooltip: Make active series more noticeable.
    • Tracing: Add support to configure trace to logs start and end time.
    • Transformations: Skip merge when there is only a single data frame.
    • ValueMapping: Added support for mapping text to color, boolean values, NaN and Null. Improved UI for value mapping.
    • Visualizations: Dynamically set any config (min, max, unit, color, thresholds) from query results.
    • live: Add support to handle origin without a value for the port when matching with root_url.
    • Alerting: Handle marshaling Inf values.
    • AzureMonitor: Fix macro resolution for template variables.
    • AzureMonitor: Fix queries with Microsoft.NetApp/../../volumes resources.
    • AzureMonitor: Request and concat subsequent resource pages.
    • Bug: Fix parse duration for day.
    • Datasources: Improve error handling for error messages.
    • Explore: Correct the functionality of shift-enter shortcut across all uses.
    • Explore: Show all dataFrames in data tab in Inspector.
    • GraphNG: Fix Tooltip mode 'All' for XYChart.
    • Loki: Fix highlight of logs when using filter expressions with backticks.
    • Modal: Force modal content to overflow with scroll.
    • Plugins: Ignore symlinked folders when verifying plugin signature.
    • Toolkit: Improve error messages when tasks fail.
  • Update to version 8.0.7
  • Update to version 8.0.6
    • Alerting: Add annotation upon alert state change.
    • Alerting: Allow space in label and annotation names.
    • InfluxDB: Improve legend labels for InfluxDB query results.
    • Alerting: Fix improper alert by changing the handling of empty labels.
    • CloudWatch/Logs: Reestablish Cloud Watch alert behavior.
    • Dashboard: Avoid migration breaking on fieldConfig without defaults field in folded panel.
    • DashboardList: Fix issue not re-fetching dashboard list after variable change.
    • Database: Fix incorrect format of isolation level configuration parameter for MySQL.
    • InfluxDB: Correct tag filtering on InfluxDB data.
    • Links: Fix links that caused a full page reload.
    • Live: Fix HTTP error when InfluxDB metrics have an incomplete or asymmetrical field set.
    • Postgres/MySQL/MSSQL: Change time field to 'Time' for time series queries.
    • Postgres: Fix the handling of a null return value in query
    • Tempo: Show hex strings instead of uints for IDs.
    • TimeSeries: Improve tooltip positioning when tooltip overflows.
    • Transformations: Add 'prepare time series' transformer.
  • Update to version 8.0.5
    • Cloudwatch Logs: Send error down to client.
    • Folders: Return 409 Conflict status when folder already exists.
    • TimeSeries: Do not show series in tooltip if it's hidden in the viz.
    • AzureMonitor: Fix issue where resource group name is missing on the resource picker button.
    • Chore: Fix AWS auth assuming role with workspace IAM.
    • DashboardQueryRunner: Fixes unrestrained subscriptions being
    • DateFormats: Fix reading correct setting key for use_browser_locale.
    • Links: Fix links to other apps outside Grafana when under sub path.
    • Snapshots: Fix snapshot absolute time range issue.
    • Table: Fix data link color.
    • Time Series: Fix X-axis time format when tick increment is larger than a year.
    • Tooltip Plugin: Prevent tooltip render if field is undefined.
  • Update to version 8.0.4
    • Live: Rely on app url for origin check.
    • PieChart: Sort legend descending, update placeholder.
    • TimeSeries panel: Do not reinitialize plot when thresholds mode change.
    • Elasticsearch: Allow case sensitive custom options in date_histogram interval.
    • Elasticsearch: Restore previous field naming strategy when using variables.
    • Explore: Fix import of queries between SQL data sources.
    • InfluxDB: InfluxQL query editor: fix retention policy handling.
    • Loki: Send correct time range in template variable queries.
    • TimeSeries: Preserve RegExp series overrides when migrating from old graph panel.
  • Update to version 8.0.3
    • Alerting: Increase alertmanager_conf column if MySQL.
    • Time series/Bar chart panel: Handle infinite numbers as nulls when converting to plot array.
    • TimeSeries: Ensure series overrides that contain color are migrated, and migrate the previous fieldConfig when changing the panel type.
    • ValueMappings: Improve singlestat value mappings migration.
    • Annotations: Fix annotation line and marker colors.
    • AzureMonitor: Fix KQL template variable queries without default workspace.
    • CloudWatch/Logs: Fix missing response data for log queries.
    • LibraryPanels: Fix crash in library panels list when panel plugin is not found.
    • LogsPanel: Fix performance drop when moving logs panel in
    • Loki: Parse log levels when ANSI coloring is enabled.
    • MSSQL: Fix issue with hidden queries still being executed.
    • PanelEdit: Display the VisualizationPicker that was not displayed if a panel has an unknown panel plugin.
    • Plugins: Fix loading symbolically linked plugins.
    • Prometheus: Fix issue where legend name was replaced with name Value in stat and gauge panels.
    • State Timeline: Fix crash when hovering over panel.
  • Update to version 8.0.2
    • Datasource: Add support for max_conns_per_host in dataproxy settings.
    • Configuration: Fix changing org preferences in FireFox.
    • PieChart: Fix legend dimension limits.
    • Postgres/MySQL/MSSQL: Fix panic in concurrent map writes.
    • Variables: Hide default data source if missing from regex.
  • Update to version 8.0.1
    • Alerting/SSE: Fix 'count_non_null' reducer validation.
    • Cloudwatch: Fix duplicated time series.
    • Cloudwatch: Fix missing defaultRegion.
    • Dashboard: Fix Dashboard init failed error on dashboards with old singlestat panels in collapsed rows.
    • Datasource: Fix storing timeout option as numeric.
    • Postgres/MySQL/MSSQL: Fix annotation parsing for empty
    • Postgres/MySQL/MSSQL: Numeric/non-string values are now returned from query variables.
    • Postgres: Fix an error that was thrown when the annotation query did not return any results.
    • StatPanel: Fix an issue with the appearance of the graph when switching color mode.
    • Visualizations: Fix an issue in the Stat/BarGauge/Gauge/PieChart panels where all values mode were showing the same name if they had the same value.
    • Toolkit: Resolve external fonts when Grafana is served from a sub path.
  • Update to version 8.0.0
    • The following endpoints were deprecated for Grafana v5.0 and support for them has now been removed: GET /dashboards/db/:slug GET /dashboard-solo/db/:slug GET /api/dashboard/db/:slug DELETE /api/dashboards/db/:slug
    • AzureMonitor: Require default subscription for workspaces() template variable query.
    • AzureMonitor: Use resource type display names in the UI.
    • Dashboard: Remove support for loading and deleting dashboard by slug.
    • InfluxDB: Deprecate direct browser access in data source.
    • VizLegend: Add a read-only property.
    • AzureMonitor: Fix Azure Resource Graph queries in Azure China.
    • Checkbox: Fix vertical layout issue with checkboxes due to fixed height.
    • Dashboard: Fix Table view when editing causes the panel data to not update.
    • Dashboard: Fix issues where unsaved-changes warning is not displayed.
    • Login: Fixes Unauthorized message showing when on login page or snapshot page.
    • NodeGraph: Fix sorting markers in grid view.
    • Short URL: Include orgId in generated short URLs.
    • Variables: Support raw values of boolean type.
  • Update to version 8.0.0-beta3
    • The default HTTP method for Prometheus data source is now POST.
    • API: Support folder UID in dashboards API.
    • Alerting: Add support for configuring avatar URL for the Discord notifier.
    • Alerting: Clarify that Threema Gateway Alerts support only Basic IDs.
    • Azure: Expose Azure settings to external plugins.
    • AzureMonitor: Deprecate using separate credentials for Azure Monitor Logs.
    • AzureMonitor: Display variables in resource picker for Azure
    • AzureMonitor: Hide application insights for data sources not using it.
    • AzureMonitor: Support querying subscriptions and resource groups in Azure Monitor Logs.
    • AzureMonitor: remove requirement for default subscription.
    • CloudWatch: Add Lambda@Edge Amazon CloudFront metrics.
    • CloudWatch: Add missing AWS AppSync metrics.
    • ConfirmModal: Auto focus delete button.
    • Explore: Add caching for queries that are run from logs
    • Loki: Add formatting for annotations.
    • Loki: Bring back processed bytes as meta information.
    • NodeGraph: Display node graph collapsed by default with trace view.
    • Overrides: Include a manual override option to hide something from visualization.
    • PieChart: Support row data in pie charts.
    • Prometheus: Update default HTTP method to POST for existing data sources.
    • Time series panel: Position tooltip correctly when window is scrolled or resized.
    • Admin: Fix infinite loading edit on the profile page.
    • Color: Fix issues with random colors in string and date
    • Dashboard: Fix issue with title or folder change has no effect after exiting settings view.
    • DataLinks: Fix an issue __series.name is not working in data link.
    • Datasource: Fix dataproxy timeout should always be applied for outgoing data source HTTP requests.
    • Elasticsearch: Fix NewClient not passing httpClientProvider to client impl.
    • Explore: Fix Browser title not updated on Navigation to Explore.
    • GraphNG: Remove fieldName and hideInLegend properties from UPlotSeriesBuilder.
    • OAuth: Fix fallback to auto_assign_org_role setting for Azure AD OAuth when no role claims exists.
    • PanelChrome: Fix issue with empty panel after adding a non data panel and coming back from panel edit.
    • StatPanel: Fix data link tooltip not showing for single value.
    • Table: Fix sorting for number fields.
    • Table: Have text underline for datalink, and add support for image datalink.
    • Transformations: Prevent FilterByValue transform from crashing panel edit.
  • Update to version 8.0.0-beta2
    • AppPlugins: Expose react-router to apps.
    • AzureMonitor: Add Azure Resource Graph.
    • AzureMonitor: Managed Identity configuration UI.
    • AzureMonitor: Token provider with support for Managed Identities.
    • AzureMonitor: Update Logs workspace() template variable query to return resource URIs.
    • BarChart: Value label sizing.
    • CloudMonitoring: Add support for preprocessing.
    • CloudWatch: Add AWS/EFS StorageBytes metric.
    • CloudWatch: Allow use of missing AWS namespaces using custom
    • Datasource: Shared HTTP client provider for core backend data sources and any data source using the data source proxy.
    • InfluxDB: InfluxQL: allow empty tag values in the query editor.
    • Instrumentation: Instrument incoming HTTP request with histograms by default.
    • Library Panels: Add name endpoint & unique name validation to AddLibraryPanelModal.
    • Logs panel: Support details view.
    • PieChart: Always show the calculation options dropdown in the
    • PieChart: Remove beta flag.
    • Plugins: Enforce signing for all plugins.
    • Plugins: Remove support for deprecated backend plugin protocol version.
    • Tempo/Jaeger: Add better display name to legend.
    • Timeline: Add time range zoom.
    • Timeline: Adds opacity & line width option.
    • Timeline: Value text alignment option.
    • ValueMappings: Add duplicate action, and disable dismiss on backdrop click.
    • Zipkin: Add node graph view to trace response.
    • Annotations panel: Remove subpath from dashboard links.
    • Content Security Policy: Allow all image sources by default.
    • Content Security Policy: Relax default template wrt. loading of scripts, due to nonces not working.
    • Datasource: Fix tracing propagation for alert execution by introducing HTTP client outgoing tracing middleware.
    • InfluxDB: InfluxQL always apply time interval end.
    • Library Panels: Fixes 'error while loading library panels'.
    • NewsPanel: Fixes rendering issue in Safari.
    • PanelChrome: Fix queries being issued again when scrolling in and out of view.
    • Plugins: Fix Azure token provider cache panic and auth param nil value.
    • Snapshots: Fix key and deleteKey being ignored when creating an external snapshot.
    • Table: Fix issue with cell border not showing with colored background cells.
    • Table: Makes tooltip scrollable for long JSON values.
    • TimeSeries: Fix for Connected null values threshold toggle during panel editing.
    • Variables: Fixes inconsistent selected states on dashboard
    • Variables: Refreshes all panels even if panel is full screen.
    • QueryField: Remove carriage return character from pasted text.
  • Update to version 8.0.0-beta1
    • License update:
    • AGPL License: Update license from Apache 2.0 to the GNU Affero General Public License (AGPL).
    • Removes the never refresh option for Query variables.
    • Removes the experimental Tags feature for Variables.
    • Deprecations:
    • The InfoBox & FeatureInfoBox are now deprecated please use the Alert component instead with severity info.
    • API: Add org users with pagination.
    • API: Return 404 when deleting nonexistent API key.
    • API: Return query results as JSON rather than base64 encoded Arrow.
    • Alerting: Allow sending notification tags to Opsgenie as extra properties.
    • Alerts: Replaces all uses of InfoBox & FeatureInfoBox with Alert.
    • Auth: Add support for JWT Authentication.
    • AzureMonitor: Add support for Microsoft.SignalRService/SignalR metrics.
    • AzureMonitor: Azure settings in Grafana server config.
    • AzureMonitor: Migrate Metrics query editor to React.
    • BarChart panel: enable series toggling via legend.
    • BarChart panel: Adds support for Tooltip in BarChartPanel.
    • PieChart panel: Change look of highlighted pie slices.
    • CloudMonitoring: Migrate config editor from angular to react.
    • CloudWatch: Add Amplify Console metrics and dimensions.
    • CloudWatch: Add missing Redshift metrics to CloudWatch data
    • CloudWatch: Add metrics for managed RabbitMQ service.
    • DashboardList: Enable templating on search tag input.
    • Datasource config: correctly remove single custom http header.
    • Elasticsearch: Add generic support for template variables.
    • Elasticsearch: Allow omitting field when metric supports inline script.
    • Elasticsearch: Allow setting a custom limit for log queries.
    • Elasticsearch: Guess field type from first non-empty value.
    • Elasticsearch: Use application/x-ndjson content type for multisearch requests.
    • Elasticsearch: Use semver strings to identify ES version.
    • Explore: Add logs navigation to request more logs.
    • Explore: Map Graphite queries to Loki.
    • Explore: Scroll split panes in Explore independently.
    • Explore: Wrap each panel in separate error boundary.
    • FieldDisplay: Smarter naming of stat values when visualising row values (all values) in stat panels.
    • Graphite: Expand metric names for variables.
    • Graphite: Handle unknown Graphite functions without breaking the visual editor.
    • Graphite: Show graphite functions descriptions.
    • Graphite: Support request cancellation properly (Uses new backendSrv.fetch Observable request API).
    • InfluxDB: Flux: Improve handling of complex response-structures.
    • InfluxDB: Support region annotations.
    • Inspector: Download logs for manual processing.
    • Jaeger: Add node graph view for trace.
    • Jaeger: Search traces.
    • Loki: Use data source settings for alerting queries.
    • NodeGraph: Exploration mode.
    • OAuth: Add support for empty scopes.
    • PanelChrome: New logic-less emotion based component with no dependency on PanelModel or DashboardModel.
    • PanelEdit: Adds a table view toggle to quickly view data in table form.
    • PanelEdit: Highlight matched words when searching options.
    • PanelEdit: UX improvements.
    • Plugins: PanelRenderer and simplified QueryRunner to be used from plugins.
    • Plugins: AuthType in route configuration and params interpolation.
    • Plugins: Enable plugin runtime install/uninstall capabilities.
    • Plugins: Support set body content in plugin routes.
    • Plugins: Introduce marketplace app.
    • Plugins: Moving the DataSourcePicker to grafana/runtime so it can be reused in plugins.
    • Prometheus: Add custom query params for alert and exemplars
    • Prometheus: Use fuzzy string matching to autocomplete metric names and label.
    • Routing: Replace Angular routing with react-router.
    • Slack: Use chat.postMessage API by default.
    • Tempo: Search for Traces by querying Loki directly from Tempo.
    • Tempo: Show graph view of the trace.
    • Themes: Switch theme without reload using global shortcut.
    • TimeSeries panel: Add support for shared cursor.
    • TimeSeries panel: Do not crash the panel if there is no time series data in the response.
    • Variables: Do not save repeated panels, rows and scopedVars.
    • Variables: Removes experimental Tags feature.
    • Variables: Removes the never refresh option.
    • Visualizations: Unify tooltip options across visualizations.
    • Visualizations: Refactor and unify option creation between new visualizations.
    • Visualizations: Remove singlestat panel.
    • APIKeys: Fixes issue with adding first api key.
    • Alerting: Add checks for non supported units - disable defaulting to seconds.
    • Alerting: Fix issue where Slack notifications won't link to user IDs.
    • Alerting: Omit empty message in PagerDuty notifier.
    • AzureMonitor: Fix migration error from older versions of App Insights queries.
    • CloudWatch: Fix AWS/Connect dimensions.
    • CloudWatch: Fix broken AWS/MediaTailor dimension name.
    • Dashboards: Allow string manipulation as advanced variable format option.
    • DataLinks: Includes harmless extended characters like Cyrillic characters.
    • Drawer: Fixes title overflowing its container.
    • Explore: Fix issue when some query errors were not shown.
    • Generic OAuth: Prevent adding duplicated users.
    • Graphite: Handle invalid annotations.
    • Graphite: Fix autocomplete when tags are not available.
    • InfluxDB: Fix Cannot read property 'length' of undefined in when parsing response.
    • Instrumentation: Enable tracing when Jaeger host and port are
    • Instrumentation: Prefix metrics with grafana.
    • MSSQL: By default let driver choose port.
    • OAuth: Add optional strict parsing of role_attribute_path.
    • Panel: Fixes description markdown with inline code being rendered on newlines and full width.
    • PanelChrome: Ignore data updates & errors for non data panels.
    • Permissions: Fix inherited folder permissions can prevent new permissions being added to a dashboard.
    • Plugins: Remove pre-existing plugin installs when installing with grafana-cli.
    • Plugins: Support installing to folders with whitespace and fix pluginUrl trailing and leading whitespace failures.
    • Postgres/MySQL/MSSQL: Don't return connection failure details to the client.
    • Postgres: Fix ms precision of interval in time group macro when TimescaleDB is enabled.
    • Provisioning: Use dashboard checksum field as change indicator.
    • SQL: Fix so that all captured errors are returned from sql engine.
    • Shortcuts: Fixes panel shortcuts so they always work.
    • Table: Fixes so border is visible for cells with links.
    • Variables: Clear query when data source type changes.
    • Variables: Filters out builtin variables from unknown list.
    • Button: Introduce buttonStyle prop.
    • DataQueryRequest: Remove deprecated props showingGraph and showingTabel and exploreMode.
    • grafana/ui: Update React Hook Form to v7.
    • IconButton: Introduce variant for red and blue icon buttons.
    • Plugins: Expose the getTimeZone function to be able to get the current selected timeZone.
    • TagsInput: Add className to TagsInput.
    • VizLegend: Move onSeriesColorChanged to PanelContext (breaking change).
  • Update to version 7.5.13
    • Alerting: Fix NoDataFound for alert rules using AND operator.

salt:

  • Update generated documentation to 3004
  • Expose missing 'ansible' module functions in Salt 3004 (bsc#1195625)
  • Fix salt-call event.send with pillar or grains
  • Fix exception in batch_async caused by a bad function call
  • Fix inspector module export function (bsc#1097531)
  • Wipe NOTIFY_SOCKET from env in cmdmod (bsc#1193357)
  • Update to version 3004, see release notes: https://docs.saltproject.io/en/master/topics/releases/3004.html

spacecmd:

  • Version 4.3.7-1
    • Include group formulas configuration in spacecmd group_backup and spacecmd group_restore. This changes backup format to json, previously used plain text is still supported for reading (bsc#1190462)
    • Fix interactive mode for 'system_applyerrata' and 'errata_apply' (bsc#1194363)
  • Version 4.3.6-1
    • Update translation strings

spacewalk-client-tools:

  • Version 4.3.6-1
    • Update translation strings
ID
SUSE-SU-2022:0751-1
Severity
moderate
URL
https://www.suse.com/support/update/announcement/2022/suse-su-20220751-1/
Published
2022-03-08T11:26:12
(2 years ago)
Modified
2022-03-08T11:26:12
(2 years ago)
Rights
Copyright 2023 SUSE LLC. All rights reserved.
Other Advisories
Source # ID Name URL
Suse URL for SUSE-SU-2022:0751-1 https://www.suse.com/support/update/announcement/2022/suse-su-20220751-1/
Suse SUSE ratings https://www.suse.com/support/security/rating/
Suse URL of this CSAF notice https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_0751-1.json
Suse E-Mail link for SUSE-SU-2022:0751-1 https://lists.suse.com/pipermail/sle-security-updates/2022-March/010387.html
Bugzilla SUSE Bug 1097531 https://bugzilla.suse.com/1097531
Bugzilla SUSE Bug 1181400 https://bugzilla.suse.com/1181400
Bugzilla SUSE Bug 1190462 https://bugzilla.suse.com/1190462
Bugzilla SUSE Bug 1193357 https://bugzilla.suse.com/1193357
Bugzilla SUSE Bug 1194363 https://bugzilla.suse.com/1194363
Bugzilla SUSE Bug 1194873 https://bugzilla.suse.com/1194873
Bugzilla SUSE Bug 1195625 https://bugzilla.suse.com/1195625
Bugzilla SUSE Bug 1195726 https://bugzilla.suse.com/1195726
Bugzilla SUSE Bug 1195727 https://bugzilla.suse.com/1195727
Bugzilla SUSE Bug 1195728 https://bugzilla.suse.com/1195728
CVE SUSE CVE CVE-2021-36222 page https://www.suse.com/security/cve/CVE-2021-36222/
CVE SUSE CVE CVE-2021-3711 page https://www.suse.com/security/cve/CVE-2021-3711/
CVE SUSE CVE CVE-2021-39226 page https://www.suse.com/security/cve/CVE-2021-39226/
CVE SUSE CVE CVE-2021-41174 page https://www.suse.com/security/cve/CVE-2021-41174/
CVE SUSE CVE CVE-2021-41244 page https://www.suse.com/security/cve/CVE-2021-41244/
CVE SUSE CVE CVE-2021-43798 page https://www.suse.com/security/cve/CVE-2021-43798/
CVE SUSE CVE CVE-2021-43813 page https://www.suse.com/security/cve/CVE-2021-43813/
CVE SUSE CVE CVE-2021-43815 page https://www.suse.com/security/cve/CVE-2021-43815/
CVE SUSE CVE CVE-2022-21673 page https://www.suse.com/security/cve/CVE-2022-21673/
CVE SUSE CVE CVE-2022-21702 page https://www.suse.com/security/cve/CVE-2022-21702/
CVE SUSE CVE CVE-2022-21703 page https://www.suse.com/security/cve/CVE-2022-21703/
CVE SUSE CVE CVE-2022-21713 page https://www.suse.com/security/cve/CVE-2022-21713/
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date