SUSE-SU-2020:3309-1: important: Security update for ansible, ardana-ansible, ardana-cinder, ardana-glance, ardana-mq, ardana-nova, ardana-osconfig, crowbar-core, crowbar-openstack, documentation-suse-openstack-cloud, grafana, grafana-natel-discrete-panel, openstack-cinder, openstack-monasca-installer, openstack-neutron, openstack-nova, python-Django, python-Flask-Cors, python-Pillow, python-ardana-packager, python-keystoneclient, python-keystonemiddleware, python-kombu, python-straight-plugin, python-urllib3, release-notes-suse-openstack-cloud, storm, storm-kit, venv-openstack-cinder, venv-openstack-swift

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Thu Nov 12 10:19:20 MST 2020


   SUSE Security Update: Security update for ansible, ardana-ansible, ardana-cinder, ardana-glance, ardana-mq, ardana-nova, ardana-osconfig, crowbar-core, crowbar-openstack, documentation-suse-openstack-cloud, grafana, grafana-natel-discrete-panel, openstack-cinder, openstack-monasca-installer, openstack-neutron, openstack-nova, python-Django, python-Flask-Cors, python-Pillow, python-ardana-packager, python-keystoneclient, python-keystonemiddleware, python-kombu, python-straight-plugin, python-urllib3, release-notes-suse-openstack-cloud, storm, storm-kit, venv-openstack-cinder, venv-openstack-swift
______________________________________________________________________________

Announcement ID:    SUSE-SU-2020:3309-1
Rating:             important
References:         #1008037 #1008038 #1010940 #1019021 #1038785 
                    #1056094 #1059235 #1080682 #1097775 #1102126 
                    #1109957 #1112959 #1117080 #1118896 #1123561 
                    #1126503 #1137479 #1137528 #1142121 #1142542 
                    #1144453 #1153452 #1154231 #1154232 #1154830 
                    #1157968 #1157969 #1159447 #1161919 #1164133 
                    #1164134 #1164135 #1164136 #1164137 #1164138 
                    #1164139 #1164140 #1165022 #1165393 #1166389 
                    #1167440 #1167532 #1171162 #1171823 #1172450 
                    #1173413 #1173416 #1173418 #1174006 #1174145 
                    #1174242 #1174302 #1174583 #1175484 #1175986 
                    #1175993 #1177120 #1177948 SOC-10300 SOC-10522 
                    SOC-10616 SOC-11000 SOC-11223 SOC-11342 SOC-11352 
                    SOC-11364 SOC-11386 SOC-11389 SOC-11391 SOC-6780 
                    SOC-9974 SOC-9998 
Cross-References:   CVE-2016-8614 CVE-2016-8628 CVE-2016-8647
                    CVE-2016-9587 CVE-2017-7466 CVE-2017-7550
                    CVE-2018-10875 CVE-2018-11779 CVE-2018-16837
                    CVE-2018-16859 CVE-2018-16876 CVE-2018-18623
                    CVE-2018-18624 CVE-2018-18625 CVE-2019-0202
                    CVE-2019-10156 CVE-2019-10206 CVE-2019-10217
                    CVE-2019-14846 CVE-2019-14856 CVE-2019-14858
                    CVE-2019-14864 CVE-2019-14904 CVE-2019-14905
                    CVE-2019-19844 CVE-2019-3828 CVE-2020-10177
                    CVE-2020-10378 CVE-2020-10684 CVE-2020-10685
                    CVE-2020-10691 CVE-2020-10729 CVE-2020-10744
                    CVE-2020-10994 CVE-2020-11110 CVE-2020-14330
                    CVE-2020-14332 CVE-2020-14365 CVE-2020-1733
                    CVE-2020-1734 CVE-2020-1735 CVE-2020-1736
                    CVE-2020-1737 CVE-2020-17376 CVE-2020-1738
                    CVE-2020-1739 CVE-2020-1740 CVE-2020-1746
                    CVE-2020-1753 CVE-2020-25032 CVE-2020-26137
                    CVE-2020-7471 CVE-2020-9402
Affected Products:
                    SUSE OpenStack Cloud Crowbar 8
                    SUSE OpenStack Cloud 8
                    HPE Helion Openstack 8
______________________________________________________________________________

   An update that solves 53 vulnerabilities, contains 14
   features and has 5 fixes is now available.

Description:

   This update for ansible, ardana-ansible, ardana-cinder, ardana-glance,
   ardana-mq, ardana-nova, ardana-osconfig, crowbar-core, crowbar-openstack,
   documentation-suse-openstack-cloud, grafana, grafana-natel-discrete-panel,
   openstack-cinder, openstack-monasca-installer, openstack-neutron,
   openstack-nova, python-Django, python-Flask-Cors, python-Pillow,
   python-ardana-packager, python-keystoneclient, python-keystonemiddleware,
   python-kombu, python-straight-plugin, python-urllib3,
   release-notes-suse-openstack-cloud, storm, storm-kit,
   venv-openstack-cinder, venv-openstack-swift contains the following fixes:

   Security fixes included in this update: ansible to 2.9.14:
   - CVE-2020-1733: Fixed insecure temporary directory when running
     become_user (bsc#1164140).
    - CVE-2020-1753: Kubectl connection plugin - connection plugin now redact
      kubectl_token and kubectl_password in console log. (bsc#1166389)
    - CVE-2020-14365: Previously, regardless of the disable_gpg_check
   option, packages were not GPG validated. They are now. (bsc#1175993)
    - CVE-2020-14332: copy - Redact the value of the no_log 'content'
      parameter in the result's invocation.module_args in check mode.
      Previously when used with check mode and with '-vvv', the module would
      not censor the content if a change would be made to the destination
      path. (bsc#1174302)
    - CVE-2020-1736: atomic_move - Change default permissions when creating
      temporary files so they are not world readable (bsc#1164134).
    - CVE-2020-14330: Sanitize no_log values from any response keys that
      might be returned from the uri module (bsc#1174145).
    - CVE-2019-14846: Reset logging level to INFO. (bsc#1153452).
    - CVE-2020-10744: incomplete fix for CVE-2020-1733 (bsc#1171823).

   grafana:
   - CVE-2018-18623, CVE-2018-18624,CVE-2018-18625: Fixed multiple XSS
     vulnerabilities in dashboard due to a incomplete fix for CVE-2018-12099
     (bsc#1172450).
   - CVE-2020-11110: Fixed a stored XSS (bsc#1174583).

   openstack-nova:
   - CVE-2020-17376: Fixed an information leak during live migration
     (bsc#1175484).

   python-Django to 1.11.29
   - CVE-2020-7471: Fixed a SQL injection via StringAgg delimiter
     (bsc#1161919).
   - CVE-2020-9402: Fixed a SQL injection via tolerance parameter in GIS
     functions and aggregates (bsc#1165022).
   - CVE-2019-19844: Fixed a potential account hijack via password reset form
     (bsc#1159447).

   python-Flask-Cors
   - CVE-2020-25032: Fixed a potential information leak through path
     traversal (bsc#1175986).

   python-Pillow
   - CVE-2020-10177: Fixed multiple out-of-bounds reads in
     libImaging/FliDecode.c (bsc#1173413).
   - CVE-2020-10994: Fixed multiple out-of-bounds reads via a crafted JP2
     files (bsc#1173418).
   - CVE-2020-10378: Fixed an out-of-bounds read when reading PCX files
     (bsc#1173416).

   python-urllib3
   - CVE-2020-26137: Fixed CRLF injection via HTTP request method
     (bsc#1177120)

   storm:
   - CVE-2018-11779: Fixed java deserialization vulnerability related to the
     usage of storm-kafka-client or storm-kafka modules (bsc#1143163).
   - CVE-2019-0202: Fixed an information leak related to the log viewer
     (bsc#1142617).

   rubygem-crowbar-client update to 3.9.3:
   - CVE-2018-17954: Fixed information leak of the admin password to all
     nodes in cleartext during provisioning (bsc#1117080)

   Non-security fixes included on this update:

   Changes in ansible:
   - Update to ansible 2.9.14:
     - minor bugs and fixes, including security bugs:
       - CVE-2020-1753, bsc#1166389: Kubectl connection plugin - connection
         plugin now redact kubectl_token and kubectl_password in console log.
       - revert CVE-2020-1736. Users are encouraged to specify a mode
         parameter in their file-based tasks when the files being manipulated
         contain sensitive data.
       - CVE-2020-14365, bsc#1175993: Previously, regardless of the
         disable_gpg_check option, packages were not GPG validated. They are
         now.
       - CVE-2020-14332, bsc#1174302: copy - Redact the value of the no_log
         'content' parameter in the result's invocation.module_args in check
         mode. Previously when used with check mode and with '-vvv', the
         module would not censor the content if a change would be made to the
         destination path.
       - CVE-2020-1736, bsc#1164134: atomic_move - Change default permissions
         when creating temporary files so they are not world readable
       - CVE-2020-14330, bsc#1174145: Sanitize no_log values from any
         response keys that might be returned from the uri module.
       - CVE-2019-14846, bsc#1153452: Reset logging level to INFO.
       - CVE-2020-10744, bsc#1171823, gh#ansible/ansible#69782: incomplete
         fix for CVE-2020-1733
   - Remove patches included upstream:
     - CVE-2020-14330_exposed_keys_uri_mod.patch
     - CVE-2020-10744_avoid_mkdir_p.patch
   - Don't Require python-coverage, it is needed only for testing
     (bsc#1177948).

   - Add CVE-2020-14330_exposed_keys_uri_mod.patch which fixes CVE-2020-14330
     (bsc#1174145). Sanitize no_log values from any response keys that might
     be returned from the uri module. Sensitive values marked with
     ``no_log=True`` will automatically have that value stripped from module
     return values. If your module could return these sensitive values as
     part of a dictionary key name, you should call the
     ``ansible.module_utils.basic.sanitize_keys()`` function to strip the
     values from the keys. See the ``uri`` module for an example.

   - importlib and argparse are required only on SLE-11 and less.

   - Add CVE-2020-10744_avoid_mkdir_p.patch (bsc#1171823) to fix insecure
     temporary directory creation.

   - Add metadata information to this file to mark which SUSE bugzilla have
     been already fixed.
   - Remove CVE-2017-7550-jenkins-disallow-password-in-params.patch as it has
     been already included in 2.4.1.0

   - update to version 2.9.9
     * fix for a regression introduced in 2.9.8

   - update to version 2.9.8 maintenance release containing numerous bugfixes

   - update to version 2.9.7 with many bug fixes, especially for these
     security issues:
     - bsc#1164140 CVE-2020-1733 - insecure temporary directory when running
       become_user from become directive
     - bsc#1164139 CVE-2020-1734 shell enabled by default in a pipe lookup
       plugin subprocess
     - bsc#1164137 CVE-2020-1735 - path injection on dest parameter in fetch
       module
     - bsc#1164134 CVE-2020-1736 atomic_move primitive sets permissive
       permissions
     - bsc#1164138 CVE-2020-1737 - Extract-Zip function in win_unzip module
       does not check extracted path
     - bsc#1164136 CVE-2020-1738 module package can be selected by the
       ansible facts
     - bsc#1164133 CVE-2020-1739  - svn module leaks password when specified
       as a parameter
     - bsc#1164135 CVE-2020-1740 - secrets readable after ansible-vault edit
     - bsc#1165393 CVE-2020-1746 - information disclosure issue in ldap_attr
       and ldap_entry modules
     - bsc#1166389 CVE-2020-1753 - kubectl connection plugin leaks sensitive
       information
     - bsc#1167532 CVE-2020-10684 - code injection when using ansible_facts
       as a subkey
     - bsc#1167440 CVE-2020-10685 - modules which use files encrypted with
       vault are not properly cleaned up
     - CVE-2020-10691 - archive traversal vulnerability in ansible-galaxy
       collection install [2]

   - create missing (empty) template and files directories for
     'ansible-galaxy init' during package build (fixes boo#1137479)
   - require python-xml on python 2 systems (boo#1142542)

   - update to version 2.9.6 (maintenance release) including these security
     issues:
     - bsc#1171162 CVE-2020-10729 two random password lookups in same task
       return same value

   - update to version 2.9.5 (maintenance release)

   - update to version 2.9.4 (maintenance release)
     - fix in yum module
     - security fixes:
       - bsc#1157968 CVE-2019-14904 vulnerability in solaris_zone module via
         crafted solaris zone
       - bsc#1157969 CVE-2019-14905 malicious code could craft filename in
         nxos_file_copy module

   - update to version 2.9.3 (maintenance release)
     * security fixes
       - CVE-2019-14904 (solaris_zone module) (boo#1157968)
       - CVE-2019-14905 (nxos_file_copy module) (boo#1157969)
     * various bugfixes

   - sync with upstream spec file (especially for RHEL & Fedora builds)
   - ran spec-cleaner
   - remove old SUSE targets (SLE-11, Leap 42.3 and below) This simplifies
     the spec file and makes building easier
   - Additional required packages for building:
     + python-boto3 and python-botocore for Amazon EC2
     + python-jmespath for json queries
     + python-memcached for cloud modules and local caching of JSON
       formatted, per host records
     + python-redis for cloud modules and local caching of JSON formatted,
       per host records
     + python-requests for many web-based modules (cloud, network, netapp) =>
       as the need for those packages depends on the usage of the tool, they
       are just recommended on openSUSE/SUSE machines
   - made dependencies for gitlab, vmware and winrm modules configurable, as
     most of their dependencies are not (yet) available on current
     openSUSE/SUSE distributions
   - exclude /usr/bin/pwsh from the automatic dependency generation, as the
     Windows Power Shell is not available (yet) on openSUSE/SUSE
   - build additional docs and split up ansible-doc package; moving
     changelogs, contrib and example directories there
   - prepare for building HTML documentation, but disable this per default
     for the moment, as not all package dependencies are available in
     openSUSE/SUSE (yet)
   - package some test scripts with executable permissions

   - update to version 2.9.2 maintenance release containing numerous bugfixes

   - Create system directories that Ansible defines as default locations in
     ansible/config/base.yml
   - rephrase the summary line
   - Disable shebang munging for specific paths. These files are data files.
     ansible-test munges the shebangs itself.

   - split out ansible-test package for module developers

   - update to version 2.9.1 Full changelog is packaged at
     /usr/share/doc/packages/ansible/changelogs/ and also available online at
   https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.
     9.rst
     + CVE-2019-14864: fixed Splunk and Sumologic callback plugins leak
       sensitive data in logs (boo#1154830)
   - replace all #!/usr/bin/env lines to use #!/usr/bin/$1 directly

   - added file '/usr/bin/ansible-test' to spec file

   - Update to version 2.9.0: Full changelog is packaged at
     /usr/share/doc/packages/ansible/changelogs/ and also available online at
   https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.
     9.rst
   - Fixed among other this security bug:
     - bsc#1112959 CVE-2018-16837 Information leak in "user" module patch
       added

   - include the sha checksum file in the source, which allows to verify the
     original sources

   - Update to version 2.8.6: Full changelog is packaged at
     /usr/share/doc/packages/ansible/changelogs/ and also available online at
   https://github.com/ansible/ansible/blob/stable-2.8/changelogs/CHANGELOG-v2.
     8.rst Included security fixes:
     * CVE-2019-14846: Fixed secrets disclosure on logs due to display is
       hardcoded to DEBUG level (bsc#1153452)
     * CVE-2019-14856: Fixed insufficient fix for CVE-2019-10206 (bsc#1154232)
     * CVE-2019-14858: Fixed data in the sub parameter fields that will not
       be masked and will be displayed when run with increased verbosity
       (bsc#1154231)

   - Update to version 2.8.5: Full changelog is packaged at
     /usr/share/doc/packages/ansible/changelogs/ and also available online at
   https://github.com/ansible/ansible/blob/stable-2.8/changelogs/CHANGELOG-v2.
     8.rst
   - removed patches fixed upstream:
     + CVE-2019-10206-data-disclosure.patch
     + CVE-2019-10217-gcp-modules-sensitive-fields.patch

   - Update to version 2.8.3: Full changelog is packaged, but also at
   https://github.com/ansible/ansible/blob/stable-2.8/changelogs/CHANGELOG-v2.
     8.rst
     - (bsc#1137528) CVE-2019-10156: ansible: templating causing an
       unexpected key file to be set on remote node
   - (bsc#1144453) Adds CVE-2019-10217-gcp-modules-sensitive-fields.patch
     CVE-2019-10217: Fields managing sensitive data should be set as such by
     no_log feature. Some of these fields in GCP modules are not set
     properly. service_account_contents() which is common class for all gcp
     modules is not setting no_log to True. Any sensitive data managed by
     that function would be leak as an
     output when running ansible playbooks.

   - Update to version 2.8.1 Full changelog is at
     /usr/share/doc/packages/ansible/changelogs/ Bugfixes
     --------
     - ACI - DO not encode query_string
     - ACI modules - Fix non-signature authentication
     - Add missing directory provided via ``--playbook-dir`` to adjacent
       collection loading
     - Fix "Interface not found" errors when using eos_l2_interface with
       nonexistant interfaces configured
     - Fix cannot get credential when `source_auth` set to `credential_file`.
     - Fix netconf_config backup string issue
     - Fix privilege escalation support for the docker connection plugin when
       credentials need to be supplied (e.g. sudo with password).
     - Fix vyos cli prompt inspection
     - Fixed loading namespaced documentation fragments from collections.
     - Fixing bug came up after running cnos_vrf module against coverity.
     - Properly handle data importer failures on PVC creation, instead of
       timing out.
     - To fix the ios static route TC failure in CI
     - To fix the nios member module params
     - To fix the nios_zone module idempotency failure
     - add terminal initial prompt for initial connection
     - allow include_role to work with ansible command
     - allow python_requirements_facts to report on dependencies containing
       dashes
     - asa_config fix
     - azure_rm_roledefinition - fix a small error in build scope.
     - azure_rm_virtualnetworkpeering - fix cross subscriptions virtual
       network peering.
     - cgroup_perf_recap - When not using file_per_task, make sure we don't
       prematurely close the perf files
     - display underlying error when reporting an invalid ``tasks:`` block.
     - dnf - fix wildcard matching for state: absent
     - docker connection plugin - accept version ``dev`` as 'newest version'
       and print warning.
     - docker_container - ``oom_killer`` and ``oom_score_adj`` options are
       available since docker-py 1.8.0, not 2.0.0 as assumed by the version
       check.
     - docker_container - fix network creation when
       ``networks_cli_compatible`` is enabled.
     - docker_container - use docker API's ``restart`` instead of
       ``stop``/``start`` to restart a container.
     - docker_image - if ``build`` was not specified, the wrong default for
       ``build.rm`` is used.
     - docker_image - if ``nocache`` set to ``yes`` but not
       ``build.nocache``, the module failed.
     - docker_image - module failed when ``source: build`` was set but
       ``build.path`` options not specified.
     - docker_network module - fix idempotency when using ``aux_addresses``
       in ``ipam_config``.
     - ec2_instance - make Name tag idempotent
     - eos: don't fail modules without become set, instead show message and
       continue
     - eos_config: check for session support when asked to 'diff_against:
       session'
     - eos_eapi: fix idempotency issues when vrf was unspecified.
     - fix bugs for ce - more info see
     - fix incorrect uses of to_native that should be to_text instead.
     - hcloud_volume - Fix idempotency when attaching a server to a volume.
     - ibm_storage - Added a check for null fields in ibm_storage utils
       module.
     - include_tasks - whitelist ``listen`` as a valid keyword
     - k8s - resource updates applied with force work correctly now
     - keep results subset also when not no_log.
     - meraki_switchport - improve reliability with native VLAN functionality.
     - netapp_e_iscsi_target - fix netapp_e_iscsi_target chap secret size and
       clearing functionality
     - netapp_e_volumes - fix workload profileId indexing when no previous
       workload tags exist on the storage array.
     - nxos_acl some platforms/versions raise when no ACLs are present
     - nxos_facts fix <https://github.com/ansible/ansible/pull/57009>
     - nxos_file_copy fix passwordless workflow
     - nxos_interface Fix admin_state check for n6k
     - nxos_snmp_traps fix group all for N35 platforms
     - nxos_snmp_user fix platform fixes for get_snmp_user
     - nxos_vlan mode idempotence bug
     - nxos_vlan vlan names containing regex ctl chars should be escaped
     - nxos_vtp_* modules fix n6k issues
     - openssl_certificate - fix private key passphrase handling for
       ``cryptography`` backend.
     - openssl_pkcs12 - fixes crash when private key has a passphrase and the
       module is run a second time.
     - os_stack - Apply tags conditionally so that the module does not throw
       up an error when using an older distro of openstacksdk
     - pass correct loading context to persistent connections other than local
     - pkg_mgr - Ansible 2.8.0 failing to install yum packages on Amazon Linux
     - postgresql - added initial SSL related tests
     - postgresql - added missing_required_libs, removed excess param mapping
     - postgresql - move connect_to_db and get_pg_version into
       module_utils/postgres.py
       (https://github.com/ansible/ansible/pull/55514)
     - postgresql_db - add note to the documentation about state dump and the
       incorrect rc (https://github.com/ansible/ansible/pull/57297)
     - postgresql_db - fix for postgresql_db fails if stderr contains output
     - postgresql_ping - fixed a typo in the module documentation
     - preserve actual ssh error when we cannot connect.
     - route53_facts - the module did not advertise check mode support,
       causing it not to be run in check mode.
     - sysctl: the module now also checks the output of STDERR to report if
       values are correctly set
       (https://github.com/ansible/ansible/pull/55695)
     - ufw - correctly check status when logging is off
     - uri - always return a value for status even during failure
     - urls - Handle redirects properly for IPv6 address by not splitting on
       ``:`` and rely on already parsed hostname and port values
     - vmware_vm_facts - fix the support with regular ESXi
     - vyos_interface fix <https://github.com/ansible/ansible/pull/57169>
     - we don't really need to template vars on definition as we do this on
       demand in templating.
     - win_acl - Fix qualifier parser when using UNC paths -
     - win_hostname - Fix non netbios compliant name handling
     - winrm - Fix issue when attempting to parse CLIXML on send input failure
     - xenserver_guest - fixed an issue where VM whould be powered off even
       though check mode is used if reconfiguration requires VM to be powered
       off.
     - xenserver_guest - proper error message is shown when maximum number of
       network interfaces is reached and multiple network interfaces are
       added at
       once.
     - yum - Fix false error message about autoremove not being supported
     - yum - fix failure when using ``update_cache`` standalone
     - yum - handle special "_none_" value for proxy in yum.conf and .repo
       files

   - Update to version 2.8.0 Major changes:
     * Experimental support for Ansible Collections and content namespacing -
       Ansible content can now be packaged in a collection and addressed via
       namespaces. This allows for easier sharing, distribution, and
       installation
       of bundled modules/roles/plugins, and consistent rules for accessing
        specific content via namespaces.
     * Python interpreter discovery - The first time a Python module runs on
       a target, Ansible will attempt to discover the proper default Python
       interpreter to use for the target platform/version (instead of
       immediately defaulting to /usr/bin/python). You can override this
       behavior by setting ansible_python_interpreter or via config. (see
       https://github.com/ansible/ansible/pull/50163)
     * become - The deprecated CLI arguments for --sudo, --sudo-user,
       --ask-sudo-pass, -su, --su-user, and --ask-su-pass have been removed,
        in favor of the more generic --become, --become-user,
        --become-method, and
       --ask-become-pass.
     * become - become functionality has been migrated to a plugin
       architecture, to allow customization of become functionality and 3rd
       party become methods (https://github.com/ansible/ansible/pull/50991)
   - addresses CVE-2018-16859, CVE-2018-16876, CVE-2019-3828, CVE-2018-16837
     For the full changelog see /usr/share/doc/packages/ansible/changelogs or
     online:
   https://github.com/ansible/ansible/blob/stable-2.8/changelogs/CHANGELOG-v2.
     8.rst

   - Update to version 2.7.10 Minor Changes
   - Catch all connection timeout related exceptions and raise
     AnsibleConnectionError instead
   - openssl_pkcs12, openssl_privatekey, openssl_publickey - These modules no
     longer delete the output file before starting to regenerate the output,
     or when generating the output failed. Bugfixes
   - Backport of https://github.com/ansible/ansible/pull/54105, pamd - fix
     idempotence issue when removing rules
   - Use custom JSON encoder in conneciton.py so that ansible objects
     (AnsibleVaultEncryptedUnicode, for example) can be sent to the
     persistent connection process
   - allow 'dict()' jinja2 global to function the same even though it has
     changed in jinja2 versions
   - azure_rm inventory plugin - fix missing hostvars properties
     (https://github.com/ansible/ansible/pull/53046)
   - azure_rm inventory plugin - fix no nic type in vmss nic.
     (https://github.com/ansible/ansible/pull/53496)
   - deprecate {Get/Set}ManagerAttributes commands
     (https://github.com/ansible/ansible/issues/47590)
   - flatpak_remote - Handle empty output in remote_exists, fixes
     https://github.com/ansible/ansible/issues/51481
   - foreman - fix Foreman returning host parameters
   - get_url - Fix issue with checksum validation when using a file to ensure
     we skip lines in the file that do not contain exactly 2 parts. Also
     restrict exception handling to the minimum number of necessary lines
     (https://github.com/ansible/ansible/issues/48790)
   - grafana_datasource - Fixed an issue when running Python3 and using basic
     auth (https://github.com/ansible/ansible/issues/49147)
   - include_tasks - Fixed an unexpected exception if no file was given to
     include.
   - openssl_certificate - fix ``state=absent``.
   - openssl_certificate, openssl_csr, openssl_pkcs12, openssl_privatekey,
     openssl_publickey - The modules are now able to overwrite
     write-protected files (https://github.com/ansible/ansible/issues/48656).
   - openssl_dhparam - fix ``state=absent`` idempotency and ``changed`` flag.
   - openssl_pkcs12, openssl_privatekey - These modules now accept the output
     file mode in symbolic form or as a octal string
     (https://github.com/ansible/ansible/issues/53476).
   - openssl_publickey - fixed crash on Python 3 when OpenSSH private keys
     were used with passphrases.
   - openstack inventory plugin: allow "constructed" functionality
     (``compose``, ``groups``, and ``keyed_groups``) to work as documented.
   - random_mac - generate a proper MAC address when the provided vendor
     prefix is two or four characters
     (https://github.com/ansible/ansible/issues/50838)
   - replace - fix behavior when ``before`` and ``after`` are used together
     (https://github.com/ansible/ansible/issues/31354)
   - report correct CPU information on ARM systems
     (https://github.com/ansible/ansible/pull/52884)
   - slurp - Fix issues when using paths on Windows with glob like
     characters, e.g. ``[``, ``]``
   - ssh - Check the return code of the ssh process before raising
     AnsibleConnectionFailure, as the error message for the ssh process will
     likely contain more useful information. This will improve the missing
     interpreter messaging when using modules such as setup which have a
     larger payload to transfer when combined with pipelining.
     (https://github.com/ansible/ansible/issues/53487)
   - tower_settings - 'name' and 'value' parameters are always required,
     module can not be used in order to get a setting
   - win_acl - Fix issues when using paths with glob like characters, e.g.
     ``[``, ``]``
   - win_acl_inheritance - Fix issues when using paths with glob like
     characters, e.g. ``[``, ``]``
   - win_certificate_store - Fix issues when using paths with glob like
     characters, e.g. ``[``, ``]``
   - win_chocolatey - Fix incompatibilities with the latest release of
     Chocolatey ``v0.10.12+``
   - win_copy - Fix issues when using paths with glob like characters, e.g.
     ``[``, ``]``
   - win_file - Fix issues when using paths with glob like characters, e.g.
     ``[``, ``]``
   - win_find - Ensure found files are sorted alphabetically by the path
     instead of it being random
   - win_find - Fix issues when using paths with glob like characters, e.g.
     ``[``, ``]``
   - win_owner - Fix issues when using paths with glob like characters, e.g.
     ``[``, ``]``
   - win_psexec - Support executables with a space in the path
   - win_reboot - Fix reboot command validation failure when running under
     the psrp connection plugin
   - win_tempfile - Always return the full NTFS absolute path and not a DOS
     8.3 path.
   - win_user_right - Fix output containing non json data -
     https://github.com/ansible/ansible/issues/54413
   - windows - Fixed various module utils that did not work with path that
     had glob like chars
   - yum - fix disable_excludes on systems with yum rhn plugin enabled
     (https://github.com/ansible/ansible/issues/53134)

   - Update to version 2.7.9 Minor Changes
     * Add missing import for ConnectionError in edge and routeros
       module_utils.
     * ``to_yaml`` filter updated to maintain formatting consistency when
       used with ``pyyaml`` versions 5.1 and later
       (https://github.com/ansible/ansible/pull/53772)
     * docker_image * set ``changed`` to ``false`` when using ``force: yes``
       to tag or push an image that ends up being identical to one already
       present on the Docker host or Docker registry.
     * jenkins_plugin * Set new default value for the update_url parameter
       (https://github.com/ansible/ansible/issues/52086) Bugfixes
     * Fix bug where some inventory parsing tracebacks were missing or
       reported under the wrong plugin.
     * Fix rabbitmq_plugin idempotence due to information message in new
       version of rabbitmq (https://github.com/ansible/ansible/pull/52166)
     * Fixed KeyError issue in vmware_host_config_manager when a supported
       option isn't already set
       (https://github.com/ansible/ansible/issues/44561).
     * Fixed issue related to --yaml flag in vmware_vm_inventory. Also fixed
       caching issue in vmware_vm_inventory
       (https://github.com/ansible/ansible/issues/52381).
     * If large integers are passed as options to modules under Python 2,
       module argument parsing will reject them as they are of type ``long``
       and not of type ``int``.
     * allow nice error to work when auto plugin reads file w/o `plugin` field
     * ansible-doc * Fix traceback on providing arguemnt --all to ansible-doc
       command
     * azure_rm_virtualmachine_facts * fixed crash related to attached
       managed disks (https://github.com/ansible/ansible/issues/52181)
     * basic * modify the correct variable when determining available hashing
       algorithms to avoid errors when md5 is not available
       (https://github.com/ansible/ansible/issues/51355)
     * cloudscale * Fix compatibilty with Python3 in version 3.5 and lower.
     * convert input into text to ensure valid comparisons in nmap inventory
       plugin
     * dict2items * Allow dict2items to work with hostvars
     * dnsimple * fixed a KeyError exception related to record types handling.
     * docker_container * now returns warnings from docker daemon on
       container creation and updating.
     * docker_swarm * Fixed node_id parameter not working for node removal
       (https://github.com/ansible/ansible/issues/53501)
     * docker_swarm * do not crash with older docker daemons
       (https://github.com/ansible/ansible/issues/51175).
     * docker_swarm * fixes idempotency for the ``ca_force_rotate`` option.
     * docker_swarm * improve Swarm detection.
     * docker_swarm * improve idempotency checking; ``rotate_worker_token``
       and ``rotate_manager_token`` are now also used when all other
       parameters have not changed.
     * docker_swarm * now supports docker-py 1.10.0 and newer for most
       operations, instead only docker 2.6.0 and newer.
     * docker_swarm * properly implement check mode (it did apply changes).
     * docker_swarm * the ``force`` option was ignored when ``state:
       present``.
     * docker_swarm_service * do basic validation of ``publish`` option if
       specified (must be list of dicts).
     * docker_swarm_service * don't crash when ``publish`` is not specified.
     * docker_swarm_service * fix problem with docker daemons which do not
       return ``UpdateConfig`` in the swarm service spec.
     * docker_swarm_service * the return value was documented as
       ``ansible_swarm_service``, but the module actually returned
       ``ansible_docker_service``. Documentation and code have been updated
       so that the variable is now called ``swarm_service``. In Ansible
       2.7.x, the old name ``ansible_docker_service`` can still be used to
       access the result.
     * ec2 * if the private_ip has been provided for the new network
       interface it shouldn't also be added to top level parameters for
       run_instances()
     * fix DNSimple to ensure check works even when the number of records is
       larger than 100
     * get_url * return no change in check mode when checksum matches
     * inventory plugins * Fix creating groups from composed variables by
       getting the latest host variables
     * inventory_aws_ec2 * fix no_log indentation so AWS temporary
       credentials aren't displayed in tests
     * jenkins_plugin * Prevent plugin to be reinstalled when state=present
       (https://github.com/ansible/ansible/issues/43728)
     * lvol * fixed ValueError when using float size
       (https://github.com/ansible/ansible/issues/32886,
       https://github.com/ansible/ansible/issues/29429)
     * mysql * MySQLdb doesn't import the cursors module for its own purposes
       so it has to be imported in MySQL module utilities before it can be
       used in dependent modules like the proxysql module family.
     * mysql * fixing unexpected keyword argument 'cursorclass' issue after
       migration from MySQLdb to PyMySQL.
     * mysql_user: match backticks, single and double quotes when checking
       user privileges.
     * onepassword_facts * Fixes issues which prevented this module working
       with 1Password CLI version 0.5.5 (or greater). Older versions of the
       CLI were deprecated by 1Password and will no longer function.
     * openssl_certificate * ``has_expired`` correctly checks if the
       certificate is expired or not
     * openssl_certificate * fix Python 3 string/bytes problems for
       `notBefore`/`notAfter` for self-signed and ownCA providers.
     * openssl_certificate * make sure that extensions are actually present
       when their values should be checked.
     * openssl_csr * improve ``subject`` validation.
     * openssl_csr * improve error messages for invalid SANs.
     * play order is now applied under all circumstances, fixes
     * remote_management foreman * Fixed issue where it was impossible to
       createdelete a product because product was missing in dict choices (
       https://github.com/ansible/ansible/issues/48594 )
     * rhsm_repository * handle systems without any repos
     * skip invalid plugin after warning in loader
     * urpmi module * fixed issue
     * win_certificate_store * Fix exception handling typo
     * win_chocolatey * Fix issue when parsing a beta Chocolatey install *
       https://github.com/ansible/ansible/issues/52331
     * win_chocolatey_source * fix bug where a Chocolatey source could not be
       disabled unless ``source`` was also set *
       https://github.com/ansible/ansible/issues/50133
     * win_domain * Do not fail if DC is already promoted but a reboot is
       required, return ``reboot_required: True``
     * win_domain * Fix when running without credential delegated
       authentication * https://github.com/ansible/ansible/issues/53182
     * win_file * Fix issue when managing hidden files and directories *
       https://github.com/ansible/ansible/issues/42466
     * winrm * attempt to recover from a WinRM send input failure if possible
     * zabbix_hostmacro: fixes truncation of macro contexts that contain
       colons (see https://github.com/ansible/ansible/pull/51853) New Plugins
     * vmware_vm_inventory * VMware Guest inventory source

   - update URL (use SSL version of the URL)
   - prepare update for multiple releases (bsc#1102126, bsc#1109957)

   - Update to version 2.7.8 Minor Changes:
     * Raise AnsibleConnectionError on winrm connnection errors Bugfixes:
     * Backport of https://github.com/ansible/ansible/pull/46478 , fixes name
       collision in haproxy module
     * Fix aws_ec2 inventory plugin code to automatically populate regions
       when missing as documentation states, also leverage config system vs
       self default/type validation
     * Fix unexpected error when using Jinja2 native types with non-strict
       constructed keyed_groups
       (https://github.com/ansible/ansible/issues/52158).
     * If an ios module uses a section filter on a device which does not
       support it, retry the command without the filter.
     * acme_challenge_cert_helper * the module no longer crashes when the
       required ``cryptography`` library cannot be found.
     * azure_rm_managed_disk_facts * added missing implementation of listing
       managed disks by resource group
     * azure_rm_mysqlserver * fixed issues with passing parameters while
       updating existing server instance
     * azure_rm_postgresqldatabase * fix force_update bug
       (https://github.com/ansible/ansible/issues/50978).
     * azure_rm_postgresqldatabase * fix force_update bug.
     * azure_rm_postgresqlserver * fixed issues with passing parameters while
       updating existing server instance
     * azure_rm_sqlserver * fix for tags support
     * azure_rm_virtualmachine * fixed several crashes in module
     * azure_rm_virtualmachine_facts * fix crash when vm created from custom
       image
     * azure_rm_virtualmachine_facts * fixed crash related to VM with managed
       disk attached
     * ec2 * Correctly sets the end date of the Spot Instance request. Sets
       `ValidUntil` value in proper way so it will be auto-canceled through
       `spot_wait_timeout` interval.
     * openssl_csr * fixes idempotence problem with PyOpenSSL backend when no
       Subject Alternative Names were specified.
     * openstack inventory plugin * send logs from sdk to stderr so they do
       not combine with output
     * psrp * do not display bootstrap wrapper for each module exec run
     * redfish_utils * get standard properties for firmware entries
       (https://github.com/ansible/ansible/issues/49832)
     * remote home directory * Disallow use of remote home directories that
       include relative pathing by means of `..` (CVE-2019-3828, bsc#1126503)
       (https://github.com/ansible/ansible/pull/52133)
     * ufw * when using ``state: reset`` in check mode, ``ufw --dry-run
       reset`` was executed, which causes a loss of firewall rules. The
       ``ufw`` module was adjusted to no longer run ``ufw --dry-run reset``
       to prevent this from happening.
     * ufw: make sure that only valid values for ``direction`` are passed on.
     * update GetBiosBootOrder to use standard Redfish resources
       (https://github.com/ansible/ansible/issues/47571)
     * win become * Fix some scenarios where become failed to create an
       elevated process
     * win_psmodule * the NuGet package provider will be updated, if needed,
       to avoid issue under adding a repository
     * yum * Remove incorrect disable_includes error message when using
       disable_excludes (https://github.com/ansible/ansible/issues/51697)
     * yum * properly handle a proxy config in yum.conf for an
       unauthenticated proxy

   - Update to version 2.7.7 Minor Changes:
     * Allow check_mode with supports_generate_diff capability in cli_config.
       (https://github.com/ansible/ansible/pull/51417)
     * Fixed typo in vmware documentation fragment. Changed "supported added"
       to "support added". Bugfixes:
     * All K8S_AUTH_* environment variables are now properly loaded by the
       k8s lookup plugin
     * Change backup file globbing for network _config modules so backing up
       one host's config will not delete the backed up config of any host
       whose hostname is a subset of the first host's hostname (e.g., switch1
       and switch11)
     * Fixes bug where nios_a_record wasn't getting deleted if an uppercase
       named a_record was being passed.
       (https://github.com/ansible/ansible/pull/51539)
     * aci_aaa_user - Fix setting user description
       (https://github.com/ansible/ansible/issues/51406)
     * apt_repository - fixed failure under Python 3.7
       (https://github.com/ansible/ansible/pull/47219)
     * archive - Fix check if archive is created in path to be removed
     * azure_rm inventory plugin - fix azure batch request
       (https://github.com/ansible/ansible/pull/50006)
     * cnos_backup - fixed syntax error
       (https://github.com/ansible/ansible/pull/47219)
     * cnos_image - fixed syntax error
       (https://github.com/ansible/ansible/pull/47219)
     * consul_kv - minor error-handling bugfix under Python 3.7
       (https://github.com/ansible/ansible/pull/47219)
     * copy - align invocation in return value between check and normal mode
     * delegate_facts - fix to work properly under block and include_role
       (https://github.com/ansible/ansible/pull/51553)
     * docker_swarm_service - fix endpoint_mode and publish idempotency.
     * ec2_instance - Correctly adds description when adding a single ENI to
       the instance
     * ensure we have a XDG_RUNTIME_DIR, as it is not handled correctly by
       some privilege escalation configurations
     * file - Allow state=touch on file the user does not own
       https://github.com/ansible/ansible/issues/50943
     * fix ansible-pull hanlding of extra args, complex quoting is needed for
       inline JSON
     * fix ansible_connect_timeout variable in network_cli,netconf,httpapi
       and nxos_install_os timeout check
     * netapp_e_storagepool - fixed failure under Python 3.7
       (https://github.com/ansible/ansible/pull/47219)
     * onepassword_facts - Fix an issue looking up some 1Password items which
       have a 'password' attribute alongside the 'fields' attribute, not
       inside it.
     * prevent import_role from inserting dupe into roles: execution when
       duplicate signature role already exists in the section.
     * reboot - Fix bug where the connection timeout was not reset in the
       same task after rebooting
     * ssh connection - do not retry with invalid credentials to prevent
       account lockout (https://github.com/ansible/ansible/issues/48422)
     * systemd - warn when exeuting in a chroot environment rather than
       failing (https://github.com/ansible/ansible/pull/43904)
     * win_chocolatey - Fix hang when used with proxy for the first time -
       https://github.com/ansible/ansible/issues/47669
     * win_power_plan - Fix issue where win_power_plan failed on newer
       Windows 10 builds - https://github.com/ansible/ansible/issues/43827

   - update to version 2.7.6 Minor Changes:
     * Added documentation about using VMware dynamic inventory plugin.
     * Fixed bug around populating host_ip in hostvars in vmware_vm_inventory.
     * Image reference change in Azure VMSS is detected and applied correctly.
     * docker_volume - reverted changed behavior of force, which was released
       in Ansible 2.7.1 to 2.7.5, and Ansible 2.6.8 to 2.6.11. Volumes are
       now only recreated if the parameters changed and force is set to true
       (instead of or). This is the behavior which has been described in the
       documentation all the time.
     * set ansible_os_family from name variable in os-release
     * yum and dnf can now handle installing packages from URIs that are
       proxy redirects and don't end in the .rpm file extension Bugfixes:
     * Added log message at -vvvv when using netconf connection listing
       connection details.
     * Changes how ansible-connection names socket lock files. They now use
       the same name as the socket itself, and as such do not lock other
       attempts on connections to the same host, or cause issues with
       overly-long hostnames.
     * Fix mandatory statement error for junos modules
       (https://github.com/ansible/ansible/pull/50138)
     * Moved error in netconf connection plugin from at import to on
       connection.
     * This reverts some changes from commit 723daf3. If a line is found in
       the file, exactly or via regexp matching, it must not be added again.
       insertafter/insertbefore options are used only when a line is to be
       inserted, to specify where it must be added.
     * allow using openstack inventory plugin w/o a cache
     * callbacks - Do not filter out exception, warnings, deprecations on
       failure when using debug
       (https://github.com/ansible/ansible/issues/47576)
     * certificate_complete_chain - fix behavior when invalid file is parsed
       while reading intermediate or root certificates.
     * copy - Ensure that the src file contents is converted to unicode in
       diff information so that it is properly wrapped by AnsibleUnsafeText
       to prevent unexpected templating of diff data in Python3
       (https://github.com/ansible/ansible/issues/45717)
     * correct behaviour of verify_file for vmware inventory plugin, it was
       always returning True
     * dnf - fix issue where conf_file was not being loaded properly
     * dnf - fix update_cache combined with install operation to not cause
       dnf transaction failure
     * docker_container - fix network_mode idempotency if the
       container:<container-name> form is used (as opposed to
       container:<container-id>)
       (https://github.com/ansible/ansible/issues/49794)
     * docker_container - warning when non-string env values are found,
       avoiding YAML parsing issues. Will be made an error in Ansible 2.8.
       (https://github.com/ansible/ansible/issues/49802)
     * docker_swarm_service - Document labels and container_labels with
       correct type.
     * docker_swarm_service - Document limit_memory and reserve_memory
       correctly on how to specify sizes.
     * docker_swarm_service - Document minimal API version for configs and
       secrets.
     * docker_swarm_service - fix use of Docker API so that services are not
       detected as present if there is an existing service whose name is a
       substring of the desired service
     * docker_swarm_service - fixing falsely reporting update_order as
       changed when option is not used.
     * document old option that was initally missed
     * ec2_instance now respects check mode
       https://github.com/ansible/ansible/pull/46774
     * fix for network_cli - ansible_command_timeout not working as expected
       (#49466)
     * fix handling of firewalld port if protocol is missing
     * fix lastpass lookup failure on python 3
       (https://github.com/ansible/ansible/issues/42062)
     * flatpak - Fixed Python 2/3 compatibility
     * flatpak - Fixed issue where newer versions of flatpak failed on
       flatpak removal
     * flatpak_remote - Fixed Python 2/3 compatibility
     * gcp_compute_instance - fix crash when the instance metadata is not set
     * grafana_dashboard - Fix a pair of unicode string handling issues with
       version checking (https://github.com/ansible/ansible/pull/49194)
     * host execution order - Fix reverse_inventory not to change the order
       of the items before reversing on python2 and to not backtrace on
       python3
     * icinga2_host - fixed the issue with not working use_proxy option of
       the module.
     * influxdb_user - An unspecified password now sets the password to
       blank, except on existing users. This previously caused an unhandled
       exception.
     * influxdb_user - Fixed unhandled exception when using invalid login
       credentials (https://github.com/ansible/ansible/issues/50131)
     * openssl_* - fix error when path contains a file name without path.
     * openssl_csr - fix problem with idempotency of keyUsage option.
     * openssl_pkcs12 - now does proper path expansion for ca_certificates.
     * os_security_group_rule - os_security_group_rule doesn't exit properly
       when secgroup doesn't exist and state=absent
       (https://github.com/ansible/ansible/issues/50057)
     * paramiko_ssh - add auth_timeout parameter to ssh.connect when
       supported by installed paramiko version. This will prevent
       "Authentication timeout" errors when a slow authentication step (>30s)
       happens with a host (https://github.com/ansible/ansible/issues/42596)
     * purefa_facts and purefb_facts now correctly adds facts into main
       ansible_fact dictionary (https://github.com/ansible/ansible/pull/50349)
     * reboot - add appropriate commands to make the plugin work with VMware
       ESXi (https://github.com/ansible/ansible/issues/48425)
     * reboot - add support for rebooting AIX
       (https://github.com/ansible/ansible/issues/49712)
     * reboot - gather distribution information in order to support Alpine
       and other distributions
       (https://github.com/ansible/ansible/issues/46723)
     * reboot - search common paths for the shutdown command and use the full
       path to the binary rather than depending on the PATH of the remote
       system (https://github.com/ansible/ansible/issues/47131)
     * reboot - use a common set of commands for older and newer Solaris and
       SunOS variants (https://github.com/ansible/ansible/pull/48986)
     * redfish_utils - fix reference to local variable 'systems_service'
     * setup - fix the rounding of the ansible_memtotal_mb value on VMWare
       vm's (https://github.com/ansible/ansible/issues/49608)
     * vultr_server - fixed multiple ssh keys were not handled.
     * win_copy - Fix copy of a dir that contains an empty directory -
       https://github.com/ansible/ansible/issues/50077
     * win_firewall_rule - Remove invalid 'bypass' action
     * win_lineinfile - Fix issue where a malformed json block was returned
       causing an error
     * win_updates - Correctly report changes on success

   - update to version 2.7.5 Minor Changes:
     * Add warning about falling back to jinja2_native=false when Jinja2
       version is lower than 2.10.
     * Change the position to search os-release since clearlinux new versions
       are providing /etc/os-release too
     * Fixed typo in ansible-galaxy info command.
     * Improve the deprecation message for squashing, to not give misleading
       advice
     * Update docs and return section of vmware_host_service_facts module.
     * ansible-galaxy: properly warn when git isn't found in an installed bin
       path instead of traceback
     * dnf module properly load and initialize dnf package manager plugins
     * docker_swarm_service: use docker defaults for the user parameter if it
       is set to null Bugfixes:
     * bsc#1118896 CVE-2018-16876 Information disclosure in vvv+ mode with
       no_log on (https://github.com/ansible/ansible/pull/49569)
     * ACME modules: improve error messages in some cases (include error
       returned by server).
     * Added unit test for VMware module_utils.
     * Also check stdout for interpreter errors for more intelligent messages
       to user
     * Backported support for Devuan-based distribution
     * Convert hostvars data in OpenShift inventory plugin to be serializable
       by ansible-inventory
     * Fix AttributeError (Python 3 only) when an exception occurs while
       rendering a template
     * Fix N3K power supply facts
       (https://github.com/ansible/ansible/pull/49150).
     * Fix NameError nxos_facts
       (https://github.com/ansible/ansible/pull/48981).
     * Fix VMware module utils for self usage.
     * Fix error in OpenShift inventory plugin when a pod has errored and is
       empty
     * Fix if the route table changed to none
       (https://github.com/ansible/ansible/pull/49533)
     * Fix iosxr netconf plugin response namespace
       (https://github.com/ansible/ansible/pull/49300)
     * Fix issues with nxos_install_os module for nxapi
       (https://github.com/ansible/ansible/pull/48811).
     * Fix lldp and cdp neighbors information
   (https://github.com/ansible/ansible/pull/48318)(https://github.com/ansible/
       ansible/pull/48087)(https://github.com/ansible/ansible/pull/49024).
     * Fix nxos_interface and nxos_linkagg Idempotence issue
       (https://github.com/ansible/ansible/pull/46437).
     * Fix traceback when updating facts and the fact cache plugin was
       nonfunctional
     * Fix using vault encrypted data with jinja2_native
       (https://github.com/ansible/ansible/issues/48950)
     * Fixed: Make sure that the files excluded when extracting the archive
       are not checked. https://github.com/ansible/ansible/pull/45122
     * Fixes issue where a password parameter was not set to no_log
     * Respect no_log on retry and high verbosity (CVE-2018-16876)
     * aci_rest - Fix issue ignoring custom port
     * acme_account, acme_account_facts - in some cases, it could happen that
       the modules return information on disabled accounts accidentally
       returned by the ACME server.
     * docker_swarm - decreased minimal required API version from 1.35 to
       1.25; some features require API version 1.30 though.
     * docker_swarm_service: fails because of default "user: root"
       (https://github.com/ansible/ansible/issues/49199)
     * ec2_metadata_facts - Parse IAM role name from the security credential
       field since the instance profile name is different
     * fix azure_rm_image module use positional parameter
       (https://github.com/ansible/ansible/pull/49394)
     * fixes an issue with dict_merge in network utils
       (https://github.com/ansible/ansible/pull/49474)
     * gcp_utils - fix google auth scoping issue with application default
       credentials or google cloud engine credentials. Only scope credentials
       that can be scoped.
     * mail - fix python 2.7 regression
     * openstack - fix parameter handling when cloud provided as dict
       https://github.com/ansible/ansible/issues/42858
     * os_user - Include domain parameter in user deletion
       https://github.com/ansible/ansible/issues/42901
     * os_user - Include domain parameter in user lookup
       https://github.com/ansible/ansible/issues/42901
     * ovirt_storage_connection - comparing passwords breaks idempotency in
       update_check (https://github.com/ansible/ansible/issues/48933)
     * paramiko_ssh - improve log message to state the connection type
     * reboot - use IndexError instead of TypeError in exception
     * redis cache - Support version 3 of the redis python library
       (https://github.com/ansible/ansible/issues/49341)
     * sensu_silence - Cast int for expire field to avoid call failure to
       sensu API.
     * vmware_host_service_facts - handle exception when service package does
       not have package name.
     * win_nssm - Switched to Argv-ToString for escaping NSSM credentials
       (https://github.com/ansible/ansible/issues/48728)
     * zabbix_hostmacro - Added missing validate_certs logic for running
       module against Zabbix servers with untrused SSL certificates
       (https://github.com/ansible/ansible/issues/47611)
     * zabbix_hostmacro - Fixed support for user macros with context
       (https://github.com/ansible/ansible/issues/46953)

   - update to version 2.7.4 Bugfixes:
     * powershell - add lib/ansible/executor/powershell to the packaging data

   - update to version 2.7.3 Minor Changes:
     * Document Path and Port are mutually exclusive parameters in wait_for
       module
     * Puppet module remove --ignorecache to allow Puppet 6 support
     * dnf properly support modularity appstream installation via overloaded
       group modifier syntax
     * proxmox_kvm - fix exception
     * win_security_policy - warn users to use win_user_right instead when
       editing Privilege Rights Bugfixes:
     * Fix the issue that FTD HTTP API retries authentication-related HTTP
       requests
     * Fix the issue that module fails when the Swagger model does not have
       required fields
     * Fix the issue with comparing string-like objects
     * Fix using omit on play keywords
     * Windows - prevent sensitive content from appearing in scriptblock
       logging (CVE-2018-16859)
     * apt_key - Disable TTY requirement in GnuPG for the module to work
       correctly when SSH pipelining is enabled
     * better error message when bad type in config, deal with EVNAR= more
       gracefully
     * configuration retrieval would fail on non primed plugins
     * cs_template - Fixed a KeyError on state=extracted
     * docker_container - fix idempotency problems with docker-py caused by
       previous init idempotency fix
     * docker_container - fix interplay of docker-py version check with
       argument_spec validation improvements
     * docker_network - driver_options containing Python booleans would cause
       Docker to throw exceptions
     * ec2_group - Fix comparison of determining which rules to purge by
       ignoring descriptions
     * pip module - fix setuptools/distutils replacement
     * sysvinit - enabling a service should use "defaults" if no runlevels
       are specified

   - update to version 2.7.2 Minor changes:
     * Fix documentation for cloning template
     * Parsing plugin filter may raise TypeError, gracefully handle this
       exception and let user know about the syntax error in plugin filter
       file
     * Scenario guide for VMware HTTP API usage
     * Update plugin filter documentation
     * fix yum and dnf autoremove input sanitization to properly warn user if
       invalid options passed and update documentation to match
     * improve readability and fix privileges names on vmware
       scenario_clone_template
     * k8s - updated module documentation to mention how to avoid SSL
       validation errors
     * yum - when checking for updates, now properly include Obsoletes (both
       old and new) package data in the module JSON output

   - update to 2.7.1 Minor changes:
     * Fix yum module to properly check for empty conf_file value
     * added capability to set the scheme for the consul_kv lookup
     * added optional certificate and certificate validation for consul_kv
       lookups
     * dnf - properly handle modifying the enable/disable excludes data field
     * dnf appropriately handles disable_excludes repoid argument
     * dnf proerly honors disable_gpg_check for local package installation
     * fix yum module to handle list argument optional empty strings properly
     * netconf_config - Make default_operation optional in netconf_config
       module
     * yum - properly handle proxy password and username embedded in url
     * yum/dnf - fail when space separated string of names

   - update to 2.7.0 Major changes:
     * Allow config to enable native jinja types
     * Remove support for simplejson
     * yum and dnf modules now at feature parity Minor changes:
     * Changed the prefix of all Vultr modules from vr to vultr
     * Enable installroot tests for yum4(dnf) integration testing, dnf
       backend now supports that
     * Fixed timer in exponential backoff algorithm in vmware.py Bugfixes:
     * Security Fix - avoid loading host/group vars from cwd when not
       specifying a playbook or playbook base dir
     * Security Fix - avoid using ansible.cfg in a world writable dir
     * Some connection exception would cause no_log specified on a task to be
       ignored (stdout info disclosure)
     * Fix glob path of rc.d (SUSE-specific)
     * Fix lambda_policy updates
     * Fix alt linux detection/matching


   - update to 2.6.4 Minor Changes:
     * add azure_rm_storageaccount support to StorageV2 kind.
     * import_tasks - Do not allow import_tasks to transition to dynamic if
       the file is missing Bugfixes:
     * Add md5sum check in nxos_file_copy module
     * Allow arbitrary log_driver for docker_container
     * Fix Python2.6 regex bug terminal plugin nxos, iosxr
     * Fix check_mode in nxos_static_route module
     * Fix glob path of rc.d Some distribtuions like SUSE has the rc%.d
       directories under /etc/init.d
     * Fix network config diff issue for lines
     * Fixed an issue where ansible_facts.pkg_mgr would incorrectly set to
       zypper on Debian/Ubuntu systems that happened to have the command
       installed
     * The docker_* modules respect the DOCKER_* environment variables again
     * The fix for CVE-2018-10875 prints out a warning message about skipping
       a config file from a world writable current working directory.
       However, if the user is in a world writable current working directory
       which does not contain a config file, it should not print a warning
       message. This release fixes that extaneous warning.
     * To resolve nios_network issue where vendor-encapsulated-options can
       not have a use_option flag.
     * To resolve the issue of handling exception for Nios lookup gracefully.
     * always correctly template no log for tasks
     * ansible-galaxy - properly list all roles in roles_path
     * basic.py - catch ValueError in case a FIPS enabled platform raises
       this exception
     * docker_container: fixing working_dir idempotency problem
     * docker_container: makes unit parsing for memory sizes more consistent,
       and fixes idempotency problem when kernel_memory is set
     * fix example code for AWS lightsail documentation
     * fix the enable_snat parameter that is only supposed to be used by an
       user with the right policies.
     * fixes docker_container check and debug mode
     * improves docker_container idempotency
     * ios_l2_interface - fix bug when list of vlans ends with comma
     * ios_l2_interface - fix issue with certain interface types
     * ios_user - fix unable to delete user admin issue
     * ios_vlan - fix unable to work on certain interface types issue
     * nxos_facts test lldp feature and fix nxapi check_rc
     * nxos_interface port-channel idempotence fix for mode
     * nxos_linkagg mode fix
     * nxos_system idempotence fix
     * nxos_vlan refactor to support non structured output
     * one_host - fixes settings via environment variables
     * use retry_json nxos_banner
     * user - Strip trailing comments in /etc/default/passwd
     * user - when creating a new user without an expiration date, properly
       set no expiration rather that expirining the account
     * win_domain_computer - fixed deletion of computer active directory
       object that have dependent objects
     * win_domain_computer - fixed error in diff_support
     * win_domain_computer - fixed error when description parameter is empty
     * win_psexec - changed code to not escape the command option when
       building the args
     * win_uri -- Fix support for JSON output when charset is set
     * win_wait_for - fix issue where timeout doesn't wait unless
       state=drained

   - update to 2.6.3 Bugfixes:
     * Fix lxd module to be idempotent when the given configuration for the
       lxd container has not changed
     * Fix setting value type to str to avoid conversion during template
       read. Fix Idempotency in case of 'no key'.
     * Fix the mount module's handling of swap entries in fstab
     * The fix for (CVE-2018-10875) prints out a warning message about
       skipping a config file from a world writable current working
       directory. However, if the user explicitly specifies that the config
       file should be used via the ANSIBLE_CONFIG environment variable then
       Ansible would honor that but still print out the warning message. This
       has been fixed so that Ansible honors the user's explicit wishes and
       does not print a warning message in that circumstance.
     * To fix the bug where existing host_record was deleted when existing
       record name is used with different IP.
     * VMware handle pnic in proxyswitch
     * fix azure security group cannot add rules when purge_rule set to false.
     * fix azure_rm_deployment collect tags from existing Resource Group.
     * fix azure_rm_loadbalancer_facts list takes at least 2 arguments.
     * fix for the bundled selectors module (used in the ssh and local
       connection plugins) when a syscall is restarted after being
       interrupted by a signal
     * get_url - fix the bug that get_url does not change mode when checksum
       matches
     * nicer error when multiprocessing breaks
     * openssl_certificate - Convert valid_date to bytes for conversion
     * openstack_inventory.py dynamic inventory file fixed the plugin to the
       script so that it will work with current ansible-inventory. Also
       redirect stdout before dumping the ouptput, because not doing so will
       cause JSON parse errors in some cases.
     * slack callback - Fix invocation by looking up data from cli.options
     * sysvinit module: handle values of optional parameters. Don't disable
       service when enabled parameter isn't set. Fix command when arguments
       parameter isn't set.
     * vars_prompt - properly template play level variables in vars_prompt
     * win_domain - ensure the Netlogon service is up and running after
       promoting host to controller
     * win_domain_controller - ensure the Netlogon service is up and running
       after promoting host to controller

   - update to 2.6.2 Minor Changes
     + Sceanrio guide for removing an existing virtual machine is added.
     + lineinfile - add warning when using an empty regexp
     + Restore module_utils.basic.BOOLEANS variable for backwards
       compatibility with the module API in older ansible releases. Bugfixes:
     + Includes fix for bsc#1099808 (CVE-2018-10875) ansible.cfg is being
       read from current working directory allowing possible code execution
     + Add text output along with structured output in nxos_facts
     + Allow more than one page of results by using the right pagination
       indicator ('NextMarker' instead of 'NextToken').
     + Fix an atomic_move error that is 'true', but misleading. Now we show
       all 3 files involved and clarify what happened.
     + Fix eos_l2_interface eapi.
     + Fix fetching old style facts in junos_facts module
     + Fix get_device_info nxos zero or more whitespace regex
     + Fix nxos CI failures
     + Fix nxos_nxapi default http behavior
     + Fix nxos_vxlan_vtep_vni
     + Fix regex network_os_platform nxos
     + Refactor nxos cliconf get_device_info for non structured
       output supported devices
     + To fix the NoneType error raised in ios_l2_interface when Access Mode
       VLAN is unassigned
     + emtpy host/group name is an error
     + fix default SSL version for docker modules
     + fix mail module when using starttls
     + fix nmap config example
     + fix ps detection of service
     + fix the remote tmp folder permissions issue when becoming a non admin
       user
     + fix typoe in sysvinit that breaks update.rc-d detection
     + fixes docker_container compatibilty with docker-py < 2.2
     + get_capabilities in nxapi module_utils should not return empty
       dictionary
     + inventory - When using an inventory directory, ensure extension
       comparison uses text types
     + ios_vlan - fix unable to identify correct vlans issue
     + nxos_facts warning message improved
     + openvswitch_db - make 'key' argument optional
     + pause - do not set stdout to raw mode when redirecting to a file
     + pause - nest try except when importing curses to gracefully fail if
       curses is not present
     + plugins/inventory/openstack.py - Do not create group with empty name
       if region is not set
     + preseve delegation info on nolog
     + remove ambiguity when it comes to 'the source'
     + remove dupes from var precedence
     + restores filtering out conflicting facts
     + user - fix bug that resulted in module always reporting a change when
       specifiying the home directory on FreeBSD
     + user - use correct attribute name in FreeBSD for creat_home
     + vultr - Do not fail trying to load configuration from ini files if
       required variables have been set as environment variables.
     + vyos_command correcting conditionals looping
     + win_chocolatey - enable TLSv1.2 support when downloading the
       Chocolatey installer
     + win_reboot - fix for handling an already scheduled reboot and other
       minor log formatting issues
     + win_reboot - fix issue when overridding connection timeout hung the
       post reboot uptime check
     + win_reboot - handle post reboots when running test_command
     + win_security_policy - allows an empty string to reset a policy value
     + win_share - discard any cmdlet output we don't use to ensure only the
       return json is received by Ansible
     + win_unzip - discard any cmdlet output we don't use to ensure only the
       return json is received by Ansible
     + win_updates - fixed module return value is lost in error in some cases
     + win_user - Use LogonUser to validate the password as it does not rely
       on SMB/RPC to be available
     + Security Fix - avoid loading host/group vars from cwd when not
       specifying a playbook or playbook base dir
     + Security Fix - avoid using ansible.cfg in a world writable dir.
     + Fix junos_config confirm commit timeout issue
       (https://github.com/ansible/ansible/pull/41527)
     + file module - The touch subcommand had its diff output broken during
       the 2.6.x development cycle. This is now fixed.
     + inventory manager - This fixes required options being populated before
       the inventory config file is read, so the required options may be set
       in the config file.
     + nsupdate - allow hmac-sha384
       https://github.com/ansible/ansible/pull/42209
     + win_domain - fixes typo in one of the AD cmdlets
       https://github.com/ansible/ansible/issues/41536
     + win_group_membership - uses the internal Ansible SID conversion logic
       and uses that when comparing group membership instead of the name
   - use fdupes to save some space in python_sitelib
   - define BuildRoot on older distributions like SLE-11
   - be a bit more flexible with the ending of manpage files to allow Fedora
     builds to succeed
   - includes fix for bsc#1099805 (CVE-2018-10874) Inventory variables are
     loaded from current working directory when running ad-hoc command that
     can lead to code execution (included upstream in 2.6.1).

   - revert some unneeded changes from spec-cleaner

   - updated to latest release 2.6.0
   - New Plugins:
     + Callback:
       - cgroup_memory_recap
       - grafana_annotations
       - sumologic
     + Connection:
       - httpapi
     + Inventory:
       - foreman
       - gcp_compute
       - generator
       - nmap
     + Lookup:
       - onepassword
       - onepassword_raw
   - Modules updates too many to mention here please look at package
     documentation directory (/usr/share/doc/packages/.../changelogs)
   - bug fixes:
     - **Security Fix** - Some connection exceptions would cause no_log
       specified on a task to be ignored.  If this happened, the task
       information, including any private information coul d have been
       displayed to stdout and (if enabled, not the default) logged to a log
       file specified in ansible.cfg's log_path.  Additionally, sites which
       redirected stdout from ansible runs to a log file may have stored that
       private information onto disk that way as well.
       (https://github.com/ansible/ansible/pull/41414)
     - Changed the admin_users config option to not include "admin" by
       default as admin is frequently used for a non-privileged account
       (https://github.com/ansible/ansible/pull/41164)
     - Changed the output to "text" for "show vrf" command as default "json"
       output format with respect to "eapi" transport was failing
        (https://github.com/ansible/ansible/pull/41470)
     - Document mode=preserve for both the copy and template module
     - Fix added for Digital Ocean Volumes API change causing Ansible to
       recieve an unexpected value in the response.
       (https://github.com/ansible/ansible/pull/41431)
     - Fix an encoding issue when parsing the examples from a plugins'
       documentation
     - Fix iosxr_config module to handle route-policy, community-set,
       prefix-set, as-path-set and rd-set blocks.  All these blocks are part
       of route-policy language of iosxr.
     - Fix mode=preserve with remote_src=True for the copy module
     - Implement mode=preserve for the template module
     - The yaml callback plugin now allows non-ascii characters to be
       displayed.
     - Various grafana_* modules - Port away from the deprecated
       b64encodestring function to the b64encode function instead.
       https://github.com/ansible/ansible/pull/38388
     - added missing 'raise' to exception definition
       https://github.com/ansible/ansible/pull/41690
     - allow custom endpoints to be used in the aws_s3 module
       (https://github.com/ansible/ansible/pull/36832)
     - allow set_options to be called multiple times
       https://github.com/ansible/ansible/pull/41913
     - ansible-doc - fixed traceback on missing plugins
       (https://github.com/ansible/ansible/pull/41167)
     - cast the device_mapping volume size to an int in the ec2_ami module
       (https://github.com/ansible/ansible/pull/40938)
     - copy - fixed copy to only follow symlinks for files in the
       non-recursive case
     - copy module - The copy module was attempting to change the mode of
       files for remote_src=True even if mode was not set as a parameter.
       This failed on filesystems which do not have permission bits
       (https://github.com/ansible/ansible/pull/40099)
     - copy module - fixed recursive copy with relative paths
       (https://github.com/ansible/ansible/pull/40166)
     - correct debug display for all cases
       https://github.com/ansible/ansible/pull/41331
     - correctly check hostvars for vars term
       https://github.com/ansible/ansible/pull/41819
     - correctly handle yaml inventory files when entries are null dicts
       https://github.com/ansible/ansible/issues/41692
     - dynamic includes - Allow inheriting attributes from static parents
       (https://github.com/ansible/ansible/pull/38827)
     - dynamic includes - Don't treat undefined vars for conditional includes
       as truthy (https://github.com/ansible/ansible/pull/39377)
     - dynamic includes - Fix IncludedFile comparison for free strategy
       (https://github.com/ansible/ansible/pull/37083)
     - dynamic includes - Improved performance by fixing re-parenting on copy
       (https://github.com/ansible/ansible/pull/38747)
     - dynamic includes - Use the copied and merged task for calculating task
       vars (https://github.com/ansible/ansible/pull/39762)
     - file - fixed the default follow behaviour of file to be true
     - file module - Eliminate an error if we're asked to remove a file but
       something removes it while we are processing the request
       (https://github.com/ansible/ansible/pull/39466)
     - file module - Fix error when recursively assigning permissions and a
       symlink to a nonexistent file is present in the directory tree
       (https://github.com/ansible/ansible/issues/39456)
     - file module - Fix error when running a task which assures a symlink to
       a nonexistent file exists for the second and subsequent times
       (https://github.com/ansible/ansible/issues/39558)
     - file module - The file module allowed the user to specify src as a
       parameter when state was not link or hard.  This is documented as only
       applying to state=link or state=hard but in previous Ansible, this
       could have an effect in rare cornercases.  For instance, "ansible -m
       file -a 'state=directory path=/tmp src=/var/lib'" would create
       /tmp/lib.  This has been disabled and a warning emitted (will change
       to an error in Ansible-2.10).
     - file module - The touch subcommand had its diff output broken during
       the 2.6.x development cycle.  This is now fixed
       (https://github.com/ansible/ansible/issues/41755)
     - fix BotoCoreError exception handling
     - fix apt-mark on debian6 (https://github.com/ansible/ansible/pull/41530)
     - fix async for the aws_s3 module by adding async support to the action
       plugin (https://github.com/ansible/ansible/pull/40826)
     - fix decrypting vault files for the aws_s3 module
       (https://github.com/ansible/ansible/pull/39634)
     - fix errors with S3-compatible APIs if they cannot use ACLs for buckets
       or objects
     - fix permission handling to try to download a file even if the user
       does not have permission to list all objects in the bucket
     - fixed config required handling, specifically for _terms in lookups
       https://github.com/ansible/ansible/pull/41740
     - gce_net - Fix sorting of allowed ports
       (https://github.com/ansible/ansible/pull/41567)
     - group_by - support implicit localhost
       (https://github.com/ansible/ansible/pull/41860)
     - import/include - Ensure role handlers have the proper parent, allowing
       for correct attribute inheritance
       (https://github.com/ansible/ansible/pull/39426)
     - import_playbook - Pass vars applied to import_playbook into parsing of
       the playbook as they may be needed to parse the imported plays
       (https://github.com/ansible/ansible/pull/39521)
     - include_role/import_role - Don't overwrite included role handlers with
       play handlers on parse (https://github.com/ansible/ansible/pull/39563)
     - include_role/import_role - Fix parameter templating
       (https://github.com/ansible/ansible/pull/36372)
     - include_role/import_role - Use the computed role name for
       include_role/import_role so to diffentiate between names computed from
       host vars (https://github.com/ansible/ansible/pull/39516)-
       include_role/import_role - improved performance and recursion depth
       (https://github.com/ansible/ansible/pull/36470)
     - lineinfile - fix insertbefore when used with BOF to not insert
       duplicate lines (https://github.com/ansible/ansible/issues/38219)
     - password lookup - Do not load password lookup in network filters,
       allowing the password lookup to be overriden
       (https://github.com/ansible/ansible/pull/41907)
     - pause - ensure ctrl+c interrupt works in all cases
       (https://github.com/ansible/ansible/issues/35372)
     - powershell - use the tmpdir set by `remote_tmp` for become/async tasks
       instead of the generic $env:TEMP -
       https://github.com/ansible/ansible/pull/40210
     - selinux - correct check mode behavior to report same changes as normal
       mode (https://github.com/ansible/ansible/pull/40721)
     - spwd - With python 3.6 spwd.getspnam returns PermissionError instead
       of KeyError if user does not have privileges
       (https://github.com/ansible/ansible/issues/39472)
     - synchronize - Ensure the local connection created by synchronize uses
       _remote_is_local=True, which causes ActionBase to build a local tmpdir
       (https://github.com/ansible/ansible/pull/40833)
     - template - Fix for encoding issues when a template path contains
       non-ascii characters and using the template path in ansible_managed
       (https://github.com/ansible/ansible/issues/27262)
     - template action plugin - fix the encoding of filenames to avoid
       tracebacks on Python2 when characters that are not present in the
       user's locale are present.
       (https://github.com/ansible/ansible/pull/39424)
     - user - only change the expiration time when necessary
       (https://github.com/ansible/ansible/issues/13235)
     - uses correct conn info for reset_connection
       https://github.com/ansible/ansible/issues/27520
     - win_environment - Fix for issue where the environment value was
       deleted when a null value or empty string was set -
       https://github.com/ansible/ansible/issues/40450
     - win_file - fix issue where special chars like [ and ] were not being
       handled correctly https://github.com/ansible/ansible/pull/37901
     - win_get_url - fixed a few bugs around authentication and force no when
       using an FTP URL
     - win_iis_webapppool - redirect some module output to null so Ansible
       can read the output JSON
       https://github.com/ansible/ansible/issues/40874
     - win_template - fix when specifying the dest option as a directory with
       and without the trailing slash
       https://github.com/ansible/ansible/issues/39886
     - win_updates - Added the ability to run on a scheduled task for older
       hosts so async starts working again -
       https://github.com/ansible/ansible/issues/38364
     - win_updates - Fix logic when using a whitelist for multiple updates
     - win_updates - Fix typo that hid the download error when a download
       failed
     - win_updates - Fixed issue where running win_updates on async fails
       without any error
     - windows become - Show better error messages when the become process
       fails
     - winrm - Add better error handling when the kinit process fails
     - winrm - allow `ansible_user` or `ansible_winrm_user` to override
       `ansible_ssh_user` when both are defined in an inventory -
       https://github.com/ansible/ansible/issues/39844
     - winrm - ensure pexpect is set to not echo the input on a failure and
       have a manual sanity check afterwards
       https://github.com/ansible/ansible/issues/41865
     - winrm connection plugin - Fix exception messages sometimes raising a
       traceback when the winrm connection plugin encounters an unrecoverable
       error.  https://github.com/ansible/ansible/pull/39333
     - xenserver_facts - ensure module works with newer versions of XenServer
       (https://github.com/ansible/ansible/pull/35821)

   - use python3 on (open)SUSE 15 or newer

   - Update to 2.5.5
     - Fixed the honouration of the no_log option with failed task iterations
       (CVE-2018-10855 boo#1097775)
     - Bufixes:
       - Changed the admin_users config option to not include "admin" by
         default as admin is frequently used for a non-privileged account
       - aws_s3 - add async support to the action plugin
       - aws_s3 - fix decrypting vault files
       - ec2_ami - cast the device_mapping volume size to an int
       - eos_logging - fix idempotency issues
       - cache plugins - A cache timeout of 0 means the cache will not expire.
       - ios_logging - fix idempotency issues
       - ios/nxos/eos_config - don't retrieve config in running_config when
         config is provided for diff
       - nxos_banner - fix multiline banner issue
       - nxos terminal plugin - fix output truncation
       - nxos_l3_interface - fix no switchport issue with loopback and svi
         interfaces
       - nxos_snapshot - fix compare_option
   - Applied spec-cleaner

   - Update to 2.5.1 Minor Changes
     + Updated example in vcenter_license module.
     + Updated virtual machine facts with instanceUUID which is unique for
       each VM irrespective of name and BIOS UUID.
     + A lot of Bugfixes, please refer to the Changelog installed in
       /usr/share/doc/packages/ansible/changelogs/CHANGELOG-v2.5.rst

   - Update to 2.5.0: Major Changes
     * Ansible Network improvements
       + Created new connection plugins network_cli and netconf to replace
         connection=local. connection=local will continue to work for a
         number of Ansible releases.
       + No more unable to open shell. A clear and descriptive message will
         be displayed in normal ansible-playbook output without needing to
         enable debug mode
       + Loads of documentation, see Ansible for Network Automation
         Documentation.
       + Refactor common network shared code into package under
         module_utils/network/
       + Filters: Add a filter to convert XML response from a network device
         to JSON object.
       + Loads of bug fixes.
       + Plus lots more.
     * New simpler and more intuitive 'loop' keyword for task loops. The
       with_<lookup> loops will likely be deprecated in the near future and
       eventually removed.
     * Added fact namespacing; from now on facts will be available under
       ansible_facts namespace (for example: ansible_facts.os_distribution)
       without the ansible_ prefix. They will continue to be added into the
       main namespace directly, but now with a configuration toggle to enable
       this. This is currently on by default, but in the future it will
       default to off.
     * Added a configuration file that a site administrator can use to
       specify modules to exclude from being used. Minor Changes
     * please refer to
       /share/doc/packages/ansible/changelogs/CHANGELOG-v2.5.rst Deprecated
       Features
     * Previously deprecated 'hostfile' config settings have been
       're-deprecated' because previously code did not warn about deprecated
       configuration settings.
     * Using Ansible-provided Jinja tests as filters is deprecated and will
       be removed in Ansible 2.9.
     * The stat and win_stat modules have deprecated get_md5 and the md5
       return values. These options will become undocumented in Ansible 2.9
       and removed in a later version.
     * The redis_kv lookup has been deprecated in favor of new redis lookup
     * Passing arbitrary parameters that begin with HEADER_ to the uri
       module, used for passing http headers, is deprecated. Use the headers
       parameter with a dictionary of header names to value instead. This
       will be removed in Ansible 2.9
     * Passing arbitrary parameters to the zfs module to set zfs properties
       is deprecated. Use the extra_zfs_properties parameter with a
       dictionary of property names to values instead. This will be removed
       in Ansible 2.9.
     * Use of the AnsibleModule parameter check\_invalid\_arguments in custom
       modules is deprecated. In the future, all parameters will be checked
       to see whether they are listed in the arg spec and an error raised if
       they are not listed. This behaviour is the current and future default
       so most custom modules can simply remove check\_invalid\_arguments if
       they set it to the default value of True. The
       check\_invalid\_arguments parameter will be removed in Ansible 2.9.
     * The nxos_ip_interface module is deprecated in Ansible 2.5. Use
       nxos_l3_interface module instead.
     * The nxos_portchannel module is deprecated in Ansible 2.5. Use
       nxos_linkagg module instead.
     * The nxos_switchport module is deprecated in Ansible 2.5. Use
       nxos_l2_interface module instead.
     * The ec2_ami_find has been deprecated; use ec2_ami_facts instead.
     * panos_security_policy: Use panos_security_rule - the old module uses
       deprecated API calls
     * vsphere_guest is deprecated in Ansible 2.5 and will be removed in
       Ansible-2.9. Use vmware_guest module instead. Removed Features
       (previously deprecated)
     * accelerate.
     * boundary_meter: There was no deprecation period for this but the
       hosted service it relied on has gone away so the module has been
       removed. #29387
     * cl_ : cl_interface, cl_interface_policy, cl_bridge, cl_img_install,
       cl_ports, cl_license, cl_bond. Use nclu instead
     * docker. Use docker_container and docker_image instead.
     * ec2_vpc.
     * ec2_ami_search, use ec2_ami_facts instead.
     * nxos_mtu. Use nxos_system's system_mtu option instead. To specify an
       interface's MTU use nxos_interface.
     * panos_nat_policy: Use panos_nat_rule the old module uses deprecated
       API calls
   - also package the changelogs directory below
     /usr/share/doc/packages/ansible/ for better reference

   - License changed to GPL-3.0-or-later, as mentioned in the source (former
     license focues on GPL-3.0 only)

   - Add python-passlib as Requires (bsc#1080682) passlib is needed for the
     "vars_prompt" feature of ansible

   - Update to version 2.4.3.0:
     * Fix `pamd` rule args regexp to match file paths.
     * Check if SELinux policy exists before setting.
     * Set locale to `C` in `letsencrypt` module to fix date parsing errors.
     * Fix include in loop when stategy=free.
     * Fix save parameter in asa_config.
     * Fix --vault-id support in ansible-pull.
     * In nxos_interface_ospf, fail nicely if loopback is used with
       passive_interface.
     * Fix quote filter when given an integer to quote.
     * nxos_vrf_interface fix when validating the interface.
     * Fix for win_copy when sourcing files from an SMBv1 share.
     * correctly report callback plugin file.
     * restrict revaulting to vault cli.
     * Fix python3 tracebacks in letsencrypt module.
     * Fix ansible_*_interpreter variables to be templated prior to being
       used.
     * Fix setting of environment in a task that uses a loop
     * Fix fetch on Windows failing to fetch files or particular block size.
     * preserve certain fields during no log.
     * fix issue with order of declaration of sections in ini inventory.
     * Fix win_iis_webapppool to correctly stop a apppool.
     * Fix CloudEngine host failed.
     * Fix ios_config save issue.
     * Handle vault filenames with nonascii chars when displaying messages.
     * Fix win_iis_webapppool to not return passwords.
     * Fix extended file attributes detection and changing.
     * correctly ensure 'ungrouped' membership rules.
     * made warnings less noisy when empty/no inventory is supplied.
     * Fixes a failure which prevents to create servers in module
       cloudscale_server.
     * Fix win_firewall_rule "Specified cast is invalid" error when modifying
       a rule with all of Domain/Public/Private profiles set.
     * Fix case for multilib when installing from a file in the yum module.
     * Fix WinRM parsing/escaping of IPv6 addresses.
     * Fix win_package to detect MSI regardless of the extension case.
     * Updated win_mapped_drive docs to clarify what it is used for.
     * Fix file related modules run in check_mode when the file being
       operated on does not exist.
     * Make eos_vlan idempotent.
     * Fix win_iis_website to properly check attributes before setting.
     * Fixed the removal date for ios_config save and force parameters.
     * cloudstack: fix timeout from ini config file being ignored.
     * fixes memory usage issues with many blocks/includes.
     * Fixes maximum recursion depth exceeded with include_role.
     * Fix to win_dns_client module to take ordering of DNS servers to
       resolve into account.
     * Fix for the nxos_banner module where some nxos images nest the
       output inside of an additional dict.
     * Fix failure message "got multiple values for keyword argument id" in
       the azure_rm_securitygroup module (caused by changes to the azure
       python API).
     * Bump Azure storage client minimum to 1.5.0 to fix deserialization
       issues. This will break Azure Stack until it receives storage API
       version 2017-10-01 or changes are made to support multiple versions.
     * Flush stdin when passing the become password. Fixes some cases
       of timeout on Python 3 with the ssh connection plugin. update to
        version v2.4.2.0:
     * lock azure containerservice to below 2.0.0
     * ovirt_host_networks: Fix label assignment
     * Fix vault --ask-vault-pass with no tty (#31493)
     * cherry-pick changes of azure_rm_common from devel to 2.4 (#32607)
     * Fixes #31090. In network parse_cli filter plugin, this change moves
       the creation of a (#31092) (#32458)
     * Use an abspath for network inventory ssh key path.
     * Remove toLower on source (#31983)
     * Add k8s_common.py logging fixes to the changelog
     * inserts enable cmd hash with auth_pass used (#32107)
     * Fix exception upon display.warn() (#31876)
     * ios_system: Fix typo in unit test (#32284)
     * yum: use the C locale when screen scraping (#32203)
     * Use region derived from get_aws_connection_info() in dynamodb_table to
       fix tagging bug (#32557)
     * fix item var in delegation (#32986)
     * Add changelog entry for elb_application_lb fix
     * Add a validate example to blockinfile. (#32088)
     * Correct formatting --arguments (#31808)
     * Add changelog for URI/get_url fix
     * [cloud] Bugfix for aws_s3 empty directory creation (#32198)
     * Fix junos integration test fixes as per connection refactor (#33050)
       (#33055)
     * Update win_copy for #32677 (#32682)
     * ios_interface testfix (#32381)
     * Add proper check mode support to the script module (#31852)
     * Add galaxy --force fix to changelog
     * Fix non-ascii errors in config manager
     * Add python3 urllib fixes to changelog
     * Add changelog entry for the stdin py3 fix
     * Update version info for the 2.4.2 release
     * Add max_fail_percentage fix to changelog
     * Changelog entry for script inventory plugin fix.
     * Make RPM spec compatible with RHEL 6 (#31653)
     * Add changelog entry for the yum locale fix
     * Use vyos/1.1.8 in CI.
     * Fix patching to epel package
     * Pass proper error value to to_text (#33030)
     * Fix and re-enable zypper* integration tests in CI.
     * avoid chroot paths (#32778)
     * Add changelog entry for inventory nonascii paths fix
     * Fix ios_config integration test failures (#32959) (#32970)
     * Fix ios_config file prompt issue (#32744) (#32780)
     * Mdd module unit test docs (#31373)
     * dont add all group vars to implicit on create
     * Fix nxos_banner removal idempotence issue in N1 images (#31259)
     * Clarify the release and maintenance cycle (#32402)
     * Add ansible_distribution_major_version to macOS (#31708)
     * Docs (#32718)
     * Keep newlines when reading LXC container config file (#32219)
     * Updated changelog for vmware logon error handling
     * New release v2.4.2.0-0.2.beta2
     * added doc notes about vars plugins in precedence
     * revert module_utils/nxos change from #32846 (#32956)
     * [cloud] add boto3 requirement to `cloudformation` module docs (#31135)
     * Fixes #31056 (#31057)
     * - Fix logging module issue where facility is being deleted along with
       host (#32234)
     * Get the moid in a more failsafe manner (#32671)
     * Integration Tests only: add static route, snmp_user, snapshot and hsrp
       it cases (#28933)
     * Add the change to when we escape backslashes (for the template lookup
       plugin) to changelog
     * correctly deal with changed (#31812)
     * Add the template lookup escaping to the 2.4 porting guide (#32760)
     * tests for InventoryModule error conditions (#31381)
     * Disable pylint rules for stable-2.4.
     * fix typo
     * Enable TLS1.1 and TLS1.2 for win_package (#32184)
     * Add remove host fix to changelog
     * ios_interface provider issue testfix (#32335)
     * win_service: quoted path fix (#32469)
     * Add changes to succeeded/failed tests to the 2.4 porting guide (#33201)
     * Run OS X tests in 3 groups in CI.
     * ini inventory: document value parsing workaround
     * Change netconf port in testcase as per test enviornment (#32883)
       (#32889)
     * fix inventory loading for ansible-doc
     * jsonify inventory (#32990)
     * firewalld: don't reference undefined variable in error case (#31949)
     * change ports to non well known ports and drop time_range for N1
       (#31261)
     * make vars only group declarations an error
     * Add changelog for os_floating_ip fix
     * Fix example on comparing master config (#32406)
     * py2/py3 safer shas on hostvars (#31788)
     * ensure we always have a basedir
     * Add missing ansible-test --remote-terminate support. (#32918)
     * Use show command to support wider platform set for nxos_interface
       module (#33037)
     * ios_logging: change IOS command pipe to section to include (#33100)
       (#33116)
     * win_find: allow module to skip on files it fails to check (#32105)
     * New release v2.4.2.0-0.4.beta4
     * multiple nxos fixes (#32905)
     * Add changelog entry for git archive fix
     * Add changelog entries for a myriad of 2.4.2 bugfixes
     * iosxr integration testfix (#32344)
     * Fix #31694: running with closed stdin on python 3 (#31695)
     * Add eos_user fix to changelog
     * updated changelog with win_find fix
     * Added urls python3 fix to changelog
     * [cloud] Support changeset_name parameter on CloudFormation stack
       create (#31436)
     * use configured ansible_shell_executable
     * New release v2.4.2.0-0.3.beta3
     * Fix ec2_lc failing to create multi-volume configurations (#32191)
     * Changelog win_package TLS fix
     * Fix wrong prompt issue for network modules (#32426) (#32442)
     * New release v2.4.2.0-0.1.beta1
     * Exclude stack policy when running in check mode.
     * change inventory_hostname to ansible_host to fix test (#32890) (#32891)
     * Add azure_rm_acs check mode fix
     * Updated changelog for win_copy fix
     * corrected package docs
     * make sure patterns are strings
     * Add more bugfixes to changelog
     * Fix junos netconf port issue in integration test (#32610) (#32668)
     * fixed .loads error for non decoded json in Python 3 (#32065)
     * nxos_config and nxos_facts - fixes for N35 platform.  (#32762) (#32875)
     * Add changelog entry for #32219
     * Remove provider from  ios integration test (#31037) (#32230)
     * added note about serial behaviour (#32461)
     * Fixes ios_logging unit test (#32240)
     * Avoid AttributeError: internal_network on os_floating_ip (#32887)
     * use to_str instead of json.dumps when serializing k8s object for
       logging
     * Prefer the stdlib SSLContext over urllib3 context
     * git: fix archive when update is set to no (#31829)
     * Add elb_target_group port fix to the changelog
     * Changelog entry for aws_s3 issue #32144
     * Add error handling for user login (#32613)
     * Move asa provider to suboptions (#32356)
     * fix dci failure nxos (#32877) (#32878)
     * Add inventory jsonification to the changelog
     * eos_eapi: adding the desired state config to the new vrf fixes #32111
       (#32112) (#32452)
     * Handle ip name-server lines containing multiple nameservers (#32235)
       (#32373)
     * Remove provider from prepare_ios_tests integration test (#31038)
     * Add last minute bugfixes and doc updates for rc1
     * Fix snmp bugs on Nexus 3500 platform (#32773) (#32847)
     * validate that existing dest is valid directory
     * Update the release data for 2.4.1 in the changelog
     * add check mode for acs delete (#32063)
     * More fixes added to changelog
     * Add wait_for fix to the changelog
     * removed psobject to hashtables that were missed (#32710)
     * wait_for: treat broken connections as "unready" (#28839)
     * Return all elements in a more robust way
     * fix ios_interface test (#32372)
     * Add missing packages to default docker image.
     * fix nxos_igmp_snooping (#31688)
     * - Fix to return error message back to the module. (#31035)
     * Ensure that readonly result members are serialized (#33170)
     * Keywords docs (#32807)
     * remove hosts from removed when rescuing
     * Add panos_security_rule docs typo fix to changelog
     * Update vyos completion in network.txt.
     * move to use ansible logging
     * ovirt_clusters: Fix fencing and kuma comparision
     * Documentation typo fixes (#32473)
     * [fix] issue #30516 : take care about autoremove in upgrade function
     * Enable ECHO in prompt module (#32083)
     * calculate max fail against all hosts in batch
     * Fix urlparse import for Python3 (#31240)
     * Bunch of changelog updates for cherry-picks
     * restore hostpattern regex/glob behaviour
     * Better handling of malformed vault data envelope (#32515)
     * Updated changelog regarding win_service quoted path fix
     * nxos_interface error handling (#32846)
     * An availability zone will be selected if none is provided. Set az to
       an empty string if it's None to avoid traceback. (#32216)
     * Use to_native when validating proxy result (#32596)
     * vmware_guest: refactor spec serialization (#32681)
     * Add new default Docker container for ansible-test. (#31944)
     * warn on bad keys in group
     * NXOS: Integration tests to Ansible (part 3) (#29030)
     * Add spec file fix to changelog
     * eos_user testfix (#32264)
     * iam.py: return iam.role dict when creating roles (#28964)
     * Add networking bug fixes to changelog (#32201)
     * [cloud] sns_topic: Fix unreferenced variable
     * Fix service_mgr fact collection (#32086)
     * Fix include_role unit tests (#31920)
     * Updated changelog for win_iis_* modules things
     * handle ignore_errors in loop
     * adjust nohome param when using luser
     * better cleanup on task results display (#27175)
     * Improve python 2/3 ABC fallback for pylint. (#31848)
     * fix html formatting
     * Add ansible_shell_executable fix to changelog
     * Move resource pool login to a separate function and fix undefined var
       reference (#32674)
     * Update ansible-test sanity command. (#31958)
     * ios_ping test fix (#32342)
     * fix CI failure yaml syntax (#32374)
     * Scan group_vars/host_vars in sorted order
     *     luseradd defaults to creating w/o need for -m (#32411)
     * Integration Tests only:  nxos_udld, nxos_udld_interface,
       nxos_vxlan_vtep_vni (#29143) (#32962)
     * Fix: modifying existing application lb using certificates now properly
       sets certificates (#28217)
     * ios_logging: Fix some smaller issues, add unit test (#32321)
     * Fix nxos_snmp_host bug (#32916) (#32958)
     * ovirt_hosts: Don't fail upgrade when NON_RESPONSIVE state
     * ini plugin should recursively instantiate pending
     * eos_user: sends user secret first on user creation fixes #31680
       (#32162)
     * Cast target port to an int in elb_target_group. Fixes #32098 (#32202)
     * New release v2.4.2.0-0.5.rc1
     * remove misleading group vars as they are flat (#32276)
     * Fix typo
     * Avoid default inventory proccessing for pull (#32135)
     * Fix ansible-test default image. (#31966)
     * removed superfluous `type` field from RecordSet constructor (#33167)
     * Update k8s_common.py
     * Add ios_logging fixes to changelog 2.4.2beta2 (#32447)
     * Revert "Removed a force conditional (#28851)" (#32282)
     * Add new documentation on writing unittests to the changelog
     * Fix ansible-test race calling get_coverage_path.
     * New release v2.4.2.0-1
   - update to 2.3.2.0 (final) - bsc#1059235
   - update to 2.3.1 RC1 (package version 2.3.0.1) (bsc#1056094): as
     "unsafe". bsc#1038785
     * SECURITY (MODERATE): fix for CVE-2017-7466, which finally fixes an
       arbitrary command execution vulnerability
   - security update to rc4 of 2.2.1.0 version CVE-2016-9587, CVE-2016-8628,
     CVE-2016-8614, CVE-2016-8647, CVE-2016-9587 (bsc#1008037, bsc#1008038,
     bsc#1010940, bsc#1019021)

   Changes in ardana-ansible:
   - Update to version 8.0+git.1596735237.54109b1:
     * Update the Swift XFS inode size check (SOC-10300)

   - Update to version 8.0+git.1596204601.75b0e4e:
     * Fix upgrade validations Keystone V3 check target (SOC-10300)

   Changes in ardana-cinder:
   - Update to version 8.0+git.1596129856.263f430:
     * Install python-swiftclient as cinder-backup dependency (SOC-11364)

   Changes in ardana-glance:
   - Update to version 8.0+git.1593631779.76fa9b7:
     * Idempotent cirros image upload to glance (SOC-11342)

   Changes in ardana-mq:
   - Update to version 8.0+git.1593618123.678c32b:
     * Ensure epmd.service started/stopped independent of rabbitmq (SOC-6780)

   Changes in ardana-nova:
   - Update to version 8.0+git.1601298847.dd01585:
     * restore ram_weight_multiplier to default (bsc#1123561)
     * enable all weigher classes by default (bsc#1123561)

   - Update to version 8.0+git.1595857666.cf6b4a9:
     * Correction for (bsc#1174242)

   - Update to version 8.0+git.1595356665.56726ed:
     * Disable nova-consoleauth monasca process check (bsc#1174242)

   Changes in ardana-osconfig:
   - Update to version 8.0+git.1595885113.93abcbc:
     * Enable SLE12 SP3 LTSS for SMT deployments (SOC-11223)

   Changes in crowbar-core:
   - Update to version 5.0+git.1600432272.b3ad722f0:
     * provisioner: check for client_user (SOC-11389)
     * upgrade: Allow transition from crowbar_upgrade to reboot (trivial)

   - Update to version 5.0+git.1600352887.1e23b8015:
     * Ignore CVE-2020-15169 (SOC-11391)

   - Update to version 5.0+git.1594898401.caf0b325c:
     * crowbar: Also add access to /restricted/ in SSL vhost (SOC-11352)

   - Update to version 5.0+git.1593779118.8362c57e5:
     * crowbar: Allow hardware-installing -> discovering transition (noref)
     * crowbar: Add Restricted controller with API for restricted clients
       (bsc#1117080)
     * crowbar: Add complete list of states to Crowbar::State (noref)
     * provisioner: Remove the need for /updates/parse_node_data (noref)
     * crowbar: Create helper module to validate states (noref)
     * provisioner: Use new restricted API (bsc#1117080)
     * provisioner: Do not read /etc/crowbar.install.key from crowbar_joi
       (bsc#1117080)
     * provisioner: Remove use of privileged user for Windows machine
       (bsc#1117080)
     * provisioner: Use restricted client during provisioning (bsc#1117080)
     * provisioner: Use restricted client for crowbar_register (bsc#1117080)
     * provisioner: Drop /etc/crowbar.install.key bits from autoyast prof
       (bsc#1117080)
     * Avoid hardcoding machine-install user (bsc#1117080)
     * crowbar: Restrict admin access (bsc#1117080)

   Changes in crowbar-openstack:
   - Update to version 5.0+git.1599037158.5c4d07480:
     * horizon: Update configuration for Grafana 5.x

   Changes in documentation-suse-openstack-cloud:
   - Update to version 8.20201007:
     * reveresed step8 and 9 in PTF installation (SOC-10616)
     * Modified the PTF install instructions as per the (SOC-10616)

   - Update to version 8.20200904:
     * Clarify reboot instructions during update workflow (SOC-11386)

   - Update to version 8.20200921:
     * replacd postgreSQL to MariaDB as per comments4 and 5 in ticket
       (SOC-11000)

   - Update to version 8.20200424:
     * Update ESX documentation for DVS creation (bsc#1142121)
     * Fix table issues

   Changes in grafana:
   - BuildRequire go1.14 explicitly

   - Add recompress source service
   - Add go_modules source service to create vendor.tar.gz containing 3rd
     party go modules.
   - Adjust spec to work for Grafana-6.7.4
   - Adjust Makefile to work for Grafana-6.7.4
   - Remove CVE-2019-15043.patch (merged upstream)
   - Remove CVE-2020-13379.patch (merged upstream)
   - Remove 0001-fix-XSS-vulnerabilities-in-dashboard-links.patch (merged
     upstream)
   - Remove
     0002-CVE-2020-12052-bsc1170657-XSS-annotation-popup-vulnerability.patch
     (merged upstream)
   - Remove systemd-notification.patch (merged upstream)
   - Update to version 6.7.4 (bsc#1172450, CVE-2018-18623, CVE-2018-18624,
     CVE-2018-18625, bsc#1174583, CVE-2020-11110)
     * Security: Urgent security fix for stored XSS
   - Update to version 6.7.3
     * Admin: Fix Synced via LDAP message for non-LDAP external users.
       [#23477]
     * Alerting: Fix notifications for alerts with empty message in Google
       Hangouts notifier. [#23559]
     * AuthProxy: Fix bug where long username could not be cached. [#22926]
     * Dashboard: Fix saving dashboard when editing raw dashboard JSON model.
       [#23314]
     * Dashboard: Try to parse 8 and 15 digit numbers as timestamps if
       parsing of time range as date fails. [#21694]
     * DashboardListPanel: Fix problem with empty panel after going into edit
       mode (General folder filter being automatically added) . [#23426]
     * Data source: Handle datasource withCredentials option properly.
       [#23380]
     * Security: Fix annotation popup XSS vulnerability [#23813]
     * Security: Fix XSS vulnerability in table panel [#23816]
     * Server: Exit Grafana with status code 0 if no error. [#23312]
     * TablePanel: Fix XSS issue in header column rename (backport). [#23814]
     * Variables: Fix error when setting adhoc variable values. [#23580]
   - Update to version 6.7.2
     * BackendSrv: Adds config to response to fix issue for external plugins
       that used this property . [#23032]
     * Dashboard: Fix issue with saving new dashboard after changing title .
       [#23104]
     * DataLinks: make sure we use the correct datapoint when dataset
       contains null value.. [#22981]
     * Plugins: Fix issue for plugins that imported dateMath util . [#23069]
     * Security: Fix for dashboard snapshot original dashboard link could
       contain XSS vulnerability in url. [#23254]
     * Variables: Fix issue with too many queries being issued for nested
       template variables after value change. [#23220]
     * Plugins: Expose promiseToDigest. [#23249]
     * Reporting: Fix issue updating a report created by someone else
       (Enterprise)
   - Update to version 6.7.1
     * Azure: Fix dropdowns not showing current value. [#22914]
     * BackendSrv: only add content-type on POST, PUT requests. [#22910]
     * Panels: Fix size issue with panel internal size when exiting panel
       edit mode. [#22912]
     * Reporting: fixes migrations compatibility with mysql (Enterprise)
     * Reporting: Reduce default concurrency limit to 4 (Enterprise)
   - Update to version 6.7.0
     * AzureMonitor: support workspaces function for template variables.
       [#22882]
     * SQLStore: Add migration for adding index on annotation.alert_id.
       [#22876]
     * TablePanel: Enable new units picker . [#22833]
     * AngularPanels: Fix inner height calculation for angular panels.
       [#22796]
     * BackendSrv: makes sure provided headers are correctly recognized and
       set. [#22778]
     * Forms: Fix input suffix position (caret-down in Select) . [#22780]
     * Graphite: Fix issue with query editor and next select metric now
       showing after selecting metric node [#22856]
     * Rich History: UX adjustments and fixes. [#22729]
     * Slack: Removed _Mention_ setting and instead introduce _Mention
       Users_, _Mention Groups_, and _Mention Channel_.
     * Alerting: Reverts the behavior of `diff` and `percent_diff` to not
       always be absolute.
     * API: Include IP address when logging request error. [#21596]
     * Alerting: Support passing tags to Pagerduty and allow notification on
       specific event categories [#21335]
     * Chore: Remove angular dependency from backendSrv. [#20999]
     * CloudWatch: Surround dimension names with double quotes. [#22222]
     * CloudWatch: updated metrics and dimensions for Athena, DocDB, and
       Route53Resolver. [#22604]
     * Cloudwatch: add Usage Metrics. [#22179]
     * Dashboard: Adds support for a global minimum dashboard refresh
       interval. [#19416]
     * DatasourceEditor: Add UI to edit custom HTTP headers. [#17846]
       Elastic: To get fields, start with today's index and go backwards.
       [#22318]
     * Explore: Rich history. [#22570]
     * Graph: canvas's Stroke is executed after loop. [#22610]
     * Graphite: Don't issue empty "select metric" queries. [#22699]
     * Image Rendering: Store render key in remote cache to enable renderer
       to callback to public/load balancer URL when running in HA mode.
       [#22031]
     * LDAP: Add fallback to search_base_dns if group_search_base_dns is
       undefined [#21263]
     * OAuth: Implement Azure AD provide. [#20030]
     * Prometheus: Implement region annotation. [#22225]
     * Prometheus: make \$\_\_range more precise. [#21722]
     * Prometheus: Do not show rate hint when increase function is used in
       query. [#21955]
     * Stackdriver: Project selector. [#22447]
     * TablePanel: display multi-line text. [#20210]
     * Templating: Add new global built-in variables. [#21790]
     * Reporting: add concurrent render limit to settings (Enterprise)
     * Reporting: Add rendering timeout in settings (Enterprise)
     * API: Fix redirect issues. [#22285]
     * Alerting: Don't include image_url field with Slack message if empty.
       [#22372]
     * Alerting: Fix bad background color for default notifications in alert
       tab . [#22660]
     * Annotations: In table panel when setting transform to annotation, they
       will now show up right away without a manual refresh. [#22323]
     * Azure Monitor: Fix app insights source to allow for new timeFrom and
       timeTo. [#21879]
     * BackendSrv: Fix POST body for form data. [#21714]
     * CloudWatch: Credentials cache invalidation fix. [#22473] CloudWatch:
       Expand alias variables when query yields no result [#22695]
     * Dashboard: Fix bug with NaN in alerting. [#22053]
     * Explore: Fix display of multiline logs in log panel and explore.
       [#22057]
     * Heatmap: Legend color range is incorrect when using custom min/max
       [#21748]
     * Security: Fix XSS issue in dashboard history diff. [#22680]
     * StatPanel: Fix base color being used for null values. [#22646]
   - Update to version 6.6.2
     * Data proxy: Log proxy errors using Grafana logger. [#22174]
     * Metrics: Add gauge for requests currently in flight. [#22168]
     * @grafana/ui: Fix displaying of bars in React Graph. [#21968]
     * API: Fix redirect issue when configured to use a subpath. [#21652]
     * API: Improve recovery middleware when response already been written
       [#22256]
     * Auth: Don't rotate auth token when requests are cancelled by client
       [#22106]
     * Elasticsearch: Fix auto interval for date histogram in explore logs
       mode. [#21937]
     * Image Rendering: Fix PhantomJS compatibility with es2016 node
       dependencies. [#21677]
     * Links: Assure base url when single stat, panel and data links are
       built. [#21956]
     * Loki, Prometheus: Fix PromQL and LogQL syntax highlighting. [#21944]
     * OAuth: Enforce auto_assign_org_id setting when role mapping enabled
       using Generic OAuth. [#22268]
     * Prometheus: Updates explore query editor to prevent it from throwing
       error
       on edit. [#21605]
     * Server: Reorder cipher suites for better security. [#22101]
     * TimePicker: fixing weird behavior with calendar when switching between
       months/years. [#22253]
   - Update to version 6.6.1
     * Annotations: Change indices and rewrites annotation find query to
       improve database query performance. [#21915]
     * Azure Monitor: Fix Application Insights API key field to allow input.
       [#21738]
     * BarGauge: Fix so we properly display the "no result" value when query
       returns empty result. [#21791]
     * Datasource: Show access (Browser/Server) select on the Prometheus
       datasource. [#21833]
     * DatasourceSettings: Fix issue navigating away from data source
       settings page. [#21841]
     * Graph Panel: Fix typo in thresholds form. [#21903]
     * Graphite: Fix issue with functions with multiple required params and
       no defaults [#21814]
     * Image Rendering: Fix render of graph panel legend aligned to the right
       using Grafana image renderer plugin/service. [#21854]
     * Metrics: Adds back missing summary quantiles. [#21858]
     * OpenTSDB: Adds back missing ngInject to make it work again. [#21796]
     * Plugins: Fix routing in app plugin pages. [#21847]
     * Prometheus: Fix default step value for annotation query. [#21934]
     * Quota: Makes LDAP + Quota work for the first login of a new user.
       [#21949]
     * StatPanels: Fix change from singlestat to Gauge / BarGauge / Stat
       where default min & max (0, 100) was copied . [#21820]
     * TimePicker: Should display in kiosk mode. [#21816]
     * grafana/toolkit: Fix failing linter when there were lint issues.
       [#21849]
   - Update to version 6.6.0
     * CloudWatch: Add DynamoDB Accelerator (DAX) metrics & dimensions.
       [#21644]
     * CloudWatch: Auto period snap to next higher period. [#21659]
     * Template variables: Add error for failed query variable on time range
       update. [#21731]
     * XSS: Sanitize column link. [#21735]
     * Elasticsearch: Fix adhoc variable filtering for logs query. [#21346]
     * Explore: Fix colors for log level when level value is capitalised.
       [#21646]
     * Explore: Fix context view in logs, where some rows may have been
       filtered
       out. [#21729] Loki: Fix Loki with repeated panels and interpolation
        for Explore. [#21685]
     * SQLStore: Fix PostgreSQL failure to create organisation for first
       time. [#21648]
     * PagerDuty: Change `payload.custom_details` field in PagerDuty
       notification to be a JSON object instead of a string.
     * Security: The `[security]` setting `cookie_samesite` configured to
       `none` now renders cookies with `SameSite=None` attribute.
     * Graphite: Add Metrictank dashboard to Graphite datasource
     * Admin: Show name of user in users table view. [#18108]
     * Alerting: Add configurable severity support for PagerDuty notifier.
       [#19425]
     * Alerting: Add more information to webhook notifications. [#20420]
     * Alerting: Add support for sending tags in OpsGenie notifier. [#20810]
     * Alerting: Added fallbackText to Google Chat notifier. [#21464]
     * Alerting: Adds support for sending a single email to all recipients in
       email notifier. [#21091]
     * Alerting: Enable setting of OpsGenie priority via a tag. [#21298]
     * Alerting: Use fully qualified status emoji in Threema notifier.
       [#21305]
     * Alerting: new min_interval_seconds option to enforce a minimum
       evaluation frequency. [#21188]
     * CloudWatch: Calculate period based on time range. [#21471]
     * CloudWatch: Display partial result in graph when max DP/call limit is
       reached. [#21533]
     * CloudWatch: ECS/ContainerInsights metrics support. [#21125]
     * CloudWatch: Upgrade aws-sdk-go. [#20510]
     * DataLinks: allow using values from other fields in the same row
       (cells). [#21478]
     * Editor: Ignore closing brace when it was added by editor. [#21172]
     * Explore: Context tooltip to copy labels and values from graph. [#21405]
     * Explore: Log message line wrapping options for logs. [#20360]
     * Forms: introduce RadioButtonGroup. [#20828]
     * Frontend: Changes in Redux location should not strip subpath from
       location url. [#20161]
     * Graph: Add fill gradient option to series override line fill. [#20941]
     * Graphite: Add metrictank dashboard to Graphite datasource. [#20776]
     * Graphite: Do not change query when opening the query editor and there
       is no data. [#21588]
     * Gravatar: Use HTTPS by default. [#20964]
     * Loki: Support for template variable queries. [#20697]
     * NewsPanel: Add news as a builtin panel. [#21128]
     * OAuth: Removes send_client_credentials_via_post setting. [#20044]
     * OpenTSDB: Adding lookup limit to OpenTSDB datasource settings. [#20647]
     * Postgres/MySQL/MSSQL: Adds support for region annotations. [#20752]
     * Prometheus: Field to specify step in Explore. [#20195]
     * Prometheus: User metrics metadata to inform query hints. [#21304]
     * Renderer: Add user-agent to remote rendering service requests. [#20956]
     * Security: Add disabled option for cookie samesite attribute. [#21472]
     * Stackdriver: Support meta labels. [#21373]
     * TablePanel, GraphPanel: Exclude hidden columns from CSV. [#19925]
     * Templating: Update variables on location changed. [#21480]
     * Tracing: Support configuring Jaeger client from environment. [#21103]
     * Units: Add currency and energy units. [#20428]
     * Units: Support dynamic count and currency units. [#21279]
     * grafana/toolkit: Add option to override webpack config. [#20872]
     * grafana/ui: ConfirmModal component. [#20965]
     * grafana/ui: Create Tabs component. [#21328]
     * grafana/ui: New table component. [#20991]
     * grafana/ui: New updated time picker. [#20931]
     * White-labeling: Makes it possible to customize the footer and login
       background (Enterprise)
     * API: Optionally list expired API keys. [#20468]
     * Alerting: Fix custom_details to be a JSON object instead of a string
       in PagerDuty notifier. [#21150]
     * Alerting: Fix image rendering and uploading timeout preventing to send
       alert notifications. [#21536]
     * Alerting: Fix panic in dingding notifier. [#20378]
     * Alerting: Fix template query validation logic. [#20721]
     * Alerting: If no permission to clear history, keep the historical data.
       [#19007]
     * Alerting: Unpausing a non-paused alert rule should not change status
       to Unknown. [#21375]
     * Api: Fix returned message when enabling, disabling and deleting a
       non-existing user. [#21391]
     * Auth: Rotate auth tokens at the end of requests. [#21347]
     * Azure Monitor: Fix error when using azure monitor credentials with log
       analytics and non-default cloud. [#21032]
     * CLI: Return error and aborts when plugin file extraction fails.
       [#20849]
     * CloudWatch: Multi-valued template variable dimension alias fix.
       [#21541]
     * Dashboard: Disable draggable panels on small devices. [#20629]
     * DataLinks: Links with \${\_\_value.time} do not work when clicking on
       first result. [#20019]
     * Explore: Fix showing of results in selected timezone (UTC/local).
       [#20812]
     * Explore: Fix timepicker when browsing back after switching datasource.
       [#21454]
     * Explore: Sync timepicker and logs after live-tailing stops. [#20979]
     * Graph: Fix when clicking a plot on a touch device we won't display the
       annotation menu. [#21479]
     * OAuth: Fix role mapping from id token. [#20300]
     * Plugins: Add appSubUrl string to config pages. [#21414]
     * Provisioning: Start provision dashboards after Grafana server have
       started. [#21564]
     * Render: Use https as protocol when rendering if HTTP2 enabled. [#21600]
     * Security: Use same cookie settings for all cookies. [#19787]
     * Singlestat: Support empty value map texts. [#20952]
     * Units: Custom suffix and prefix units can now be specified, for
       example custom currency & SI & time formats. [#20763]
     * grafana/ui: Do not build grafana/ui in strict mode as it depends on
       non-strict libs. [#21319]
   - Update to version 6.5.3
     * API: Validate redirect_to cookie has valid (Grafana) url. [#21057]
     * AdHocFilter: Shows SubMenu when filtering directly from table. [#21017]
     * Cloudwatch: Fix crash when switching from cloudwatch data source.
       [#21376]
     * DataLinks: Sanitize data/panel link URLs. [#21140]
     * Elastic: Fix multiselect variable interpolation for logs. [#20894]
     * Prometheus: allow user to change HTTP Method in config settings.
       [#21055]
     * Prometheus: Prevents validation of inputs when clicking in them
       without changing the value. [#21059]
     * Rendering: Fix panel PNG rendering when using sub url and
       serve_from_sub_path = true. [#21306]
     * Table: Matches column names with unescaped regex characters. [#21164]
   - Update to version 6.5.2
     * Alerting: Improve alert threshold handle dragging behavior. [#20922]
     * AngularPanels: Fix loading spinner being stuck in some rare cases.
       [#20878]
     * CloudWatch: Fix query editor does not render in Explore. [#20909]
     * CloudWatch: Remove illegal character escaping in inferred expressions.
       [#20915]
     * CloudWatch: Remove template variable error message. [#20864]
     * CloudWatch: Use datasource template variable in curated dashboards.
       [#20917]
     * Elasticsearch: Set default port to 9200 in ConfigEditor. [#20948]
     * Gauge/BarGauge: Added support for value mapping of "no data"-state to
       text/value. [#20842]
     * Graph: Prevent tooltip from being displayed outside of window. [#20874]
     * Graphite: Fix error with annotation metric queries. [#20857]
     * Login: Fix fatal error when navigating from reset password page.
       [#20747]
     * MixedDatasources: Do not filter out all mixed data sources in add
       mixed query dropdown. [#20990]
     * Prometheus: Fix caching for default labels request. [#20718]
     * Prometheus: Run default labels query only once. [#20898]
     * Security: Fix invite link still accessible after completion or
       revocation. [#20863]
     * Server: Fail when unable to create log directory. [#20804]
     * TeamPicker: Increase size limit from 10 to 100. [#20882]
     * Units: Remove SI prefix symbol from new milli/microSievert(/h) units.
       [#20650]
   - Update to version 6.5.1
     * CloudWatch: Region template query fix. [#20661]
     * CloudWatch: Fix annotations query editor loading. [#20687]
     * Panel: Fix undefined services/dependencies in plugins without
       `/@ngInject*/`. [#20696]
     * Server: Fix failure to start with "bind: address already in use" when
       using socket as protocol. [#20679]
     * Stats: Fix active admins/editors/viewers stats are counted more than
       once if the user is part of more than one org. [#20711]
   - Update to version 6.5.0
     * CloudWatch: Add curated dashboards for most popular amazon services.
       [#20486]
     * CloudWatch: Enable Min time interval. [#20260]
     * Explore: UI improvements for log details. [#20485]
     * Server: Improve grafana-server diagnostics configuration for profiling
       and tracing. [#20593]
     * BarGauge/Gauge: Add back missing title option field display options.
       [#20616]
     * CloudWatch: Fix high CPU load. [#20579]
     * CloudWatch: Fix high resolution mode without expression. [#20459]
     * CloudWatch: Make sure period variable is being interpreted correctly.
       [#20447]
     * CloudWatch: Remove HighResolution toggle since it's not being used.
       [#20440]
     * Cloudwatch: Fix LaunchTime attribute tag bug. [#20237]
     * Data links: Fix URL field turns read-only for graph panels. [#20381]
     * Explore: Keep logQL filters when selecting labels in log row details.
       [#20570]
     * MySQL: Fix TLS auth settings in config page. [#20501]
     * Provisioning: Fix unmarshaling nested jsonData values. [#20399]
     * Server: Should fail when server is unable to bind port. [#20409]
     * Templating: Prevents crash when \$\_\_searchFilter is not a string.
       [#20526]
     * TextPanel: Fix issue with template variable value not properly html
       escaped [#20588]
     * TimePicker: Should update after location change. [#20466]
     * CloudWatch: use GetMetricsData API for all queries
     * CloudWatch: The GetMetricData API does not return metric unit, so unit
       auto detection in panels is no longer supported.
     * CloudWatch: The `HighRes` switch has been removed from the query
       editor.
     * API: Add `createdAt` and `updatedAt` to api/users/lookup. [#19496]
     * API: Add createdAt field to /api/users/:id. [#19475]
     * Admin: Adds setting to disable creating initial admin user. [#19505]
     * Alerting: Include alert_state in Kafka notifier payload. [#20099]
     * AuthProxy: Can now login with auth proxy and get a login token.
       [#20175]
     * AuthProxy: replaces setting ldap_sync_ttl with sync_ttl. [#20191]
     * AzureMonitor: Alerting for Azure Application Insights. [#19381]
     * Build: Upgrade to Go 1.13. [#19502]
     * CLI: Reduce memory usage for plugin installation. [#19639]
     * CloudWatch: Add ap-east-1 to hard-coded region lists. [#19523]
     * CloudWatch: ContainerInsights metrics support. [#18971]
     * CloudWatch: Support dynamic queries using dimension wildcards [#20058]
     * CloudWatch: Stop using GetMetricStatistics and use GetMetricData for
       all time series requests [#20057]
     * CloudWatch: Convert query editor from Angular to React [#19880]
     * CloudWatch: Convert config editor from Angular to React [#19881]
     * CloudWatch: Improved error handling when throttling occurs [#20348]
     * CloudWatch: Deep linking from Grafana panel to CloudWatch console
       [#20279]
     * CloudWatch: Add Grafana user agent to GMD calls [#20277]
     * Dashboard: Allows the d-solo route to be used without slug. [#19640]
     * Elasticsearch: Adds support for region annotations. [#17602]
     * Explore: Add custom DataLinks on datasource level (like tracing
       links). [#20060]
     * Explore: Add functionality to show/hide query row results. [#19794]
     * Explore: Synchronise time ranges in split mode. [#19274]
     * Explore: UI change for log row details . [#20034]
     * Frontend: Migrate DataSource HTTP Settings to React. [#19452]
     * Frontend: Show browser not supported notification. [#19904]
     * Graph: Added series override option to have hidden series be persisted
       on save. [#20124]
     * Graphite: Add Metrictank option to settings to view Metrictank request
       processing info in new inspect feature. [#20138]
     * LDAP: Enable single user sync. [#19446]
     * LDAP: Last org admin can login but wont be removed. [#20326]
     * LDAP: Support env variable expressions in ldap.toml file. [#20173]
     * OAuth: Generic OAuth role mapping support. [#17149]
     * Prometheus: Custom query parameters string for Thanos downsampling.
       [#19121]
     * Provisioning: Allow saving of provisioned dashboards. [#19820]
     * Security: Minor XSS issue resolved by angularjs upgrade from 1.6.6 ->
       1.6.9. [#19849]
     * TablePanel: Prevents crash when data contains mixed data formats.
       [#20202]
     * Templating: Introduces \$\_\_searchFilter to Query Variables. [#19858]
     * Templating: Made default template variable query editor field a
       textarea with automatic height. [#20288]
     * Units: Add milli/microSievert, milli/microSievert/h and pixels.
       [#20144]
     * Units: Added mega ampere and watt-hour per kg. [#19922]
     * Enterprise: Enterprise without a license behaves like OSS (Enterprise)
     * API: Added dashboardId and slug in response to dashboard import api.
       [#19692]
     * API: Fix logging of dynamic listening port. [#19644]
     * BarGauge: Fix so that default thresholds not keeps resetting. [#20190]
     * CloudWatch: Fix incorrect casing of Redshift dimension entry for
       service class and stage. [#19897]
     * CloudWatch: Fixing AWS Kafka dimension names. [#19986]
     * CloudWatch: Metric math broken when using multi template variables
       [#18337]
     * CloudWatch: Graphs with multiple multi-value dimension variables don't
       work [#17949]
     * CloudWatch: Variables' values surrounded with braces in request sent
       to AWS [#14451]
     * CloudWatch: Cloudwatch Query for a list of instances for which data is
       available in the selected time interval [#12784]
     * CloudWatch: Dimension's positioning/order should be stored in the json
       dashboard [#11062]
     * CloudWatch: Batch CloudWatch API call support in backend [#7991]
     * ColorPicker: Fix issue with ColorPicker disappearing too quickly.
       [#20289]
     * Datasource: Add custom headers on alerting queries. [#19508] plugins
       in alpine. [#20214]
     * Elasticsearch: Fix template variables interpolation when redirecting
       to Explore. [#20314]
     * Elasticsearch: Support rendering in logs panel. [#20229]
     * Explore: Expand template variables when redirecting from dashboard
       panel. [#19582]
     * OAuth: Make the login button display name of custom OAuth provider.
       [#20209]
     * ReactPanels: Adds Explore menu item. [#20236]
     * Team Sync: Fix URL encode Group IDs for external team sync. [#20280]
   - Update to version 6.4.5
     * CloudWatch: Fix high CPU load [#20579]
   - Update to version 6.4.4
     * MySQL: Fix encoding in connection string [#20192]
     * DataLinks: Fix blur issues. [#19883]
     * LDAP: try all LDAP servers even if one returns a connection error.
       [#20077]
     * LDAP: No longer shows incorrectly matching groups based on role in
       debug page. [#20018]
     * Singlestat: Fix no data / null value mapping . [#19951]
   - Update to version 6.4.3
     * Alerting: All notification channels should send even if one fails to
       send. [#19807]
     * AzureMonitor: Fix slate interference with dropdowns. [#19799]
     * ContextMenu: make ContextMenu positioning aware of the viewport width.
       [#19699]
     * DataLinks: Fix context menu not showing in singlestat-ish
       visualisations. [#19809]
     * DataLinks: Fix url field not releasing focus. [#19804]
     * Datasource: Fix issue where clicking outside of some query editors
       required 2 clicks. [#19822]
     * Panels: Fix default tab for visualizations without Queries Tab.
       [#19803]
     * Singlestat: Fix issue with mapping null to text. [#19689]
     * @grafana/toolkit: Don't fail plugin creation when git user.name config
       is not set. [#19821]
     * @grafana/toolkit: TSLint line number off by 1. [#19782]
   - Update to version  6.4.2
     * CloudWatch: Changes incorrect dimension wmlid to wlmid . [#19679]
     * Grafana Image Renderer: Fix plugin page. [#19664]
     * Graph: Fix auto decimals logic for y axis ticks that results in too
       many decimals for high values. [#19618]
     * Graph: Switching to series mode should re-render graph. [#19623]
     * Loki: Fix autocomplete on label values. [#19579]
     * Loki: Removes live option for logs panel. [#19533]
     * Profile: Fix issue with user profile not showing more than sessions
       sessions in some cases. [#19578]
     * Prometheus: Always sort results in Panel by query order. [#19597]
     * Show SAML login button if SAML is enabled. [#19591]
     * SingleStat: Fix $__name postfix/prefix usage. [#19687]
     * Table: Proper handling of json data with dataframes. [#19596]
     * Units: Fix wrong id for Terabits/sec. [#19611]
   - Update to version 6.4.1
     * Provisioning: Fix issue where empty nested keys in YAML provisioning
       caused server crash, [#19547]
   - Update to version 6.4.0
     * Build: Upgrade go to 1.12.10. [#19499]
     * DataLinks: Suggestions menu improvements. [#19396]
     * Explore: Take root_url setting into account when redirecting from
       dashboard to explore. [#19447]
     * Explore: Update broken link to logql docs. [#19510]
     * Logs: Adds Logs Panel as a visualization. [#19504]
     * Reporting: Generate and email PDF reports based on Dashboards
       (Enterprise)
     * CLI: Fix version selection for plugin install. [#19498]
     * Graph: Fix minor issue with series override color picker and custom
       color. [#19516]
     * Splunk plugin needs to be updated when upgrading from 6.3 to 6.4
     * Azure Monitor: Remove support for cross resource queries (#19115)".
       [#19346]
     * Graphite: Time range expansion reduced from 1 minute to 1 second.
       [#19246]
     * grafana/toolkit: Add plugin creation task. [#19207]
     * Alerting: Prevents creating alerts from unsupported queries. [#19250]
     * Alerting: Truncate PagerDuty summary when greater than 1024
       characters. [#18730]
     * Cloudwatch: Fix autocomplete for Gamelift dimensions. [#19146]
     * Dashboard: Fix export for sharing when panels use default data source.
       [#19315]
     * Database: Rewrite system statistics query to perform better. [#19178]
     * Gauge/BarGauge: Fix issue with [object Object] in titles . [#19217]
     * MSSQL: Revert usage of new connectionstring format introduced by
       #18384. [#19203]
     * Multi-LDAP: Do not fail-fast on invalid credentials. [#19261]
     * MySQL, Postgres, MSSQL: Fix validating query with template variables
       in alert. [#19237]
     * MySQL, Postgres: Update raw sql when query builder updates. [#19209]
     * MySQL: Limit datasource error details returned from the backend.
       [#19373]
     * Reporting: Created scheduled PDF reports for any dashboard
       (Enterprise).
     * API: Readonly datasources should not be created via the API. [#19006]
     * Alerting: Include configured AlertRuleTags in Webhooks notifier.
       [#18233]
     * Annotations: Add annotations support to Loki. [#18949]
     * Annotations: Use a single row to represent a region. [#17673]
     * Auth: Allow inviting existing users when login form is disabled.
       [#19048]
     * Azure Monitor: Add support for cross resource queries. [#19115]
     * CLI: Allow installing custom binary plugins. [#17551]
     * Dashboard: Adds Logs Panel (alpha) as visualization option for
       Dashboards. [#18641]
     * Dashboard: Reuse query results between panels . [#16660]
     * Dashboard: Set time to to 23:59:59 when setting To time using
       calendar. [#18595]
     * DataLinks: Add DataLinks support to Gauge, BarGauge and stat panel.
       [#18605]
     * DataLinks: Enable access to labels & field names. [#18918]
     * DataLinks: Enable multiple data links per panel. [#18434]
     * Elasticsearch: allow templating queries to order by doc_count. [#18870]
     * Explore: Add throttling when doing live queries. [#19085]
     * Explore: Adds ability to go back to dashboard, optionally with query
       changes. [#17982]
     * Explore: Reduce default time range to last hour. [#18212]
     * Gauge/BarGauge: Support decimals for min/max. [#18368]
     * Graph: New series override transform constant that renders a single
       point as a line across the whole graph. [#19102]
     * Image rendering: Add deprecation warning when PhantomJS is used for
       rendering images. [#18933]
     * InfluxDB: Enable interpolation within ad-hoc filter values. [#18077]
     * LDAP: Allow an user to be synchronized against LDAP. [#18976]
     * Ldap: Add ldap debug page. [#18759]
     * Loki: Remove prefetching of default label values. [#18213]
     * Metrics: Add failed alert notifications metric. [#18089]
     * OAuth: Support JMES path lookup when retrieving user email. [#14683]
     * OAuth: return GitLab groups as a part of user info (enable team sync).
       [#18388]
     * Panels: Add unit for electrical charge - ampere-hour. [#18950]
     * Plugin: AzureMonitor - Reapply MetricNamespace support. [#17282]
     * Plugins: better warning when plugins fail to load. [#18671]
     * Postgres: Add support for scram sha 256 authentication. [#18397]
     * RemoteCache: Support SSL with Redis. [#18511]
     * SingleStat: The gauge option in now disabled/hidden (unless it's an
       old panel with it already enabled) . [#18610]
     * Stackdriver: Add extra alignment period options. [#18909]
     * Units: Add South African Rand (ZAR) to currencies. [#18893]
     * Units: Adding T,P,E,Z,and Y bytes. [#18706]
     * Alerting: Notification is sent when state changes from no_data to ok.
       [#18920]
     * Alerting: fix duplicate alert states when the alert fails to save to
       the database. [#18216]
     * Alerting: fix response popover prompt when add notification channels.
       [#18967]
     * CloudWatch: Fix alerting for queries with Id (using GetMetricData).
       [#17899]
     * Explore: Fix auto completion on label values for Loki. [#18988]
     * Explore: Fix crash using back button with a zoomed in graph. [#19122]
     * Explore: only run queries in Explore if Graph/Table is shown. [#19000]
     * MSSQL: Change connectionstring to URL format to fix using passwords
       with semicolon. [#18384]
     * MSSQL: Fix memory leak when debug enabled. [#19049]
     * Provisioning: Allow escaping literal '$' with '$\$' in configs to
       avoid interpolation. [#18045]
     * TimePicker: Fix hiding time picker dropdown in FireFox. [#19154]
     * Various breaking changes in the annotations HTTP API for region
       annotations.
   - Update to version 6.3.7
     * CloudWatch: Fix high CPU load [#20579]
   - Update to version 6.3.6
     * Metrics: Adds setting for turning off total stats metrics. [#19142]
     * Database: Rewrite system statistics query to perform better. [#19178]
     * Explore: Fix error when switching from prometheus to loki data
       sources. [#18599]
   - Update to version 6.3.5
     * Dashboard: Fix dashboards init failed loading error for dashboards
       with panel links that had missing properties. [#18786]
     * Editor: Fix issue where only entire lines were being copied. [#18806]
     * Explore: Fix query field layout in splitted view for Safari browsers.
       [#18654]
     * LDAP: multildap + ldap integration. [#18588]
     * Profile/UserAdmin: Fix for user agent parser crashes grafana-server on
       32-bit builds. [#18788]
     * Prometheus: Prevents panel editor crash when switching to Prometheus
       data source. [#18616]
     * Prometheus: Changes brace-insertion behavior to be less annoying.
       [#18698]
   - Update to version 6.3.4
     * Annotations: Fix failing annotation query when time series query is
       cancelled. [#18532]
     * Auth: Do not set SameSite cookie attribute if cookie_samesite is none.
       [#18462]
     * DataLinks: Apply scoped variables to data links correctly. [#18454]
     * DataLinks: Respect timezone when displaying datapoint's timestamp in
       graph context menu. [#18461]
     * DataLinks: Use datapoint timestamp correctly when interpolating
       variables. [#18459]
     * Explore: Fix loading error for empty queries. [#18488]
     * Graph: Fix legend issue clicking on series line icon and issue with
       horizontal scrollbar being visible on windows. [#18563]
     * Graphite: Avoid glob of single-value array variables . [#18420]
     * Prometheus: Fix queries with label_replace remove the \$1 match when
       loading query editor. [#18480]
     * Prometheus: More consistently allows for multi-line queries in editor.
       [#18362]
     * TimeSeries: Assume values are all numbers. [#18540]
   - Update to version 6.3.2
     * Gauge/BarGauge: Fix issue with lost thresholds and an issue loading
       Gauge with avg stat. [#18375]
   - Update to version 6.3.1
     * PanelLinks: Fix crash issue with Gauge & Bar Gauge panels with panel
       links (drill down links). [#18430]
   - Update to version 6.3.0
     * OAuth: Do not set SameSite OAuth cookie if cookie_samesite is None.
       [#18392]
     * PanelLinks: Fix render issue when there is no panel description.
       [#18408]
     * Auth Proxy: Include additional headers as part of the cache key.
       [#18298]
     * OAuth: Fix "missing saved state" OAuth login failure due to SameSite
       cookie policy. [#18332]
     * cli: fix for recognizing when in dev mode.. [#18334]
     * Build grafana images consistently. [#18224]
     * Docs: SAML. [#18069]
     * Permissions: Show plugins in nav for non admin users but hide plugin
       configuration. [#18234]
     * TimePicker: Increase max height of quick range dropdown. [#18247]
     * DataLinks: Fix incorrect interpolation of \${\_\_series_name} .
       [#18251]
     * Loki: Display live tailed logs in correct order in Explore. [#18031]
     * PhantomJS: Fix rendering on Debian Buster. [#18162]
     * TimePicker: Fix style issue for custom range popover. [#18244]
     * Timerange: Fix a bug where custom time ranges didn't respect UTC.
       [#18248]
     * remote_cache: Fix redis connstr parsing. [#18204]
     * Alerting: Add tags to alert rules. [#10989]
     * Alerting: Attempt to send email notifications to all given email
       addresses. [#16881]
     * Alerting: Improve alert rule testing. [#16286]
     * Alerting: Support for configuring content field for Discord alert
       notifier. [#17017]
     * Alertmanager: Replace illegal chars with underscore in label names.
       [#17002]
     * Auth: Allow expiration of API keys. [#17678]
     * Auth: Return device, os and browser when listing user auth tokens in
       HTTP API. [#17504]
     * Auth: Support list and revoke of user auth tokens in UI. [#17434]
     * AzureMonitor: change clashing built-in Grafana variables/macro names
       for Azure Logs. [#17140]
     * CloudWatch: Made region visible for AWS Cloudwatch Expressions.
       [#17243]
     * Cloudwatch: Add AWS DocDB metrics. [#17241]
     * Dashboard: Use timezone dashboard setting when exporting to CSV.
       [#18002]
     * Data links. [#17267]
     * Elasticsearch: Support for visualizing logs in Explore . [#17605]
     * Explore: Adds Live option for supported data sources. [#17062]
     * Explore: Adds orgId to URL for sharing purposes. [#17895]
     * Explore: Adds support for new loki 'start' and 'end' params for labels
       endpoint. [#17512]
     * Explore: Adds support for toggling raw query mode in explore. [#17870]
     * Explore: Allow switching between metrics and logs . [#16959]
     * Explore: Combines the timestamp and local time columns into one.
       [#17775]
     * Explore: Display log lines context . [#17097]
     * Explore: Don't parse log levels if provided by field or label. [#17180]
     * Explore: Improves performance of Logs element by limiting
       re-rendering. [#17685]
     * Explore: Support for new LogQL filtering syntax. [#16674]
     * Explore: Use new TimePicker from Grafana/UI. [#17793]
     * Explore: handle newlines in LogRow Highlighter. [#17425]
     * Graph: Added new fill gradient option. [#17528]
     * GraphPanel: Don't sort series when legend table & sort column is not
       visible. [#17095]
     * InfluxDB: Support for visualizing logs in Explore. [#17450]
     * Logging: Login and Logout actions (#17760). [#17883]
     * Logging: Move log package to pkg/infra. [#17023]
     * Metrics: Expose stats about roles as metrics. [#17469]
     * MySQL/Postgres/MSSQL: Add parsing for day, weeks and year intervals in
       macros. [#13086]
     * MySQL: Add support for periodically reloading client certs. [#14892]
     * Plugins: replace dataFormats list with skipDataQuery flag in
       plugin.json. [#16984]
     * Prometheus: Take timezone into account for step alignment. [#17477]
     * Prometheus: Use overridden panel range for \$\_\_range instead of
       dashboard range. [#17352]
     * Prometheus: added time range filter to series labels query. [#16851]
     * Provisioning: Support folder that doesn't exist yet in dashboard
       provisioning. [#17407]
     * Refresh picker: Handle empty intervals. [#17585]
     * Singlestat: Add y min/max config to singlestat sparklines. [#17527]
     * Snapshot: use given key and deleteKey. [#16876]
     * Templating: Correctly display __text in multi-value variable after
       page reload. [#17840]
     * Templating: Support selecting all filtered values of a multi-value
       variable. [#16873]
     * Tracing: allow propagation with Zipkin headers. [#17009]
     * Users: Disable users removed from LDAP. [#16820]
     * SAML: Add SAML as an authentication option (Enterprise)
     * AddPanel: Fix issue when removing moved add panel widget . [#17659]
     * CLI: Fix encrypt-datasource-passwords fails with sql error. [#18014]
     * Elasticsearch: Fix default max concurrent shard requests. [#17770]
     * Explore: Fix browsing back to dashboard panel. [#17061]
     * Explore: Fix filter by series level in logs graph. [#17798]
     * Explore: Fix issues when loading and both graph/table are collapsed.
       [#17113]
     * Explore: Fix selection/copy of log lines. [#17121]
     * Fix: Wrap value of multi variable in array when coming from URL.
       [#16992]
     * Frontend: Fix for Json tree component not working. [#17608]
     * Graphite: Fix for issue with alias function being moved last. [#17791]
     * Graphite: Fix issue with seriesByTag & function with variable param.
       [#17795]
     * Graphite: use POST for /metrics/find requests. [#17814]
     * HTTP Server: Serve Grafana with a custom URL path prefix. [#17048]
     * InfluxDB: Fix single quotes are not escaped in label value filters.
       [#17398]
     * Prometheus: Correctly escape '|' literals in interpolated PromQL
       variables. [#16932]
     * Prometheus: Fix when adding label for metrics which contains colons in
       Explore. [#16760]
     * SinglestatPanel: Remove background color when value turns null.
       [#17552]
   - Update to version 6.2.5
     * Grafana-CLI: Wrapper for `grafana-cli` within RPM/DEB packages and
       config/homepath are now global flags. [#17695]
     * Panel: Fully escape html in drilldown links (was only sanitized
       before). [#17731]
     * Config: Fix connectionstring for remote_cache in defaults.ini. [#17675]
     * Elasticsearch: Fix empty query (via template variable) should be sent
       as wildcard. [#17488]
     * HTTP-Server: Fix Strict-Transport-Security header. [#17644]
     * TablePanel: fix annotations display. [#17646]
   - Update to version 6.2.4
     * Grafana-CLI: Fix receiving flags via command line . [#17617]
     * HTTPServer: Fix X-XSS-Protection header formatting. [#17620]
   - Update to version 6.2.3
     * AuthProxy: Optimistic lock pattern for remote cache Set. [#17485]
     * HTTPServer: Options for returning new headers X-Content-Type-Options,
       X-XSS-Protection and Strict-Transport-Security. [#17522]
     * Auth Proxy: Fix non-negative cache TTL. [#17495]
     * Grafana-CLI: Fix receiving configuration flags from the command line.
       [#17606]
     * OAuth: Fix for wrong user token updated on OAuth refresh in DS proxy.
       [#17541]
     * remote_cache: Fix redis. [#17483]
   - Update to version 6.2.2
     * Security: Prevent CSV formula injection attack when exporting data.
       [#17363]
     * CloudWatch: Fix error when hiding/disabling queries. [#17283]
     * Database: Fix slow permission query in folder/dashboard search.
       [#17427]
     * Explore: Fix updating time range before running queries. [#17349]
     * Plugins: Fix plugin config page navigation when using subpath. [#17364]
   - Update to version 6.2.1
     * CLI: Add command to migrate all data sources to use encrypted password
       fields . [#17118]
     * Gauge/BarGauge: Improvements to auto value font size . [#17292]
     * Auth Proxy: Resolve database is locked errors. [#17274]
     * Database: Retry transaction if sqlite returns database is locked
       error. [#17276]
     * Explore: Fix filtering query by clicked value when a Prometheus Table
       is clicked. [#17083]
     * Singlestat: Fix issue with value placement and line wraps. [#17249]
     * Tech: Update jQuery to 3.4.1 to fix issue on iOS 10 based browsers as
       well as Chrome 53.x. [#17290]
   - Update to version 6.2.0
     * BarGauge: Fix for negative min values. [#17192]
     * Gauge/BarGauge: Fix for issues editing min & max options. [#17174]
     * Search: Make only folder name only open search with current folder
       filter. [#17226]
     * AzureMonitor: Revert to clearing chained dropdowns. [#17212]
     * Data source plugins that process hidden queries need to add a
       "hiddenQueries: true" attribute in plugin.json. [#17124]
     * Plugins: Support templated urls in plugin routes. [#16599]
     * Packaging: New MSI windows installer package\*\*. [#17073]
     * Dashboard: Fix blank dashboard after window resize with panel without
       title. [#16942]
     * Dashboard: Fix lazy loading & expanding collapsed rows on mobile.
       [#17055]
     * Dashboard: Fix scrolling issues for Edge browser. [#17033]
     * Dashboard: Show refresh button in first kiosk(tv) mode. [#17032]
     * Explore: Fix empty result from data source should render logs
       container. [#16999]
     * Explore: Filter query by clicked value when clicking in a Prometheus
       Table [#17083]
     * Explore: Makes it possible to zoom in Explore/Loki/Graph without
       exception. [#16991]
     * Gauge: Fix orientation issue after switching from BarGauge to Gauge.
       [#17064]
     * GettingStarted: Fix layout issues in getting started panel. [#16941]
     * InfluxDB: Fix HTTP method should default to GET. [#16949]
     * Panels: Fix alert icon position in panel header. [#17070]
     * Panels: Fix panel error tooltip not showing. [#16993]
     * Plugins: Fix how datemath utils are exposed to plugins. [#16976]
     * Singlestat: fixed centering issue for very small panels. [#16944]
     * Search: Scroll issue in dashboard search in latest Chrome. [#17054]
     * Gauge: Adds background shade to gauge track and improves height usage.
       [#17019]
     * RemoteCache: Avoid race condition in Set causing error on insert. .
       [#17082]
     * Admin: Add more stats about roles. [#16667]
     * Alert list panel: Support variables in filters. [#16892]
     * Alerting: Adjust label for send on all alerts to default . [#16554]
     * Alerting: Makes timeouts and retries configurable. [#16259]
     * Alerting: No notification when going from no data to pending. [#16905]
     * Alerting: Pushover alert, support for different sound for OK. [#16525]
     * Auth: Enable retries and transaction for some db calls for auth
       tokens. [#16785]
     * AzureMonitor: Adds support for multiple subscriptions per data source.
       [#16922]
     * Bar Gauge: New multi series enabled gauge like panel with horizontal
       and vertical layouts and 3 display modes. [#16918]
     * Build: Upgrades to golang 1.12.4. [#16545]
     * CloudWatch: Update AWS/IoT metric and dimensions. [#16337]
     * Config: Show user-friendly error message instead of stack trace.
       [#16564]
     * Dashboard: Enable filtering dashboards in search by current folder.
       [#16790]
     * Dashboard: Lazy load out of view panels . [#15554]
     * DataProxy: Restore Set-Cookie header after proxy request. [#16838]
     * Data Sources: Add pattern validation for time input on data source
       config pages. [#16837]
     * Elasticsearch: Add 7.x version support. [#16646]
     * Explore: Adds reconnect for failing data source. [#16226]
     * Explore: Support user timezone. [#16469]
     * InfluxDB: Add support for POST HTTP verb. [#16690]
     * Loki: Search is now case insensitive. [#15948]
     * OAuth: Update jwt regexp to include `=`. [#16521]
     * Panels: No title will no longer make panel header take up space.
       [#16884]
     * Prometheus: Adds tracing headers for Prometheus datasource. [#16724]
     * Provisioning: Add API endpoint to reload provisioning configs. [#16579]
     * Provisioning: Do not allow deletion of provisioned dashboards. [#16211]
     * Provisioning: Interpolate env vars in provisioning files. [#16499]
     * Provisioning: Support FolderUid in Dashboard Provisioning Config.
       [#16559]
     * Security: Add new setting allow_embedding. [#16853]
     * Security: Store data source passwords encrypted in secureJsonData.
       [#16175]
     * UX: Improve Grafana usage for smaller screens. [#16783]
     * Units: Add angle units, Arc Minutes and Seconds. [#16271]
     * CloudWatch: Fix query order not affecting series ordering & color.
       [#16408]
     * CloudWatch: Use default alias if there is no alias for metrics.
       [#16732]
     * Config: Fix bug where timeouts for alerting was not parsed correctly.
       [#16784]
     * Elasticsearch: Fix view percentiles metric in table without date
       histogram. [#15686]
     * Explore: Prevents histogram loading from killing Prometheus instance.
       [#16768]
     * Graph: Allow override decimals to fully override. [#16414]
     * Mixed Data Source: Fix error when one query is disabled. [#16409]
     * Search: Fix search limits and add a page parameter. [#16458]
     * Security: Responses from backend should not be cached. [#16848]
     * Gauge Panel: The suffix / prefix options have been removed from the
       new Gauge Panel (introduced in v6.0). [#16870]
   - Update to version 6.1.6
     * Security: Bump jQuery to 3.4.0 . [#16761]
     * Playlist: Fix loading dashboards by tag. [#16727]
   - Update to version 6.1.4
     * DataPanel: Added missing built-in interval variables to scopedVars.
       [#16556]
     * Explore: Adds maxDataPoints to data source query options . [#16513]
     * Explore: Recalculate intervals on run query. [#16510]
     * Heatmap: Fix for empty graph when panel is too narrow (#16378).
       [#16460]
     * Heatmap: Fix auto decimals when bucket name is not number. [#16609]
     * QueryInspector: Now shows error responses again. [#16514]
   - Update to version 6.1.3
     * Graph: Fix auto decimals in legend values for some units like `ms` and
       `s`. [#16455]
     * Graph: Fix png rendering with legend to the right. [#16463]
     * Singlestat: Use decimals when manually specified. [#16451]
     * Fix broken UI switches: Default Data Source switch, Explore Logs
       switches, Gauge option switches. [#16303]
   - Update to version 6.1.2
     * Graph: Fix series legend color for hidden series. [#16438]
     * Graph: Fix tooltip highlight on white theme. [#16429]
     * Styles: Fix menu hover highlight border. [#16431]
     * Singlestat Panel: Correctly use the override decimals. [#16413]
   - Update to version 6.1.1
     * Graphite: Editing graphite query function now works again. [#16390]
     * Playlist: Kiosk & auto fit panels modes are working normally again .
       [#16403]

     * QueryEditors: Toggle edit mode now always work on slower computers.
       [#16394]
   - Update to version 6.1.0
     * CloudWatch: Fix for dimension value list when changing dimension key.
       [#16356]
     * Graphite: Editing function arguments now works again. [#16297]
     * InfluxDB: Fix tag names with periods in alert evaluation. [#16255]
     * PngRendering: Fix for panel height & title centering . [#16351]
     * Templating: Fix for editing query variables. [#16299]
     * Prometheus: adhoc filter support [#8253]
     * Permissions: Editors can become admin for dashboards, folders and
       teams they create. [#15977]
     * Alerting: Don't include non-existing image in MS Teams notifications.
       [#16116]
     * Api: Invalid org invite code [#10506]
     * Annotations: Fix for native annotations filtered by template variable
       with pipe. [#15515]
     * Dashboard: Fix for time regions spanning across midnight. [#16201]
     * Data Source: Handles nil jsondata field gracefully [#14239]
     * Data Source: Empty user/password was not updated when updating data
       sources [#15608]
     * Elasticsearch: Fix using template variables in the alias field.
       [#16229]
     * Elasticsearch: Fix incorrect index pattern padding in alerting
       queries. [#15892]
     * Explore: Fix for Prometheus autocomplete not working in Firefox.
       [#16192]
     * Explore: Fix for url does not keep query after browser refresh.
       [#16189]
     * Gauge: Interpolate scoped variables in repeated gauges [#15739]
     * Graphite: Fix issue with using series ref and series by tag. [#16111]
     * Graphite: Fix variable quoting when variable value is numeric. [#16149]
     * Heatmap: Fix Y-axis tick labels being in wrong order for some
       Prometheus queries. [#15932]
     * Heatmap: Negative values are now displayed correctly in graph &
       legend. [#15953]
     * Heatmap: legend shows wrong colors for small values [#14019]
     * InfluxDB: Always close request body even for error status codes.
       [#16207]
     * ManageDashboards: Fix for checkboxes not appearing properly Firefox .
       [#15981]
     * Playlist: Leaving playlist now always stops playlist . [#15791]
     * Prometheus: fixes regex ad-hoc filters variables with wildcards.
       [#16234]
     * TablePanel: Column color style now works even after removing columns.
       [#16227]
     * TablePanel: Fix for white text on white background when value is null.
       [#16199]
   - Update to version 6.0.2
     * Alerting: Fix issue with AlertList panel links resulting in panel not
       found errors. [#15975]
     * Dashboard: Improved error handling when rendering dashboard panels.
       [#15970]
     * LDAP: Fix allow anonymous server bind for ldap search. [#15872]
     * Discord: Fix discord notifier so it doesn't crash when there are no
       image generated. [#15833]
     * Panel Edit: Prevent search in VizPicker from stealing focus. [#15802]
     * Data Source admin: Fix url of back button in data source edit page,
       when root_url configured. [#15759]
   - Update to version 6.0.1
     * Metrics: Fix broken usagestats metrics for /metrics [#15651]
     * Dashboard: append &kiosk to the url in Kiosk mode [#15765]
     * Dashboard: respect header in kiosk=tv mode with autofitpanels [#15650]
     * Image rendering: Fix image rendering issue for dashboards with auto
       refresh. [#15818]
     * Dashboard: Fix only users that can edit a dashboard should be able to
       update panel json. [#15805]
     * LDAP: fix allow anonymous initial bind for ldap search. [#15803]
     * UX: ixed scrollbar not visible initially (only after manual scroll).
       [#15798]
     * Data Source admin TestData [#15793]
     * Dashboard: Fix scrolling issue that caused scroll to be locked to
       bottom. [#15792]
     * Explore: Viewers with viewers_can_edit should be able to access
       /explore. [#15787]
     * Security fix: limit access to org admin and alerting pages. [#15761]
     * Panel Edit minInterval changes did not persist [#15757]
     * Teams: Fix bug when getting teams for user. [#15595]
     * Stackdriver: fix for float64 bounds for distribution metrics [#14509]
     * Stackdriver: no reducers available for distribution type [#15179]
   - Update to version 6.0.0
     * Dashboard: fixes click after scroll in series override menu [#15621]
     * MySQL: fix mysql query using \_interval_ms variable throws error
       [#14507]
     * Influxdb: Add support for alerting on InfluxDB queries that use the
       non_negative_difference function [#15415]
     * Alerting: Fix percent_diff calculation when points are nulls [#15443]
     * Alerting: Fix handling of alert urls with true flags [#15454]
     * AzureMonitor: Enable alerting by converting Azure Monitor API to Go
       [#14623]
     * Security: Fix CSRF Token validation for POSTs [#1441]
     * Internal Metrics Edition has been added to the build_info metric. This
       will break any Graphite queries using this metric. Edition will be a
       new label for the Prometheus metric. [#15363]
     * Gauge: Fix issue with gauge requests being cancelled [#15366]
     * Gauge: Accept decimal inputs for thresholds [#15372]
     * UI: Fix error caused by named colors that are not part of named colors
       palette [#15373]
     * Search: Bug pressing special regexp chars in input fields [#12972]
     * Permissions: No need to have edit permissions to be able to "Save as"
       [#13066]
     * Alerting: Adds support for Google Hangouts Chat notifications [#11221]
     * Elasticsearch: Support bucket script pipeline aggregations [#5968]
     * Influxdb: Add support for time zone (`tz`) clause [#10322]
     * Snapshots: Enable deletion of public snapshot [#14109]
     * Provisioning: Provisioning support for alert notifiers [#10487]
     * Explore: A whole new way to do ad-hoc metric queries and exploration.
       Split view in half and compare metrics & logs.
     * Auth: Replace remember me cookie solution for Grafana's builtin, LDAP
       and OAuth authentication with a solution based on short-lived tokens
       [#15303]
     * Search: Fix for issue with scrolling the "tags filter" dropdown, fixes
       [#14486]
     * Prometheus: fix annotation always using 60s step regardless of
       dashboard range [#14795]
     * Annotations: Fix creating annotation when graph panel has no data
       points position the popup outside viewport [#13765]
     * Piechart/Flot: Fix multiple piechart instances with donut bug [#15062]
     * Postgres: Fix default port not added when port not configured [#15189]
     * Alerting: Fix crash bug when alert notifier folders are missing
       [#15295]
     * Dashboard: Fix save provisioned dashboard modal [#15219]
     * Dashboard: Fix having a long query in prometheus dashboard query editor
     * blocks 30% of the query field when on OSX and having native scrollbars
       [#15122]
     * Explore: Fix issue with wrapping on long queries [#15222]
     * Explore: Fix cut & paste adds newline before and after selection
       [#15223]
     * Dataproxy: Fix global data source proxy timeout not added to correct
       http client [#15258]
     * Text Panel: The text panel does no longer by default allow unsanitized
       HTML. [#4117]
     * Dashboard: Panel property `minSpan` replaced by `maxPerRow`. Dashboard
     * migration will automatically migrate all dashboard panels using the
       `minSpan` property to the new `maxPerRow` property [#12991]
   - Update to version 5.4.3
     * MySQL only update session in mysql database when required [#14540]
     * Alerting Invalid frequency causes division by zero in alert scheduler
       [#14810]
     * Dashboard Dashboard links do not update when time range changes
       [#14493]
     * Limits Support more than 1000 data sources per org [#13883]
     * Backend fix signed in user for orgId=0 result should return active org
       id [#14574]
     * Provisioning Adds orgId to user dto for provisioned dashboards [#14678]
   - Update to version 5.4.2
     * Data Source admin: Fix for issue creating new data source when same
       name exists [#14467]
     * OAuth: Fix for oauth auto login setting, can now be set using env
       variable [#14435]
   - Update to version 5.4.1
     * Stackdriver: Fix issue with data proxy and Authorization header
       [#14262]
     * Units: fixedUnit for Flow:l/min and mL/min [#14294]
     * Logging: Fix for issue where data proxy logged a secret when debug
       logging was enabled, now redacted. [#14319]
     * TSDB: Fix always take dashboard timezone into consideration when
       handle custom time ranges: Add support for alerting on InfluxDB
       queries that use the cumulative_sum function. [#14314]
     * Embedded Graphs: Iframe graph panels should now work as usual. [#14284]
     * Postgres: Improve PostgreSQL Query Editor if using different Schemas,
       [#14313]
     * Quotas: Fix updating org & user quotas. [#14347]
     * Cloudwatch: Add the AWS/SES Cloudwatch metrics of BounceRate and
       ComplaintRate to auto complete list. [#14401]
     * Dashboard Search: Fix filtering by tag issues.
     * Graph: Fix time region issues, [#14425]
   - Update to version 5.4.0
     * Cloudwatch: Fix invalid time range causes segmentation fault [#14150]
     * Cloudwatch: AWS/CodeBuild metrics and dimensions [#14167]
     * MySQL: Fix `$__timeFrom()` and `$__timeTo()` should respect local time
       zone [#14228]
     * Graph: Fix legend always visible even if configured to be hidden
       [#14144]
     * Elasticsearch: Fix regression when using data source version 6.0+ and
       alerting [#14175]
     * Alerting: Introduce alert debouncing with the `FOR` setting. [#7886]
     * Alerting: Option to disable OK alert notifications [#12330]
     * Postgres/MySQL/MSSQL: Adds support for configuration of max open/idle
       connections and connection max lifetime. Also, panels with multiple
       SQL queries will now be executed concurrently [#11711]
     * MySQL: Graphical query builder [#13762]
     * MySQL: Support connecting thru Unix socket for MySQL data source
       [#12342]
     * MSSQL: Add encrypt setting to allow configuration of how data sent
       between client and server are encrypted [#13629]
     * Stackdriver: Not possible to authenticate using GCE metadata server
       [#13669]
     * Teams: Team preferences (theme, home dashboard, timezone) support
       [#12550]
     * Graph: Time regions support enabling highlight of weekdays and/or
       certain timespans [#5930]
     * OAuth: Automatic redirect to sign-in with OAuth [#11893]
     * Stackdriver: Template query editor [#13561]
     * Security: Upgrade macaron session package to fix security issue.
       [#14043]
     * Postgres/MySQL/MSSQL data sources now per default uses `max open
       connections` = `unlimited` (earlier 10), `max idle connections` = `2`
       (earlier 10) and `connection max lifetime` = `4` hours (earlier
       unlimited).
   - Update to version 5.3.4
     * Alerting: Delete alerts when parent folder was deleted [#13322]
     * MySQL: Fix `$__timeFilter()` should respect local time zone [#13769]
     * Dashboard: Fix data source selection in panel by enter key [#13932]
     * Graph: Fix table legend height when positioned below graph and using
       Internet Explorer 11 [#13903]
     * Dataproxy: Drop origin and referer http headers [#13328]
   - Update to version 5.3.3
     * Fix file exfiltration vulnerability
   - Update to version 5.3.2
     * InfluxDB/Graphite/Postgres: Prevent XSS in query editor [#13667]
     * Postgres: Fix template variables error [#13692]
     * Cloudwatch: Fix service panic because of race conditions [#13674]
     * Cloudwatch: Fix check for invalid percentile statistics [#13633]
     * Stackdriver/Cloudwatch: Allow user to change unit in graph panel if
       cloudwatch/stackdriver data source response doesn't include unit
       [#13718]
     * Stackdriver: stackdriver user-metrics duplicated response when
       multiple resource types [#13691]
     * Variables: Fix text box template variable doesn't work properly
       without a default value [#13666]
     * Variables: Fix variable dependency check when using `${var}` format
       [#13600]
     * Dashboard: Fix kiosk=1 url parameter should put dashboard in kiosk
       mode [#13764]
     * LDAP: Fix super admins can also be admins of orgs [#13710]
     * Provisioning: Fix deleting provisioned dashboard folder should cleanup
       provisioning meta data [#13280]
   - Update to version 5.3.1
     * Render: Fix PhantomJS render of graph panel when legend displayed as
       table to the right [#13616]
     * Stackdriver: Filter option disappears after removing initial filter
       [#13607]
     * Elasticsearch: Fix no limit size in terms aggregation for alerting
       queries [#13172]
     * InfluxDB: Fix for annotation issue that caused text to be shown twice
       [#13553]
     * Variables: Fix nesting variables leads to exception and missing
       refresh [#13628]
     * Variables: Prometheus: Single letter labels are not supported [#13641]
     * Graph: Fix graph time formatting for Last 24h ranges [#13650]
     * Playlist: Fix cannot add dashboards with long names to playlist
       [#13464]
     * HTTP API: Fix /api/org/users so that query and limit querystrings works
   - Update to version 5.3.0
     * Stackdriver: Filter wildcards and regex matching are not yet supported
       [#13495]
     * Stackdriver: Support the distribution metric type for heatmaps [#13559]
     * Cloudwatch: Automatically set graph yaxis unit [#13575]
     * Stackdriver: Fix for missing ngInject [#13511]
     * Permissions: Fix for broken permissions selector [#13507]
     * Alerting: Alert reminders deduping not working as expected when
       running multiple Grafana instances [#13492]
     * Annotations: Enable template variables in tagged annotations queries
       [#9735]
     * Stackdriver: Support for Google Stackdriver data source [#13289]
     * Alerting: Notification reminders [#7330]
     * Dashboard: TV & Kiosk mode changes, new cycle view mode button in
       dashboard toolbar [#13025]
     * OAuth: Gitlab OAuth with support for filter by groups [#5623]
     * Postgres: Graphical query builder [#10095]
     * LDAP: Define Grafana Admin permission in ldap group mappings [#2469]
     * LDAP: Client certificates support [#12805]
     * Profile: List teams that the user is member of in current/active
       organization [#12476]
     * Configuration: Allow auto-assigning users to specific organization
       (other than Main. Org) [#1823]
     * Dataproxy: Pass configured/auth headers to a data source [#10971]
     * CloudWatch: GetMetricData support [#11487]
     * Postgres: TimescaleDB support, e.g. use `time_bucket` for grouping by
       time when option enabled [#12680]
     * Cleanup: Make temp file time to live configurable [#11607]
     * Postgres data source no longer automatically adds time column alias
       when using the $__timeGroup alias.
     * Kiosk mode now also hides submenu (variables)
     * ?inactive url parameter no longer supported, replaced with kiosk=tv
       url parameter
     * Dashboard: Auto fit dashboard panels to optimize space used for
       current TV
       or Monitor [#12768]
     * Frontend: Convert all Frontend Karma tests to Jest tests [#12224]
     * Backend: Upgrade to golang 1.11 [#13030]
   - Update to version 5.2.4
     * GrafanaCli: Fix issue with grafana-cli install plugin resulting in
       corrupt http response from source error. [#13079]
   - Update to version 5.2.3
     * Important fix for LDAP & OAuth login vulnerability
   - Update to version 5.2.2
     * Prometheus: Fix graph panel bar width issue in aligned prometheus
       queries [#12379]
     * Dashboard: Dashboard links not updated when changing variables [#12506]
     * Postgres/MySQL/MSSQL: Fix connection leak [#12636]
     * Plugins: Fix loading of external plugins [#12551]
     * Dashboard: Remove unwanted scrollbars in embedded panels [#12589]
     * Prometheus: Prevent error using \$\_\_interval_ms in query [#12533]
   - Update to version 5.2.1
     * Auth Proxy: Important security fix for whitelist of IP address feature
       [#12444]
     * UI: Fix - Grafana footer overlapping page [#12430]
     * Logging: Errors should be reported before crashing [#12438]
   - Update to version 5.2.0
     * Plugins: Handle errors correctly when loading data source plugin
       [#12383]
     * Render: Enhance error message if phantomjs executable is not found
       [#11868]
     * Dashboard: Set correct text in drop down when variable is present in
       url [#11968]
     * LDAP: Handle "dn" ldap attribute more gracefully [#12385]
     * Dashboard: Import dashboard to folder [#10796]
     * Permissions: Important security fix for API keys with viewer role
       [#12343]
     * Dashboard: Fix so panel titles doesn't wrap [#11074]
     * Dashboard: Prevent double-click when saving dashboard [#11963]
     * Dashboard: AutoFocus the add-panel search filter [#12189]
     * Units: W/m2 (energy), l/h (flow) and kPa (pressure) [#11233]
     * Units: Liter/min (flow) and milliLiter/min (flow) [#12282]
     * Alerting: Fix mobile notifications for Microsoft Teams alert notifier
       [#11484]
     * Influxdb: Add support for mode function [#12286]
     * Cloudwatch: Fix panic caused by bad timerange settings [#12199]
     * Auth Proxy: Whitelist proxy IP address instead of client IP address
       [#10707]
     * User Management: Make sure that a user always has a current org
       assigned [#11076]
     * Snapshots: Fix: annotations not properly extracted leading to
       incorrect rendering of annotations [#12278]
     * LDAP: Allow use of DN in group_search_filter_user_attribute and
       member_of [#3132]
     * Graph: Fix legend decimals precision calculation [#11792]
     * Dashboard: Make sure to process panels in collapsed rows when
       exporting dashboard [#12256]
     * Dashboard: Dashboard link doesn't work when "As dropdown" option is
       checked [#12315]
     * Dashboard: Fix regressions after save modal changes, including adhoc
       template issues [#12240]
     * Elasticsearch: Alerting support [#5893]
     * Build: Crosscompile and packages Grafana on arm, windows, linux and
       darwin [#11920]
     * Login: Change admin password after first login [#11882]
     * Alert list panel: Updated to support filtering alerts by name,
       dashboard title, folder, tags [#11500]
     * Dashboard: Modified time range and variables are now not saved by
       default [#10748]
     * Graph: Show invisible highest value bucket in histogram [#11498]
     * Dashboard: Enable "Save As..." if user has edit permission [#11625]
     * Prometheus: Query dates are now step-aligned [#10434]
     * Prometheus: Table columns order now changes when rearrange queries
       [#11690]
     * Variables: Fix variable interpolation when using multiple formatting
       types [#11800]
     * Dashboard: Fix date selector styling for dark/light theme in time
       picker control [#11616]
     * Discord: Alert notification channel type for Discord, [#7964]
     * InfluxDB: Support SELECT queries in templating query, [#5013]
     * InfluxDB: Support count distinct aggregation [#11645]
     * Dashboard: JSON Model under dashboard settings can now be updated &
       changes saved. [#1429]
     * Security: Fix XSS vulnerabilities in dashboard links [#11813]
     * Singlestat: Fix "time of last point" shows local time when dashboard
       timezone set to UTC [#10338]
     * Prometheus: Add support for passing timeout parameter to Prometheus
       [#11788]
     * Login: Add optional option sign out url for generic oauth [#9847]
     * Login: Use proxy server from environment variable if available [#9703]
     * Invite users: Friendlier error message when smtp is not configured
       [#12087]
     * Graphite: Don't send distributed tracing headers when using
       direct/browser access mode [#11494]
     * Sidenav: Show create dashboard link for viewers if at least editor in
       one folder [#11858]
     * SQL: Second epochs are now correctly converted to ms. [#12085]
     * Singlestat: Fix singlestat threshold tooltip [#11971]
     * Dashboard: Hide grid controls in fullscreen/low-activity views [#11771]
     * Dashboard: Validate uid when importing dashboards [#11515]
     * Alert list panel: Show alerts for user with viewer role [#11167]
     * Provisioning: Verify checksum of dashboards before updating to reduce
       load
       on database [#11670]
     * Provisioning: Support symlinked files in dashboard provisioning config
       files [#11958]
     * Dashboard list panel: Search dashboards by folder [#11525]
     * Sidenav: Always show server admin link in sidenav if grafana admin
       [#11657]
   - Update to version 5.1.4
     * Permissions: Important security fix for API keys with viewer role
       [#12343]
   - Update to version 5.1.3
     * Scroll: Graph panel / legend texts shifts on the left each time we
       move scrollbar on firefox [#11830]
   - Update to version 5.1.2
     * Database: Fix MySql migration issue [#11862]
     * Google Analytics: Enable Google Analytics anonymizeIP setting for GDPR
       [#11656]
   - Update to version 5.1.1
     * LDAP: LDAP login with MariaDB/MySQL database and dn>100 chars not
       possible [#11754]
     * Build: AppVeyor Windows build missing version and commit info [#11758]
     * Scroll: Scroll can't start in graphs on Chrome mobile [#11710]
     * Units: Revert renaming of unit key ppm [#11743]
   - Update to version 5.1.0
     * Folders: Default permissions on folder are not shown as inherited in
       its dashboards [#11668]
     * Templating: Allow more than 20 previews when creating a variable
       [#11508]
     * Dashboard: Row edit icon not shown [#11466]
     * SQL: Unsupported data types for value column using time series query
       [#11703]
     * Prometheus: Prometheus query inspector expands to be very large on
       autocomplete queries [#11673]
     * MSSQL: New Microsoft SQL Server data source [#10093]
     * Prometheus: The heatmap panel now support Prometheus histograms
       [#10009]
     * Postgres/MySQL: Ability to insert 0s or nulls for missing intervals
       [#9487]
     * Postgres/MySQL/MSSQL: Fix precision for the time column in table mode
       [#11306]
     * Graph: Align left and right Y-axes to one level [#1271]
     * Graph: Thresholds for Right Y axis [#7107]
     * Graph: Support multiple series stacking in histogram mode [#8151]
     * Alerting: Pausing/un alerts now updates new_state_date [#10942]
     * Alerting: Support Pagerduty notification channel using Pagerduty V2
       API [#10531]
     * Templating: Add comma templating format [#10632]
     * Prometheus: Show template variable candidate in query editor [#9210]
     * Prometheus: Support POST for query and query_range [#9859]
     * Alerting: Add support for retries on alert queries [#5855]
     * Table: Table plugin value mappings [#7119]
     * IE11: IE 11 compatibility [#11165]
     * Scrolling: Better scrolling experience [#11053]
     * Folders: A folder admin cannot add user/team permissions for
       folder/its dashboards [#11173]
     * Provisioning: Improved workflow for provisioned dashboards [#10883]
     * OpsGenie: Add triggered alerts as description [#11046]
     * Cloudwatch: Support high resolution metrics [#10925]
     * Cloudwatch: Add dimension filtering to CloudWatch `dimension_values()`
       [#10029]
     * Units: Second to HH:mm:ss formatter [#11107]
     * Singlestat: Add color to prefix and postfix in singlestat panel
       [#11143]
     * Dashboards: Version cleanup fails on old databases with many entries
       [#11278]
     * Server: Adjust permissions of unix socket [#11343]
     * Shortcuts: Add shortcut for duplicate panel [#11102]
     * AuthProxy: Support IPv6 in Auth proxy white list [#11330]
     * SMTP: Don't connect to STMP server using TLS unless configured. [#7189]
     * Prometheus: Escape backslash in labels correctly. [#10555]
     * Variables: Case-insensitive sorting for template values [#11128]
     * Annotations (native): Change default limit from 10 to 100 when
       querying api [#11569]
     * MySQL/Postgres/MSSQL: PostgreSQL data source generates invalid query
       with dates before 1970 [#11530]
     * Kiosk: Adds url parameter for starting a dashboard in inactive mode
       [#11228]
     * Dashboard: Enable closing timepicker using escape key [#11332]
     * Data Sources: Rename direct access mode in the data source settings
       [#11391]
     * Search: Display dashboards in folder indented [#11073]
     * Units: Use B/s instead Bps for Bytes per second [#9342]
     * Units: Radiation units [#11001]
     * Units: Timeticks unit [#11183]
     * Units: Concentration units and "Normal cubic meter" [#11211]
     * Units: New currency - Czech koruna [#11384]
     * Avatar: Fix DISABLE_GRAVATAR option [#11095]
     * Heatmap: Disable log scale when using time time series buckets [#10792]
     * Provisioning: Remove `id` from json when provisioning dashboards,
       [#11138]
     * Prometheus: tooltip for legend format not showing properly [#11516]
     * Playlist: Empty playlists cannot be deleted [#11133]
     * Switch Orgs: Alphabetic order in Switch Organization modal [#11556]
     * Postgres: improve `$__timeFilter` macro [#11578]
     * Permission list: Improved ux [#10747]
     * Dashboard: Sizing and positioning of settings menu icons [#11572]
     * Dashboard: Add search filter/tabs to new panel control [#10427]
     * Folders: User with org viewer role should not be able to save/move
       dashboards in/to general folder [#11553]
     * Influxdb: Don't assume the first column in table response is time.
       [#11476]
   - Update to version 5.0.4
     * Dashboard Fix inability to link collapsed panels directly to [#11114]
     * Dashboard Provisioning dashboard with alert rules should create alerts
       [#11247]
     * Snapshots For snapshots, the Graph panel renders the legend
       incorrectly on right hand side [#11318]
     * Alerting Link back to Grafana returns wrong URL if root_path contains
       sub-path components [#11403]
     * Alerting Incorrect default value for upload images setting for alert
       notifiers [#11413]
   - Update to version 5.0.3
     * Mysql: Mysql panic occurring occasionally upon Grafana dashboard
       access (a bigger patch than the one in 5.0.2) [#11155]
   - Update to version 5.0.2
     * Mysql: Mysql panic occurring occasionally upon Grafana dashboard
       access [#11155]
     * Dashboards: Should be possible to browse dashboard using only uid
       [#11231]
     * Alerting: Fix bug where alerts from hidden panels where deleted
       [#11222]
     * Import: Fix bug where dashboards with alerts couldn't be imported
       [#11227]
     * Teams: Remove quota restrictions from teams [#11220]
     * Render: Fix bug with legacy url redirection for panel rendering
       [#11180]
   - Update to version 5.0.1
     * Postgres: PostgreSQL error when using ipv6 address as hostname in
       connection string [#11055]
     * Dashboards: Changing templated value from dropdown is causing unsaved
       changes [#11063]
     * Prometheus: Fix bundled Prometheus 2.0 dashboard [#11016]
     * Sidemenu: Profile menu "invisible" when gravatar is disabled [#11097]
     * Dashboard: Fix a bug with resizable handles for panels [#11103]
     * Alerting: Telegram inline image mode fails when caption too long
       [#10975]
     * Alerting: Fix silent failing validation [#11145]
     * OAuth: Only use jwt token if it contains an email address [#11127]
   - Update to version 5.0.0
     * oauth Fix GitHub OAuth not working with private Organizations [#11028]
     * kiosk white area over bottom panels in kiosk mode [#11010]
     * alerting Fix OK state doesn't show up in Microsoft Teams [#11032]
     * Permissions Fix search permissions issues [#10822]
     * Permissions Fix problem issues displaying permissions lists [#10864]
     * PNG-Rendering Fix problem rendering legend to the right [#10526]
     * Reset password Fix problem with reset password form [#10870]
     * Light theme Fix problem with light theme in safari, [#10869]
     * Provisioning Now handles deletes when dashboard json files removed
       from disk [#10865]
     * MySQL: Fix issue with schema migration on old mysql (index too long)
       [#10779]
     * GitHub OAuth: Fix fetching github orgs from private github org [#10823]
     * Embedding:Fix issues with embedding panel [#10787]
     * Dashboards: Dashboard folders, [#1611]
     * Teams User groups (teams) implemented. Can be used in folder &
       dashboard permission list.

     * Dashboard grid: Panels are now laid out in a two dimensional grid
       (with x, y, w, h). [#9093]
     * Templating: Vertical repeat direction for panel repeats.
     * UX: Major update to page header and navigation
     * Dashboard settings: Combine dashboard settings views into one with
       side menu, [#9750]
     * Persistent dashboard url's: New url's for dashboards that allows
       renaming dashboards without breaking links. [#7883]
     * dashboard.json files have been replaced with dashboard provisioning
       API.
     * Config files for provisioning data sources as configuration have
       changed from /etc/grafana/conf/datasources to
       /etc/grafana/provisioning/datasources.
     * Pagerduty notifier now defaults to not auto resolve incidents. More
       details at [#10222]
     * `GET /api/alerts` property dashboardUri renamed to url
     * New grid engine for positioning dashboard panels
     * Alerting: Add support for internal image store [#6922]
     * Data Source Proxy: Add support for whitelisting specified cookies to
       be be passed through to the data source when proxying [#5457]
     * Postgres/MySQL: add \_\_timeGroup macro for mysql [#9596]
     * Text: Text panel are now edited in the ace editor. [#9698]
     * Teams: Add Microsoft Teams notifier as [#8523]
     * Data Sources: Its now possible to configure data sources with config
       files [#1789]
     * Graphite: Query editor updated to support new query by tag features
       [#9230]
     * Dashboard history: New config file option versions_to_keep sets how
       many versions per dashboard to store, [#9671]
     * Dashboard as cfg: Load dashboards from file into Grafana on
       startup/change [#9654]
     * Prometheus: Grafana can now send alerts to Prometheus Alertmanager
       while firing [#7481]
     * Table: Support multiple table formatted queries in table panel [#9170]
     * Security: Protect against brute force (frequent) login attempts [#7616]
     * Graph: Don't hide graph display options (Lines/Points) when draw mode
       is unchecked [#9770]
     * Alert panel: Adds placeholder text when no alerts are within the time
       range [#9624]
     * Mysql: MySQL enable MaxOpenCon and MaxIdleCon regards how constring is
       configured. [#9784]
     * Cloudwatch: Fix broken query inspector for cloudwatch [#9661]
     * Dashboard: Make it possible to start dashboards from search and
       dashboard list panel [#1871]
     * Annotations: Posting annotations now return the id of the annotation
       [#9798]
     * Systemd: Use systemd notification ready flag [#10024]
     * GitHub: Use organizations_url provided from github to verify user
       belongs in org. [#10111]
     * Backend: Fix bug where Grafana exited before all sub routines where
       finished [#10131]
     * Azure: Adds support for Azure blob storage as external image stor
       [#8955]
     * Telegram: Add support for inline image uploads to telegram notifier
       plugin [#9967]
     * Sensu: Send alert message to sensu output [#9551]
     * Singlestat: suppress error when result contains no datapoints [#9636]
     * Postgres/MySQL: Control quoting in SQL-queries when using template
       variables [#9030]
     * Pagerduty: Pagerduty don't auto resolve incidents by default anymore.
       [#10222]
     * Cloudwatch: Fix for multi-valued templated queries. [#9903]
     * RabbitMq: Remove support for publishing events to RabbitMQ [#9645]
     * API: GET /api/dashboards/db/:slug deprecated, use GET
       /api/dashboards/uid/:uid
     * API: DELETE /api/dashboards/db/:slug deprecated, use DELETE
       /api/dashboards/uid/:uid
     * API: `uri` property in GET /api/search deprecated, use `url` or `uid`
       property
     * API: `meta.slug` property in GET /api/dashboards/uid/:uid and GET
       /api/dashboards/db/:slug deprecated, use `meta.url` or `dashboard.uid`
       property

   Changes in grafana-natel-discrete-panel:
   - Add recompress source service
   - Add set_version source service
   - Enable changesgenerate for tar_scm source service
   - Update to version 0.0.9:
     * split commands
     * put back the history

   Changes in openstack-cinder:
   - Update to version cinder-11.2.3.dev29:
     * Remove VxFlex OS credentials from connection\_properties
     * Fix stable/pike gate
     * tintri: Enable SSL with requests
     * [Unity] Fix TypeError for test case test\_delete\_host\_wo\_lock

   Changes in openstack-cinder:
   - Update to version cinder-11.2.3.dev29:
     * Remove VxFlex OS credentials from connection\_properties
     * Fix stable/pike gate
     * tintri: Enable SSL with requests
     * [Unity] Fix TypeError for test case test\_delete\_host\_wo\_lock

   Changes in openstack-monasca-installer:
   - Add 0001-Add-support-for-ansible-2.9.patch

   Changes in openstack-neutron:
   - Update to version neutron-11.0.9.dev69:
     * Do not block connection between br-int and br-phys on startup
     * [EM releases] Move non-voting jobs to the experimental queue

   - Update to version neutron-11.0.9.dev66:
     * Fix pike gates, multiple fixes

   Changes in openstack-neutron:
   - Add 0001-Ensure-drop-flows-on-br-int-at-agent-startup-for-DVR-too.patch
     (LP#1887148)

   - Update to version neutron-11.0.9.dev69:
     * Do not block connection between br-int and br-phys on startup
     * [EM releases] Move non-voting jobs to the experimental queue

   - Update to version neutron-11.0.9.dev66:
     * Fix pike gates, multiple fixes

   Changes in openstack-nova:
   - Update to version nova-16.1.9.dev76:
     * Removed the host FQDN from the exception message

   - Update to version nova-16.1.9.dev74:
     * libvirt: Provide VIR\_MIGRATE\_PARAM\_PERSIST\_XML during live
       migration

   - Update to version nova-16.1.9.dev73:
     * Fix os-simple-tenant-usage result order

   - Update to version nova-16.1.9.dev71:
     * Fix false ERROR message at compute restart

   - Update to version nova-16.1.9.dev69:
     * Check cherry-pick hashes in pep8 tox target

   - Update to version nova-16.1.9.dev67:
     * libvirt: Do not reraise DiskNotFound exceptions during resize

   - Update to version nova-16.1.9.dev66:
     * Clean up allocation if unshelve fails due to neutron
     * Reproduce bug 1862633

   - Update to version nova-16.1.9.dev64:
     * Init HostState.failed\_builds

   - Update to version nova-16.1.9.dev62:
     * Fix os\_CODENAME detection and repo refresh during ceph tests

   Changes in openstack-nova:
   - Update to version nova-16.1.9.dev76:
     * Removed the host FQDN from the exception message

   - Rebased patches:
     + 0004-Provide-VIR_MIGRATE_PARAM_PERSIST_XML-during-live-migration.patch
       dropped (merged upstream)

   - Update to version nova-16.1.9.dev74:
     * libvirt: Provide VIR\_MIGRATE\_PARAM\_PERSIST\_XML during live
       migration

   - Add
     0004-Provide-VIR_MIGRATE_PARAM_PERSIST_XML-during-live-migration.patch
     * (bsc#1175484, CVE-2020-17376)

   - Update to version nova-16.1.9.dev73:
     * Fix os-simple-tenant-usage result order

   - Update to version nova-16.1.9.dev71:
     * Fix false ERROR message at compute restart

   - Update to version nova-16.1.9.dev69:
     * Check cherry-pick hashes in pep8 tox target

   - Update to version nova-16.1.9.dev67:
     * libvirt: Do not reraise DiskNotFound exceptions during resize

   - Update to version nova-16.1.9.dev66:
     * Clean up allocation if unshelve fails due to neutron
     * Reproduce bug 1862633

   - Update to version nova-16.1.9.dev64:
     * Init HostState.failed\_builds

   - Update to version nova-16.1.9.dev62:
     * Fix os\_CODENAME detection and repo refresh during ceph tests

   Changes in python-Django:
   - Update to version 1.11.29 (bsc#1161919, CVE-2020-7471, bsc#1165022,
     CVE-2020-9402, bsc#1159447, CVE-2019-19844)
     * Fixed CVE-2020-9402 -- Properly escaped tolerance parameter in GIS
       functions and aggregates on Oracle.
     * Pinned PyYAML < 5.3 in test requirements.
     * Fixed CVE-2020-7471 -- Properly escaped StringAgg(delimiter) parameter.
     * Fixed timezones tests for PyYAML 5.3+.
     * Fixed CVE-2019-19844 -- Used verified user email for password reset
       requests.
     * Fixed #31073 -- Prevented CheckboxInput.get_context() from mutating
       attrs.
     * Fixed #30826 -- Fixed crash of many JSONField lookups when one hand
       side is key transform.
     * Fixed #30769 -- Fixed a crash when filtering against a subquery
       JSON/HStoreField annotation.
     * Fixed #30672 -- Fixed crash of JSONField/HStoreField key transforms on
       expressions with params.

     * Added patch CVE-2020-13254.patch
     * Added patch CVE-2020-13596.patch Changes in python-Flask-Cors:
   - Add patches to fix a relative directory traversal issue (boo#1175986,
     CVE-2020-25032):
     * 0001-Handle-request_headers-None.patch
     * 0002-Fix-request-path-normalization.patch

   Changes in python-Pillow:
   - Add 011-Fix-OOB-reads-in-FLI-decoding.patch
      * From upstream, backported
      * Fixes CVE-2020-10177, bsc#1173413
   - Add 012-Fix-bounds-overflow-in-JPEG-2000-decoding.patch
      * From upstream, backported
      * Fixes CVE-2020-10994, bsc#1173418
   - Add 013-Fix-bounds-overflow-in-PCX-decoding.patch
      * From upstream, backported
      * Fixes CVE-2020-10378, bsc#1173416

   Changes in python-ardana-packager:
   - fetch updated nova_host_aggregate from git
    - Add missing novaclient required domain entries (bsc#1174006)

   Changes in python-keystoneclient:
   - add 2020-tests-pass.patch:
     - Make tests pass in 2020

   - update to version 3.13.1
     - Updated from global requirements
     - Update .gitreview for stable/pike
     - Update UPPER_CONSTRAINTS_FILE for stable/pike
     - import zuul job settings from project-config
     - Avoid tox_install.sh for constraints support

   Changes in python-keystonemiddleware:
   - added 0001-Make-tests-pass-in-2022.patch
   - removed 0001-Add-use_oslo_messaging-option.patch

   - update to version 4.17.1
     - Update .gitreview for stable/pike
     - Update UPPER_CONSTRAINTS_FILE for stable/pike
     - Add option to disable using oslo_message notifier
     - Fix docs builds
     - Updated from global requirements
     - import zuul job settings from project-config

   Changes in python-kombu:
   - Add 0001-Fix-failing-unittests-of-pyamqp-transport.patch

   Changes in python-straight-plugin:

   - Add pip_no_plugins.patch to avoid error: "UnboundLocalError: local
     variable 'r' referenced before assignment", when there is no plugin
     available.

   - Initial packaging

   Changes in python-urllib3:
   - Update urllib3-fix-test-urls.patch. Adjust to match upstream solution.

   - Add urllib3-fix-test-urls.patch. Fix tests failing on python checks for
     CVE-2019-9740.

   - Add urllib3-cve-2020-26137.patch. Don't allow control chars in request
     method. (bsc#1177120, CVE-2020-26137)

   Changes in release-notes-suse-openstack-cloud:
   - Update to version 8.20200922:
     * postgreSQL db replace changes are updated for suse openstack cloud
       section (SOC-11000)

   Changes in storm:
   - Fix duplicate BuildRequire on storm-kit
   - update to 1.2.3 (SOC-9974, CVE-2019-0202, SOC-9998, CVE-2018-11779):
     * 1.2.3
       * [STORM-3233] - Upgrade zookeeper client to newest version (3.4.13)
       * [STORM-3077] - Upgrade Disruptor version to 3.3.11
       * [STORM-3083] - Upgrade HikariCP version to 2.4.7
       * [STORM-3094] - Topology name needs to be validated at storm-client
       * [STORM-3222] - Fix KafkaSpout internals to use LinkedList instead of
         ArrayList
       * [STORM-3292] - Trident HiveState must flush writers when the batch
         commits
       * [STORM-3013] - Deactivated topology restarts if data flows into Kafka
       * [STORM-3028] - HdfsSpout does not handle empty files in case of ack
         enabled
       * [STORM-3046] - Getting a NPE leading worker to die when starting a
         topology.
       * [STORM-3047] - Ensure Trident emitter refreshPartitions is only
         called with partitions assigned to the emitter
       * [STORM-3055] - never refresh connection
       * [STORM-3068] - STORM_JAR_JVM_OPTS are not passed to
         storm-kafka-monitor properly
       * [STORM-3082] - NamedTopicFilter can't handle topics that don't exist
         yet
       * [STORM-3087] - FluxBuilder.canInvokeWithArgs is too permissive when
         the method parameter type is a primitive
       * [STORM-3090] - The same offset value is used by the same partition
         number of different topics.
       * [STORM-3097] - Remove storm-druid in 2.x and deprecate support for
         it in 1.x
       * [STORM-3102] - Storm Kafka Client performance issues with Kafka
         Client v1.0.0
       * [STORM-3109] - Wrong canonical path set to STORM_LOCAL_DIR in storm
         kill_workers
       * [STORM-3110] - Supervisor does not kill all worker processes in
         secure mode in case of user mismatch
       * [STORM-3121] - Fix flaky metrics tests in storm-core
       * [STORM-3122] - FNFE due to race condition between "async localizer"
         and "update blob" timer thread
       * [STORM-3123] - Storm Kafka Monitor does not work with Kafka over
         two-way SSL
       * [STORM-3161] - Local mode should force setting min replication count
         to 1
       * [STORM-3164] - Multilang storm.py uses traceback.format_exc
         incorrectly
       * [STORM-3184] - Storm supervisor log showing keystore and truststore
         password in plaintext
       * [STORM-3201] - kafka spout lag on UI needs some cleanup
       * [STORM-3301] - The KafkaSpout can in some cases still replay tuples
         that were already committed
       * [STORM-3381] - Upgrading to Zookeeper 3.4.14 added an LGPL dependency
       * [STORM-3384] - storm set-log-level command throws wrong exception
         when the topology is not running
       * [STORM-3086] - Update Flux documentation to demonstrate static
         factory methods (STORM-2796)
       * [STORM-3089] - Document worker hooks on the hooks page
       * [STORM-3199] - Metrics-ganglia depends on an LGPL library, so we
         shouldn't depend on it
       * [STORM-3289] - Add note about KAFKA-7044 to storm-kafka-client
         compatibility docs
       * [STORM-3330] - Migrate parts of storm-webapp, and reduce use of
         mocks for files
     * 1.2.2
       * [STORM-3026] - Upgrade ZK instance for security
       * [STORM-3027] - Make Impersonation Optional
       * [STORM-2896] - Support automatic migration of offsets from
         storm-kafka to storm-kafka-client KafkaSpout
       * [STORM-2997] - Add logviewer ssl module in SECURITY.md
       * [STORM-3006] - Distributed RPC documentation needs an update
       * [STORM-3011] - Use default bin path in flight.bash if $JAVA_HOME is
         undefined
       * [STORM-3022] - Decouple storm-hive UTs with Hive
       * [STORM-3039] - Ports of killed topologies remain in TIME_WAIT state
         preventing to start new topology
       * [STORM-3069] - Allow users to specify maven local repository
         directory for storm submit tool
       * [STORM-2911] - SpoutConfig is serializable but does not declare a
         serialVersionUID field
       * [STORM-2967] - Upgrade jackson to latest version 2.9.4
       * [STORM-2968] - Exclude a few unwanted jars from storm-autocreds
       * [STORM-2978] - The fix for STORM-2706 is broken, and adds a
         transitive dependency on Zookeeper 3.5.3-beta for projects that
         depend on e.g. storm-kafka
       * [STORM-2979] - WorkerHooks EOFException during
         run_worker_shutdown_hooks
       * [STORM-2981] - Upgrade Curator to lastest patch version
       * [STORM-2985] - Add jackson-annotations to dependency management
       * [STORM-2988] - "Error on initialization of server mk-worker" when
         using org.apache.storm.metrics2.reporters.JmxStormReporter on worker
       * [STORM-2989] - LogCleaner should preserve current worker.log.metrics
       * [STORM-2993] - Storm HDFS bolt throws ClosedChannelException when
         Time rotation policy is used
       * [STORM-2994] - KafkaSpout consumes messages but doesn't commit
         offsets
       * [STORM-3043] - NullPointerException thrown in
         SimpleRecordTranslator.apply()
       * [STORM-3052] - Let blobs un archive
       * [STORM-3059] - KafkaSpout throws NPE when hitting a null tuple if
         the processing guarantee is not AT_LEAST_ONCE
       * [STORM-2960] - Better to stress importance of setting up proper OS
         account for Storm processes
       * [STORM-3060] - Configuration mapping between storm-kafka &
         storm-kafka-client
       * [STORM-2952] - Deprecate storm-kafka in 1.x
       * [STORM-3005] - [DRPC] LinearDRPCTopologyBuilder shouldn't be
         deprecated

   Changes in storm-kit:
   - Add _constraints to prevent build from running out of disk space

   - Updated kit for storm-1.2.3

   Changes in venv-openstack-cinder:
   - Ensure that python-swiftclient is pulled into the built venv via an
     explicit BuildRequires directive. (SOC-10522)

   Changes in venv-openstack-swift:
   - Ensure that python-oslo.log is pulled into the built venv by explicitly
     requiring the package using a BuildRequires entry.


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE OpenStack Cloud Crowbar 8:

      zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2020-3309=1

   - SUSE OpenStack Cloud 8:

      zypper in -t patch SUSE-OpenStack-Cloud-8-2020-3309=1

   - HPE Helion Openstack 8:

      zypper in -t patch HPE-Helion-OpenStack-8-2020-3309=1



Package List:

   - SUSE OpenStack Cloud Crowbar 8 (noarch):

      crowbar-openstack-5.0+git.1599037158.5c4d07480-4.43.1
      documentation-suse-openstack-cloud-deployment-8.20201007-1.29.1
      documentation-suse-openstack-cloud-supplement-8.20201007-1.29.1
      documentation-suse-openstack-cloud-upstream-admin-8.20201007-1.29.1
      documentation-suse-openstack-cloud-upstream-user-8.20201007-1.29.1
      grafana-natel-discrete-panel-0.0.9-3.3.6
      openstack-cinder-11.2.3~dev29-3.28.2
      openstack-cinder-api-11.2.3~dev29-3.28.2
      openstack-cinder-backup-11.2.3~dev29-3.28.2
      openstack-cinder-doc-11.2.3~dev29-3.28.1
      openstack-cinder-scheduler-11.2.3~dev29-3.28.2
      openstack-cinder-volume-11.2.3~dev29-3.28.2
      openstack-monasca-installer-20190923_16.32-3.15.1
      openstack-neutron-11.0.9~dev69-3.37.2
      openstack-neutron-dhcp-agent-11.0.9~dev69-3.37.2
      openstack-neutron-doc-11.0.9~dev69-3.37.1
      openstack-neutron-ha-tool-11.0.9~dev69-3.37.2
      openstack-neutron-l3-agent-11.0.9~dev69-3.37.2
      openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.37.2
      openstack-neutron-macvtap-agent-11.0.9~dev69-3.37.2
      openstack-neutron-metadata-agent-11.0.9~dev69-3.37.2
      openstack-neutron-metering-agent-11.0.9~dev69-3.37.2
      openstack-neutron-openvswitch-agent-11.0.9~dev69-3.37.2
      openstack-neutron-server-11.0.9~dev69-3.37.2
      openstack-nova-16.1.9~dev76-3.39.2
      openstack-nova-api-16.1.9~dev76-3.39.2
      openstack-nova-cells-16.1.9~dev76-3.39.2
      openstack-nova-compute-16.1.9~dev76-3.39.2
      openstack-nova-conductor-16.1.9~dev76-3.39.2
      openstack-nova-console-16.1.9~dev76-3.39.2
      openstack-nova-consoleauth-16.1.9~dev76-3.39.2
      openstack-nova-doc-16.1.9~dev76-3.39.1
      openstack-nova-novncproxy-16.1.9~dev76-3.39.2
      openstack-nova-placement-api-16.1.9~dev76-3.39.2
      openstack-nova-scheduler-16.1.9~dev76-3.39.2
      openstack-nova-serialproxy-16.1.9~dev76-3.39.2
      openstack-nova-vncproxy-16.1.9~dev76-3.39.2
      python-Django-1.11.29-3.19.2
      python-cinder-11.2.3~dev29-3.28.2
      python-keystoneclient-3.13.1-3.3.2
      python-keystoneclient-doc-3.13.1-3.3.2
      python-keystonemiddleware-4.17.1-5.3.1
      python-kombu-4.1.0-3.7.1
      python-neutron-11.0.9~dev69-3.37.2
      python-nova-16.1.9~dev76-3.39.2
      python-straight-plugin-1.5.0-1.3.1
      python-urllib3-1.22-5.12.1
      release-notes-suse-openstack-cloud-8.20200922-3.23.1

   - SUSE OpenStack Cloud Crowbar 8 (x86_64):

      ansible-2.9.14-3.15.1
      crowbar-core-5.0+git.1600432272.b3ad722f0-3.44.1
      crowbar-core-branding-upstream-5.0+git.1600432272.b3ad722f0-3.44.1
      grafana-6.7.4-4.12.1
      grafana-debuginfo-6.7.4-4.12.1
      python-Pillow-4.2.1-3.9.2
      python-Pillow-debuginfo-4.2.1-3.9.2
      python-Pillow-debugsource-4.2.1-3.9.2
      ruby2.1-rubygem-crowbar-client-3.9.3-1.1
      storm-1.2.3-3.6.1
      storm-nimbus-1.2.3-3.6.1
      storm-supervisor-1.2.3-3.6.1

   - SUSE OpenStack Cloud 8 (noarch):

      ardana-ansible-8.0+git.1596735237.54109b1-3.77.1
      ardana-cinder-8.0+git.1596129856.263f430-3.43.1
      ardana-glance-8.0+git.1593631779.76fa9b7-3.24.1
      ardana-mq-8.0+git.1593618123.678c32b-3.26.1
      ardana-nova-8.0+git.1601298847.dd01585-3.42.1
      ardana-osconfig-8.0+git.1595885113.93abcbc-3.49.1
      documentation-suse-openstack-cloud-installation-8.20201007-1.29.1
      documentation-suse-openstack-cloud-operations-8.20201007-1.29.1
      documentation-suse-openstack-cloud-opsconsole-8.20201007-1.29.1
      documentation-suse-openstack-cloud-planning-8.20201007-1.29.1
      documentation-suse-openstack-cloud-security-8.20201007-1.29.1
      documentation-suse-openstack-cloud-supplement-8.20201007-1.29.1
      documentation-suse-openstack-cloud-upstream-admin-8.20201007-1.29.1
      documentation-suse-openstack-cloud-upstream-user-8.20201007-1.29.1
      documentation-suse-openstack-cloud-user-8.20201007-1.29.1
      grafana-natel-discrete-panel-0.0.9-3.3.6
      openstack-cinder-11.2.3~dev29-3.28.2
      openstack-cinder-api-11.2.3~dev29-3.28.2
      openstack-cinder-backup-11.2.3~dev29-3.28.2
      openstack-cinder-doc-11.2.3~dev29-3.28.1
      openstack-cinder-scheduler-11.2.3~dev29-3.28.2
      openstack-cinder-volume-11.2.3~dev29-3.28.2
      openstack-monasca-installer-20190923_16.32-3.15.1
      openstack-neutron-11.0.9~dev69-3.37.2
      openstack-neutron-dhcp-agent-11.0.9~dev69-3.37.2
      openstack-neutron-doc-11.0.9~dev69-3.37.1
      openstack-neutron-ha-tool-11.0.9~dev69-3.37.2
      openstack-neutron-l3-agent-11.0.9~dev69-3.37.2
      openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.37.2
      openstack-neutron-macvtap-agent-11.0.9~dev69-3.37.2
      openstack-neutron-metadata-agent-11.0.9~dev69-3.37.2
      openstack-neutron-metering-agent-11.0.9~dev69-3.37.2
      openstack-neutron-openvswitch-agent-11.0.9~dev69-3.37.2
      openstack-neutron-server-11.0.9~dev69-3.37.2
      openstack-nova-16.1.9~dev76-3.39.2
      openstack-nova-api-16.1.9~dev76-3.39.2
      openstack-nova-cells-16.1.9~dev76-3.39.2
      openstack-nova-compute-16.1.9~dev76-3.39.2
      openstack-nova-conductor-16.1.9~dev76-3.39.2
      openstack-nova-console-16.1.9~dev76-3.39.2
      openstack-nova-consoleauth-16.1.9~dev76-3.39.2
      openstack-nova-doc-16.1.9~dev76-3.39.1
      openstack-nova-novncproxy-16.1.9~dev76-3.39.2
      openstack-nova-placement-api-16.1.9~dev76-3.39.2
      openstack-nova-scheduler-16.1.9~dev76-3.39.2
      openstack-nova-serialproxy-16.1.9~dev76-3.39.2
      openstack-nova-vncproxy-16.1.9~dev76-3.39.2
      python-Django-1.11.29-3.19.2
      python-Flask-Cors-3.0.3-3.3.1
      python-ardana-packager-0.0.3-7.7.2
      python-cinder-11.2.3~dev29-3.28.2
      python-keystoneclient-3.13.1-3.3.2
      python-keystoneclient-doc-3.13.1-3.3.2
      python-keystonemiddleware-4.17.1-5.3.1
      python-kombu-4.1.0-3.7.1
      python-neutron-11.0.9~dev69-3.37.2
      python-nova-16.1.9~dev76-3.39.2
      python-straight-plugin-1.5.0-1.3.1
      python-urllib3-1.22-5.12.1
      release-notes-suse-openstack-cloud-8.20200922-3.23.1
      venv-openstack-aodh-x86_64-5.1.1~dev7-12.28.1
      venv-openstack-barbican-x86_64-5.0.2~dev3-12.29.1
      venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.26.1
      venv-openstack-cinder-x86_64-11.2.3~dev29-14.30.1
      venv-openstack-designate-x86_64-5.0.3~dev7-12.27.1
      venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.24.1
      venv-openstack-glance-x86_64-15.0.3~dev3-12.27.1
      venv-openstack-heat-x86_64-9.0.8~dev22-12.29.1
      venv-openstack-horizon-x86_64-12.0.5~dev3-14.32.1
      venv-openstack-ironic-x86_64-9.1.8~dev8-12.29.1
      venv-openstack-keystone-x86_64-12.0.4~dev11-11.30.1
      venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.28.1
      venv-openstack-manila-x86_64-5.1.1~dev5-12.33.1
      venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.24.1
      venv-openstack-monasca-x86_64-2.2.2~dev1-11.24.1
      venv-openstack-murano-x86_64-4.0.2~dev2-12.24.1
      venv-openstack-neutron-x86_64-11.0.9~dev69-13.32.1
      venv-openstack-nova-x86_64-16.1.9~dev76-11.30.1
      venv-openstack-octavia-x86_64-1.0.6~dev3-12.29.1
      venv-openstack-sahara-x86_64-7.0.5~dev4-11.28.1
      venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.21.1
      venv-openstack-trove-x86_64-8.0.2~dev2-11.28.1

   - SUSE OpenStack Cloud 8 (x86_64):

      ansible-2.9.14-3.15.1
      grafana-6.7.4-4.12.1
      grafana-debuginfo-6.7.4-4.12.1
      python-Pillow-4.2.1-3.9.2
      python-Pillow-debuginfo-4.2.1-3.9.2
      python-Pillow-debugsource-4.2.1-3.9.2
      storm-1.2.3-3.6.1
      storm-nimbus-1.2.3-3.6.1
      storm-supervisor-1.2.3-3.6.1

   - HPE Helion Openstack 8 (x86_64):

      ansible-2.9.14-3.15.1
      grafana-6.7.4-4.12.1
      grafana-debuginfo-6.7.4-4.12.1
      python-Pillow-4.2.1-3.9.2
      python-Pillow-debuginfo-4.2.1-3.9.2
      python-Pillow-debugsource-4.2.1-3.9.2
      storm-1.2.3-3.6.1
      storm-nimbus-1.2.3-3.6.1
      storm-supervisor-1.2.3-3.6.1

   - HPE Helion Openstack 8 (noarch):

      ardana-ansible-8.0+git.1596735237.54109b1-3.77.1
      ardana-cinder-8.0+git.1596129856.263f430-3.43.1
      ardana-glance-8.0+git.1593631779.76fa9b7-3.24.1
      ardana-mq-8.0+git.1593618123.678c32b-3.26.1
      ardana-nova-8.0+git.1601298847.dd01585-3.42.1
      ardana-osconfig-8.0+git.1595885113.93abcbc-3.49.1
      documentation-hpe-helion-openstack-installation-8.20201007-1.29.1
      documentation-hpe-helion-openstack-operations-8.20201007-1.29.1
      documentation-hpe-helion-openstack-opsconsole-8.20201007-1.29.1
      documentation-hpe-helion-openstack-planning-8.20201007-1.29.1
      documentation-hpe-helion-openstack-security-8.20201007-1.29.1
      documentation-hpe-helion-openstack-user-8.20201007-1.29.1
      grafana-natel-discrete-panel-0.0.9-3.3.6
      openstack-cinder-11.2.3~dev29-3.28.2
      openstack-cinder-api-11.2.3~dev29-3.28.2
      openstack-cinder-backup-11.2.3~dev29-3.28.2
      openstack-cinder-doc-11.2.3~dev29-3.28.1
      openstack-cinder-scheduler-11.2.3~dev29-3.28.2
      openstack-cinder-volume-11.2.3~dev29-3.28.2
      openstack-monasca-installer-20190923_16.32-3.15.1
      openstack-neutron-11.0.9~dev69-3.37.2
      openstack-neutron-dhcp-agent-11.0.9~dev69-3.37.2
      openstack-neutron-doc-11.0.9~dev69-3.37.1
      openstack-neutron-ha-tool-11.0.9~dev69-3.37.2
      openstack-neutron-l3-agent-11.0.9~dev69-3.37.2
      openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.37.2
      openstack-neutron-macvtap-agent-11.0.9~dev69-3.37.2
      openstack-neutron-metadata-agent-11.0.9~dev69-3.37.2
      openstack-neutron-metering-agent-11.0.9~dev69-3.37.2
      openstack-neutron-openvswitch-agent-11.0.9~dev69-3.37.2
      openstack-neutron-server-11.0.9~dev69-3.37.2
      openstack-nova-16.1.9~dev76-3.39.2
      openstack-nova-api-16.1.9~dev76-3.39.2
      openstack-nova-cells-16.1.9~dev76-3.39.2
      openstack-nova-compute-16.1.9~dev76-3.39.2
      openstack-nova-conductor-16.1.9~dev76-3.39.2
      openstack-nova-console-16.1.9~dev76-3.39.2
      openstack-nova-consoleauth-16.1.9~dev76-3.39.2
      openstack-nova-doc-16.1.9~dev76-3.39.1
      openstack-nova-novncproxy-16.1.9~dev76-3.39.2
      openstack-nova-placement-api-16.1.9~dev76-3.39.2
      openstack-nova-scheduler-16.1.9~dev76-3.39.2
      openstack-nova-serialproxy-16.1.9~dev76-3.39.2
      openstack-nova-vncproxy-16.1.9~dev76-3.39.2
      python-Django-1.11.29-3.19.2
      python-Flask-Cors-3.0.3-3.3.1
      python-ardana-packager-0.0.3-7.7.2
      python-cinder-11.2.3~dev29-3.28.2
      python-keystoneclient-3.13.1-3.3.2
      python-keystoneclient-doc-3.13.1-3.3.2
      python-keystonemiddleware-4.17.1-5.3.1
      python-kombu-4.1.0-3.7.1
      python-neutron-11.0.9~dev69-3.37.2
      python-nova-16.1.9~dev76-3.39.2
      python-urllib3-1.22-5.12.1
      release-notes-hpe-helion-openstack-8.20200922-3.23.1
      venv-openstack-aodh-x86_64-5.1.1~dev7-12.28.1
      venv-openstack-barbican-x86_64-5.0.2~dev3-12.29.1
      venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.26.1
      venv-openstack-cinder-x86_64-11.2.3~dev29-14.30.1
      venv-openstack-designate-x86_64-5.0.3~dev7-12.27.1
      venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.24.1
      venv-openstack-glance-x86_64-15.0.3~dev3-12.27.1
      venv-openstack-heat-x86_64-9.0.8~dev22-12.29.1
      venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.32.1
      venv-openstack-ironic-x86_64-9.1.8~dev8-12.29.1
      venv-openstack-keystone-x86_64-12.0.4~dev11-11.30.1
      venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.28.1
      venv-openstack-manila-x86_64-5.1.1~dev5-12.33.1
      venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.24.1
      venv-openstack-monasca-x86_64-2.2.2~dev1-11.24.1
      venv-openstack-murano-x86_64-4.0.2~dev2-12.24.1
      venv-openstack-neutron-x86_64-11.0.9~dev69-13.32.1
      venv-openstack-nova-x86_64-16.1.9~dev76-11.30.1
      venv-openstack-octavia-x86_64-1.0.6~dev3-12.29.1
      venv-openstack-sahara-x86_64-7.0.5~dev4-11.28.1
      venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.21.1
      venv-openstack-trove-x86_64-8.0.2~dev2-11.28.1


References:

   https://www.suse.com/security/cve/CVE-2016-8614.html
   https://www.suse.com/security/cve/CVE-2016-8628.html
   https://www.suse.com/security/cve/CVE-2016-8647.html
   https://www.suse.com/security/cve/CVE-2016-9587.html
   https://www.suse.com/security/cve/CVE-2017-7466.html
   https://www.suse.com/security/cve/CVE-2017-7550.html
   https://www.suse.com/security/cve/CVE-2018-10875.html
   https://www.suse.com/security/cve/CVE-2018-11779.html
   https://www.suse.com/security/cve/CVE-2018-16837.html
   https://www.suse.com/security/cve/CVE-2018-16859.html
   https://www.suse.com/security/cve/CVE-2018-16876.html
   https://www.suse.com/security/cve/CVE-2018-18623.html
   https://www.suse.com/security/cve/CVE-2018-18624.html
   https://www.suse.com/security/cve/CVE-2018-18625.html
   https://www.suse.com/security/cve/CVE-2019-0202.html
   https://www.suse.com/security/cve/CVE-2019-10156.html
   https://www.suse.com/security/cve/CVE-2019-10206.html
   https://www.suse.com/security/cve/CVE-2019-10217.html
   https://www.suse.com/security/cve/CVE-2019-14846.html
   https://www.suse.com/security/cve/CVE-2019-14856.html
   https://www.suse.com/security/cve/CVE-2019-14858.html
   https://www.suse.com/security/cve/CVE-2019-14864.html
   https://www.suse.com/security/cve/CVE-2019-14904.html
   https://www.suse.com/security/cve/CVE-2019-14905.html
   https://www.suse.com/security/cve/CVE-2019-19844.html
   https://www.suse.com/security/cve/CVE-2019-3828.html
   https://www.suse.com/security/cve/CVE-2020-10177.html
   https://www.suse.com/security/cve/CVE-2020-10378.html
   https://www.suse.com/security/cve/CVE-2020-10684.html
   https://www.suse.com/security/cve/CVE-2020-10685.html
   https://www.suse.com/security/cve/CVE-2020-10691.html
   https://www.suse.com/security/cve/CVE-2020-10729.html
   https://www.suse.com/security/cve/CVE-2020-10744.html
   https://www.suse.com/security/cve/CVE-2020-10994.html
   https://www.suse.com/security/cve/CVE-2020-11110.html
   https://www.suse.com/security/cve/CVE-2020-14330.html
   https://www.suse.com/security/cve/CVE-2020-14332.html
   https://www.suse.com/security/cve/CVE-2020-14365.html
   https://www.suse.com/security/cve/CVE-2020-1733.html
   https://www.suse.com/security/cve/CVE-2020-1734.html
   https://www.suse.com/security/cve/CVE-2020-1735.html
   https://www.suse.com/security/cve/CVE-2020-1736.html
   https://www.suse.com/security/cve/CVE-2020-1737.html
   https://www.suse.com/security/cve/CVE-2020-17376.html
   https://www.suse.com/security/cve/CVE-2020-1738.html
   https://www.suse.com/security/cve/CVE-2020-1739.html
   https://www.suse.com/security/cve/CVE-2020-1740.html
   https://www.suse.com/security/cve/CVE-2020-1746.html
   https://www.suse.com/security/cve/CVE-2020-1753.html
   https://www.suse.com/security/cve/CVE-2020-25032.html
   https://www.suse.com/security/cve/CVE-2020-26137.html
   https://www.suse.com/security/cve/CVE-2020-7471.html
   https://www.suse.com/security/cve/CVE-2020-9402.html
   https://bugzilla.suse.com/1008037
   https://bugzilla.suse.com/1008038
   https://bugzilla.suse.com/1010940
   https://bugzilla.suse.com/1019021
   https://bugzilla.suse.com/1038785
   https://bugzilla.suse.com/1056094
   https://bugzilla.suse.com/1059235
   https://bugzilla.suse.com/1080682
   https://bugzilla.suse.com/1097775
   https://bugzilla.suse.com/1102126
   https://bugzilla.suse.com/1109957
   https://bugzilla.suse.com/1112959
   https://bugzilla.suse.com/1117080
   https://bugzilla.suse.com/1118896
   https://bugzilla.suse.com/1123561
   https://bugzilla.suse.com/1126503
   https://bugzilla.suse.com/1137479
   https://bugzilla.suse.com/1137528
   https://bugzilla.suse.com/1142121
   https://bugzilla.suse.com/1142542
   https://bugzilla.suse.com/1144453
   https://bugzilla.suse.com/1153452
   https://bugzilla.suse.com/1154231
   https://bugzilla.suse.com/1154232
   https://bugzilla.suse.com/1154830
   https://bugzilla.suse.com/1157968
   https://bugzilla.suse.com/1157969
   https://bugzilla.suse.com/1159447
   https://bugzilla.suse.com/1161919
   https://bugzilla.suse.com/1164133
   https://bugzilla.suse.com/1164134
   https://bugzilla.suse.com/1164135
   https://bugzilla.suse.com/1164136
   https://bugzilla.suse.com/1164137
   https://bugzilla.suse.com/1164138
   https://bugzilla.suse.com/1164139
   https://bugzilla.suse.com/1164140
   https://bugzilla.suse.com/1165022
   https://bugzilla.suse.com/1165393
   https://bugzilla.suse.com/1166389
   https://bugzilla.suse.com/1167440
   https://bugzilla.suse.com/1167532
   https://bugzilla.suse.com/1171162
   https://bugzilla.suse.com/1171823
   https://bugzilla.suse.com/1172450
   https://bugzilla.suse.com/1173413
   https://bugzilla.suse.com/1173416
   https://bugzilla.suse.com/1173418
   https://bugzilla.suse.com/1174006
   https://bugzilla.suse.com/1174145
   https://bugzilla.suse.com/1174242
   https://bugzilla.suse.com/1174302
   https://bugzilla.suse.com/1174583
   https://bugzilla.suse.com/1175484
   https://bugzilla.suse.com/1175986
   https://bugzilla.suse.com/1175993
   https://bugzilla.suse.com/1177120
   https://bugzilla.suse.com/1177948



More information about the sle-security-updates mailing list