SUSE-CU-2022:78-1: Security update of caasp/v4/prometheus

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Thu Jan 27 08:00:51 UTC 2022


SUSE Container Update Advisory: caasp/v4/prometheus
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2022:78-1
Container Tags        : caasp/v4/grafana:7.5.12 , caasp/v4/grafana:7.5.12-rev3 , caasp/v4/prometheus:7.5.12-rev3-build1.5.424
Container Release     : 1.5.424
Severity              : critical
Type                  : security
References            : 1027496 1029961 1029961 1040589 1047218 1050625 1078466 1084671
                        1106014 1113013 1122417 1125886 1131670 1134353 1141597 1146705
                        1148383 1153687 1154935 1157818 1158812 1158958 1158959 1158960
                        1159491 1159715 1159847 1159850 1160309 1160438 1160439 1161268
                        1162581 1164719 1167471 1169006 1170557 1170657 1171962 1172091
                        1172115 1172234 1172236 1172240 1172308 1172409 1172450 1172973
                        1172974 1173641 1174016 1174436 1174504 1174942 1175448 1175449
                        1175458 1175514 1175519 1175623 1175951 1176201 1176823 1177238
                        1177275 1177427 1177490 1177583 1177884 1177976 1178072 1178219
                        1178236 1178243 1178386 1178554 1178561 1178577 1178624 1178675
                        1178775 1178775 1178823 1178825 1178909 1178910 1178966 1179083
                        1179222 1179363 1179503 1179555 1179566 1179694 1179721 1179816
                        1179824 1179847 1179909 1180020 1180038 1180064 1180073 1180077
                        1180083 1180138 1180225 1180583 1180585 1180596 1180603 1180603
                        1180603 1180663 1180721 1180851 1180885 1180995 1181011 1181124
                        1181328 1181443 1181474 1181505 1181622 1181831 1181874 1181976
                        1182016 1182117 1182279 1182328 1182331 1182333 1182339 1182362
                        1182372 1182408 1182411 1182412 1182413 1182415 1182416 1182417
                        1182418 1182419 1182420 1182603 1182604 1182629 1182791 1182936
                        1183064 1183085 1183094 1183268 1183370 1183371 1183456 1183457
                        1183589 1183628 1183791 1183797 1183803 1183809 1183811 1183813
                        1183933 1183959 1184326 1184358 1184371 1184399 1184401 1184435
                        1184614 1184614 1184690 1184761 1184967 1184994 1184994 1184997
                        1184997 1185016 1185046 1185163 1185239 1185325 1185331 1185408
                        1185408 1185409 1185409 1185410 1185410 1185417 1185438 1185524
                        1185540 1185562 1185698 1185807 1185958 1186015 1186049 1186114
                        1186447 1186489 1186503 1186602 1186910 1187060 1187153 1187210
                        1187212 1187224 1187270 1187273 1187292 1187400 1187425 1187466
                        1187512 1187654 1187738 1187760 1187911 1187993 1188018 1188063
                        1188063 1188156 1188217 1188218 1188219 1188220 1188291 1188344
                        1188435 1188571 1188623 1188713 1188921 1189031 1189206 1189465
                        1189465 1189480 1189521 1189521 1189683 1189803 1189929 1189996
                        1190052 1190059 1190199 1190234 1190325 1190356 1190373 1190374
                        1190440 1190465 1190645 1190712 1190739 1190793 1190815 1190915
                        1190933 1190984 1191194 1191252 1191286 1191324 1191370 1191454
                        1191563 1191609 1191987 1192161 1192248 1192337 1192436 1192688
                        1192717 1192790 1193480 1193481 1193488 1193521 1193688 928700
                        928701 954813 CVE-2015-3414 CVE-2015-3415 CVE-2016-10228 CVE-2017-9271
                        CVE-2018-18623 CVE-2019-15043 CVE-2019-19244 CVE-2019-19317 CVE-2019-19499
                        CVE-2019-19603 CVE-2019-19645 CVE-2019-19646 CVE-2019-19880 CVE-2019-19923
                        CVE-2019-19924 CVE-2019-19925 CVE-2019-19926 CVE-2019-19959 CVE-2019-20218
                        CVE-2019-20838 CVE-2019-25013 CVE-2020-12052 CVE-2020-12245 CVE-2020-13379
                        CVE-2020-13434 CVE-2020-13435 CVE-2020-13630 CVE-2020-13631 CVE-2020-13632
                        CVE-2020-14155 CVE-2020-15358 CVE-2020-24303 CVE-2020-24370 CVE-2020-24371
                        CVE-2020-25709 CVE-2020-25710 CVE-2020-27618 CVE-2020-29361 CVE-2020-29562
                        CVE-2020-29573 CVE-2020-36221 CVE-2020-36222 CVE-2020-36223 CVE-2020-36224
                        CVE-2020-36225 CVE-2020-36226 CVE-2020-36227 CVE-2020-36228 CVE-2020-36229
                        CVE-2020-36230 CVE-2020-9327 CVE-2021-20231 CVE-2021-20232 CVE-2021-20305
                        CVE-2021-22876 CVE-2021-22898 CVE-2021-22922 CVE-2021-22923 CVE-2021-22924
                        CVE-2021-22925 CVE-2021-22946 CVE-2021-22947 CVE-2021-23840 CVE-2021-23841
                        CVE-2021-24031 CVE-2021-24032 CVE-2021-27212 CVE-2021-27218 CVE-2021-27219
                        CVE-2021-27358 CVE-2021-27962 CVE-2021-28146 CVE-2021-28147 CVE-2021-28148
                        CVE-2021-3326 CVE-2021-33560 CVE-2021-33574 CVE-2021-33910 CVE-2021-33910
                        CVE-2021-3516 CVE-2021-3516 CVE-2021-3517 CVE-2021-3517 CVE-2021-3518
                        CVE-2021-3518 CVE-2021-3520 CVE-2021-3537 CVE-2021-3541 CVE-2021-3580
                        CVE-2021-35942 CVE-2021-36222 CVE-2021-3712 CVE-2021-3712 CVE-2021-37600
                        CVE-2021-37750 CVE-2021-38185 CVE-2021-38185 CVE-2021-39226 CVE-2021-39537
                        CVE-2021-43618 CVE-2021-43813 
-----------------------------------------------------------------

The container caasp/v4/prometheus was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3853-1
Released:    Wed Dec 16 12:27:27 2020
Summary:     Recommended update for util-linux
Type:        recommended
Severity:    moderate
References:  1084671,1169006,1174942,1175514,1175623,1178554,1178825
This update for util-linux fixes the following issue:

- Do not trigger the automatic close of CDROM. (bsc#1084671)
- Try to automatically configure broken serial lines. (bsc#1175514)
- Avoid `sulogin` failing on not existing or not functional console devices. (bsc#1175514)
- Build with `libudev` support to support non-root users. (bsc#1169006)
- Avoid memory errors on PowerPC systems with valid hardware configurations. (bsc#1175623, bsc#1178554, bsc#1178825)
- Fix warning on mounts to `CIFS` with mount –a. (bsc#1174942)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3942-1
Released:    Tue Dec 29 12:22:01 2020
Summary:     Recommended update for libidn2
Type:        recommended
Severity:    moderate
References:  1180138
This update for libidn2 fixes the following issues:

- The library is actually dual licensed, GPL-2.0-or-later or LGPL-3.0-or-later,
  adjusted the RPM license tags (bsc#1180138)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3943-1
Released:    Tue Dec 29 12:24:45 2020
Summary:     Recommended update for libxml2
Type:        recommended
Severity:    moderate
References:  1178823
This update for libxml2 fixes the following issues:

Avoid quadratic checking of identity-constraints, speeding up XML validation (bsc#1178823)
* key/unique/keyref schema attributes currently use quadratic loops
  to check their various constraints (that keys are unique and that
  keyrefs refer to existing keys).
* This fix uses a hash table to avoid the quadratic behaviour.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:129-1
Released:    Thu Jan 14 12:26:15 2021
Summary:     Security update for openldap2
Type:        security
Severity:    moderate
References:  1178909,1179503,CVE-2020-25709,CVE-2020-25710
This update for openldap2 fixes the following issues:

Security issues fixed:

- CVE-2020-25709: Fixed a crash caused by specially crafted network traffic (bsc#1178909).
- CVE-2020-25710: Fixed a crash caused by specially crafted network traffic (bsc#1178909).

Non-security issue fixed:

- Retry binds in the LDAP backend when the remote LDAP server disconnected the (idle) LDAP connection. (bsc#1179503)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:220-1
Released:    Tue Jan 26 14:00:51 2021
Summary:     Recommended update for keyutils
Type:        recommended
Severity:    moderate
References:  1180603
This update for keyutils fixes the following issues:

- Adjust the library license to be LPGL-2.1+ only (the tools are GPL2+, the library is just LGPL-2.1+) (bsc#1180603)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:233-1
Released:    Wed Jan 27 12:15:33 2021
Summary:     Recommended update for systemd
Type:        recommended
Severity:    moderate
References:  1141597,1174436,1175458,1177490,1179363,1179824,1180225
This update for systemd fixes the following issues:

- Added a timestamp to the output of the busctl monitor command (bsc#1180225)
- Fixed a NULL pointer dereference bug when attempting to close the journal file handle (bsc#1179824)
- Improved the caching of cgroups member mask (bsc#1175458)
- Fixed the dependency definition of sound.target (bsc#1179363)
- Fixed a bug that could lead to a potential error, when daemon-reload is called between
  StartTransientUnit and scope_start() (bsc#1174436)
- time-util: treat /etc/localtime missing as UTC (bsc#1141597)
- Removed mq-deadline selection from 60-io-scheduler.rules (bsc#1177490)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:265-1
Released:    Mon Feb  1 15:06:45 2021
Summary:     Recommended update for systemd
Type:        recommended
Severity:    important
References:  1178775,1180885
This update for systemd fixes the following issues:

- Fix for udev creating '/dev/disk/by-label' symlink for 'LUKS2' to avoid mount issues. (bsc#1180885, #8998))
- Fix for an issue when container start causes interference in other containers. (bsc#1178775)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:293-1
Released:    Wed Feb  3 12:52:34 2021
Summary:     Recommended update for gmp
Type:        recommended
Severity:    moderate
References:  1180603
This update for gmp fixes the following issues:

- correct license statements of packages (library itself is no GPL-3.0) (bsc#1180603)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:305-1
Released:    Thu Feb  4 15:00:37 2021
Summary:     Recommended update for libprotobuf
Type:        recommended
Severity:    moderate
References:  

libprotobuf was updated to fix:

- ship the libprotobuf-lite15 on the base products. (jsc#ECO-2911)
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:307-1
Released:    Fri Feb  5 05:30:34 2021
Summary:     Recommended update for libselinux
Type:        recommended
Severity:    low
References:  1180603
This update for libselinux fixes the following issues:

- Corrected the license to public domain (bsc#1180603)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:333-1
Released:    Mon Feb  8 10:31:48 2021
Summary:     Recommended update for SUSE Manager Client Tools
Type:        recommended
Severity:    moderate
References:  1176823,1177884,1179555,1179566
This update fixes the following issues:

golang-github-prometheus-alertmanager:

- Exclude s390 architecture
- Update packaging
  * Remove systemd and shadow hard requirements
  * use the system user provided by the system-user-prometheus subpackge
  * add 'prometheus-alertmanager' package alias

golang-github-prometheus-prometheus:

- Update to upstream version 2.22.1
- Update packaging
  * Remove systemd and shadow hard requirements
  * use systemd-sysusers to configure the user in a dedicated 'system-user-prometheus' subpackage
  * add 'prometheus' package alias

grafana:

- Update packaging
  * avoid systemd and shadow hard requirements
  * Require the user from a new dedicated 'system-user-grafana' sibling package
  * avoid pinning to a specific Go version in the spec file
- Update to version 7.3.1:
  * Breaking changes
    - CloudWatch: The AWS CloudWatch data source's authentication scheme has changed. See the upgrade notes for details 
      and how this may affect you.
    - Units: The date time units `YYYY-MM-DD HH:mm:ss` and `MM/DD/YYYY h:mm:ss a` have been renamed to `Datetime ISO` 
      and `Datetime US` respectively.
  * Features / Enhancements
    - AzureMonitor: Support decimal (as float64) type in analytics/logs.
    - Add monitoring mixing for Grafana.
    - CloudWatch: Missing Namespace AWS/EC2CapacityReservations.
    - CloudWatch: Add support for AWS DirectConnect virtual interface metrics and add missing dimensions.
    - CloudWatch: Adding support for Amazon ElastiCache Redis metrics.
    - CloudWatch: Adding support for additional Amazon CloudFront metrics.
    - CloudWatch: Re-implement authentication.
    - Elasticsearch: Support multiple pipeline aggregations for a query.
    - Prometheus: Add time range parameters to labels API.
    - Loki: Visually distinguish error logs for LogQL2.
    - Api: Add /healthz endpoint for health checks.
    - API: Enrich add user to org endpoints with user ID in the response.
    - API: Enrich responses and improve error handling for alerting API endpoints.
    - Elasticsearch: Add support for date_nanos type.
    - Elasticsearch: Allow fields starting with underscore.
    - Elasticsearch: Increase maximum geohash aggregation precision to 12.
    - Postgres: Support request cancellation properly (Uses new backendSrv.fetch Observable request API).
    - Provisioning: Remove provisioned dashboards without parental reader.
    - API: Return ID of the deleted resource for dashboard, datasource and folder DELETE endpoints.
    - API: Support paging in the admin orgs list API.
    - API: return resource ID for auth key creation, folder permissions update and user invite complete endpoints.
    - BackendSrv: Uses credentials, deprecates withCredentials & defaults to same-origin.
    - CloudWatch: Update list of AmazonMQ metrics and dimensions.
    - Cloudwatch: Add Support for external ID in assume role.
    - Cloudwatch: Add af-south-1 region.
    - DateFormats: Default ISO & US formats never omit date part even if date is today (breaking change).
    - Explore: Transform prometheus query to elasticsearch query.
    - InfluxDB/Flux: Increase series limit for Flux datasource.
    - InfluxDB: exclude result and table column from Flux table results.
    - InfluxDB: return a table rather than an error when timeseries is missing time.
    - Loki: Add scopedVars support in legend formatting for repeated variables.
    - Loki: Re-introduce running of instant queries.
    - Loki: Support request cancellation properly (Uses new backendSrv.fetch Observable request API).
    - MixedDatasource: Shows retrieved data even if a data source fails.
    - Postgres: Support Unix socket for host.
    - Prometheus: Add scopedVars support in legend formatting for repeated variables.
    - Prometheus: Support request cancellation properly (Uses new backendSrv.fetch Observable request API).
    - Prometheus: add $__rate_interval variable.
    - Table: Adds column filtering.
    - grafana-cli: Add ability to read password from stdin to reset admin password.
    - Variables: enables cancel for slow query variables queries.
    - AzureMonitor: fix panic introduced in 7.1.4 when unit was unspecified and alias was used.
    - TextPanel: Fix content overflowing panel boundaries.
    - Fix golang version = 1.14 to avoid dependency conflicts on some OBS projects
- Update to version 7.0.0
  * Remove phantomJS patch from Makefile

mgr-osad:

- Change the log file permissions as expected by logrotate (bsc#1177884)

spacecmd:

- Fix spacecmd with no parameters produces traceback on SLE 11 SP4 (bsc#1176823)
- Added '-r REVISION' option to the 'configchannel_updateinitsls' command (bsc#1179566)
- Fix: internal: workaround for future tee of logs translation

uyuni-common-libs:

- Section in Debian packages in now treated as optional (bsc#1179555)


-----------------------------------------------------------------
Advisory ID: SUSE-OU-2021:339-1
Released:    Mon Feb  8 13:16:07 2021
Summary:     Optional update for pam
Type:        optional
Severity:    low
References:  
This update for pam fixes the following issues:

- Added rpm macros for this package, so that other packages can make use of it

This patch is optional to be installed - it doesn't fix any bugs.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:644-1
Released:    Fri Feb 26 11:21:54 2021
Summary:     Recommended Beta update for SUSE Manager Client Tools
Type:        recommended
Severity:    moderate
References:  1180583,1180585
This update fixes the following issues:

spacecmd:

- Deprecated 'Software Crashes' feature
- Document advanced package search on '--help' (bsc#1180583)
- Fixed advanced search on 'package_listinstalledsystems'
- Fixed duplicate results when using multiple search criteria (bsc#1180585)


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:653-1
Released:    Fri Feb 26 19:53:43 2021
Summary:     Security update for glibc
Type:        security
Severity:    important
References:  1178386,1179694,1179721,1180038,1181505,1182117,CVE-2019-25013,CVE-2020-27618,CVE-2020-29562,CVE-2020-29573,CVE-2021-3326
This update for glibc fixes the following issues:

- Fix buffer overrun in EUC-KR conversion module (CVE-2019-25013, bsc#1182117, BZ #24973)
- x86: Harden printf against non-normal long double values (CVE-2020-29573, bsc#1179721, BZ #26649)
- gconv: Fix assertion failure in ISO-2022-JP-3 module (CVE-2021-3326, bsc#1181505, BZ #27256)
- iconv: Accept redundant shift sequences in IBM1364 (CVE-2020-27618, bsc#1178386, BZ #26224)
- iconv: Fix incorrect UCS4 inner loop bounds (CVE-2020-29562, bsc#1179694, BZ #26923)
- Fix parsing of /sys/devices/system/cpu/online (bsc#1180038, BZ #25859)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:723-1
Released:    Mon Mar  8 16:45:27 2021
Summary:     Security update for openldap2
Type:        security
Severity:    important
References:  1182279,1182408,1182411,1182412,1182413,1182415,1182416,1182417,1182418,1182419,1182420,CVE-2020-36221,CVE-2020-36222,CVE-2020-36223,CVE-2020-36224,CVE-2020-36225,CVE-2020-36226,CVE-2020-36227,CVE-2020-36228,CVE-2020-36229,CVE-2020-36230,CVE-2021-27212
This update for openldap2 fixes the following issues:

- bsc#1182408 CVE-2020-36230 - an assertion failure in slapd in the
  X.509 DN parsing in decode.c ber_next_element, resulting in denial
  of service.
- bsc#1182411 CVE-2020-36229 - ldap_X509dn2bv crash in the X.509 DN
  parsing in ad_keystring, resulting in denial of service.
- bsc#1182412 CVE-2020-36228 - integer underflow leading to crash
  in the Certificate List Exact Assertion processing, resulting in
  denial of service.
- bsc#1182413 CVE-2020-36227 - infinite loop in slapd with the
  cancel_extop Cancel operation, resulting in denial of service.
- bsc#1182416 CVE-2020-36225 - double free and slapd crash in the
  saslAuthzTo processing, resulting in denial of service.
- bsc#1182417 CVE-2020-36224 - invalid pointer free and slapd crash
  in the saslAuthzTo processing, resulting in denial of service.
- bsc#1182415 CVE-2020-36226 - memch->bv_len miscalculation and slapd
  crash in the saslAuthzTo processing, resulting in denial of service.
- bsc#1182419 CVE-2020-36222 - assertion failure in slapd in the
  saslAuthzTo validation, resulting in denial of service.
- bsc#1182420 CVE-2020-36221 - slapd crashes in the Certificate Exact
  Assertion processing, resulting in denial of service (schema_init.c
  serialNumberAndIssuerCheck).
- bsc#1182418 CVE-2020-36223 - slapd crash in the Values Return Filter
  control handling, resulting in denial of service (double free and
  out-of-bounds read).
- bsc#1182279 CVE-2021-27212 - an assertion failure in slapd can occur
    in the issuerAndThisUpdateCheck function via a crafted packet,
    resulting in a denial of service (daemon exit) via a short timestamp.
    This is related to schema_init.c and checkTime.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:753-1
Released:    Tue Mar  9 17:09:57 2021
Summary:     Security update for openssl-1_1
Type:        security
Severity:    moderate
References:  1182331,1182333,CVE-2021-23840,CVE-2021-23841
This update for openssl-1_1 fixes the following issues:

- CVE-2021-23840: Fixed an Integer overflow in CipherUpdate (bsc#1182333)
- CVE-2021-23841: Fixed a Null pointer dereference in X509_issuer_and_serial_hash() (bsc#1182331)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:786-1
Released:    Mon Mar 15 11:19:23 2021
Summary:     Recommended update for zlib
Type:        recommended
Severity:    moderate
References:  1176201
This update for zlib fixes the following issues:

- Fixed hw compression on z15 (bsc#1176201)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:890-1
Released:    Fri Mar 19 15:51:41 2021
Summary:     Security update for glib2
Type:        security
Severity:    important
References:  1182328,1182362,CVE-2021-27218,CVE-2021-27219
This update for glib2 fixes the following issues:

- CVE-2021-27218: g_byte_array_new_take takes a gsize as length but stores in a guint, this patch will refuse if the length is larger than guint. (bsc#1182328)

- CVE-2021-27219: g_memdup takes a guint as parameter and sometimes leads into an integer overflow, so add a g_memdup2 function which uses gsize to replace it. (bsc#1182362)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:924-1
Released:    Tue Mar 23 10:00:49 2021
Summary:     Recommended update for filesystem
Type:        recommended
Severity:    moderate
References:  1078466,1146705,1175519,1178775,1180020,1180083,1180596,1181011,1181831,1183094
This update for filesystem the following issues:

- Remove duplicate line due to merge error
- Add fix for 'mesa' creating cache with perm 0700. (bsc#1181011) 
- Fixed an issue causing failure during installation/upgrade a failure. (rh#1548403) (bsc#1146705)
- Allows to override config to add cleanup options of '/var/tmp'. (bsc#1078466)
- Create config to cleanup '/tmp' regular required with 'tmpfs'. (bsc#1175519)

This update for systemd fixes the following issues:

- Fix for a possible memory leak. (bsc#1180020)
- Fix for a case when to a bind mounted directory results inactive mount units. (#7811) (bsc#1180596)
- Fixed an issue when starting a container conflicts with another one. (bsc#1178775)
- Drop most of the tmpfiles that deal with generic paths and avoid warnings. (bsc#1078466, bsc#1181831)
- Don't use shell redirections when calling a rpm macro. (bsc#1183094)
- 'systemd' requires 'aaa_base' >= 13.2. (bsc#1180083)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:934-1
Released:    Wed Mar 24 12:18:21 2021
Summary:     Security update for gnutls
Type:        security
Severity:    important
References:  1183456,1183457,CVE-2021-20231,CVE-2021-20232
This update for gnutls fixes the following issues:

- CVE-2021-20232: Fixed a use after free issue which could have led to memory corruption and other potential consequences (bsc#1183456).
- CVE-2021-20231: Fixed a use after free issue which could have led to memory corruption and other potential consequences (bsc#1183457).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:948-1
Released:    Wed Mar 24 14:31:34 2021
Summary:     Security update for zstd
Type:        security
Severity:    moderate
References:  1183370,1183371,CVE-2021-24031,CVE-2021-24032
This update for zstd fixes the following issues:

- CVE-2021-24031: Added read permissions to files while being compressed or uncompressed (bsc#1183371).
- CVE-2021-24032: Fixed a race condition which could have allowed an attacker to access world-readable destination file (bsc#1183370).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:956-1
Released:    Thu Mar 25 19:19:02 2021
Summary:     Security update for libzypp, zypper
Type:        security
Severity:    moderate
References:  1050625,1174016,1177238,1177275,1177427,1177583,1178910,1178966,1179083,1179222,1179816,1179847,1179909,1180077,1180663,1180721,1181328,1181622,1182629,CVE-2017-9271
This update for libzypp, zypper fixes the following issues:

Update zypper to version 1.14.43:

- doc: give more details about creating versioned package locks
  (bsc#1181622)
- man: Document synonymously used patch categories (bsc#1179847)
- Fix source-download commands help (bsc#1180663)
- man: Recommend to use the --non-interactive global option rather than the command option -y (bsc#1179816)
- Extend apt packagemap (fixes #366)
- --quiet: Fix install summary to write nothing if there's nothing todo (bsc#1180077)
- Prefer /run over /var/run.

Update libzypp to 17.25.8:

- Try to provide a mounted /proc in --root installs (bsc#1181328)
  Some systemd tools require /proc to be mounted and fail if it's
  not there.
- Enable release packages to request a releaxed suse/opensuse
  vendorcheck in dup when migrating. (bsc#1182629)
- Patch: Identify well-known category names (bsc#1179847)
  This allows to use the RH and SUSE patch categrory names
  synonymously:
  (recommended = bugfix) and (optional = feature = enhancement).
- Add missing includes for GCC 11 compatibility.
- Fix %posttrans script execution (fixes #265)
  The scripts are execuable. No need to call them through 'sh -c'.
- Commit: Fix rpmdb compat symlink in case rpm got removed.
- Repo: Allow multiple baseurls specified on one line (fixes #285)
- Regex: Fix memory leak and undefined behavior.
- Add rpm buildrequires for test suite (fixes #279)
- Use rpmdb2solv new -D switch to tell the location ob the
  rpmdatabase to use.
- CVE-2017-9271: Fixed information leak in the log file (bsc#1050625 bsc#1177583)
- RepoManager: Force refresh if repo url has changed (bsc#1174016)
- RepoManager: Carefully tidy up the caches. Remove non-directory entries. (bsc#1178966)
- RepoInfo: ignore legacy type= in a .repo file and let RepoManager probe (bsc#1177427).
- RpmDb: If no database exists use the _dbpath configured in rpm.  Still makes sure a compat
  symlink at /var/lib/rpm exists in case the configures _dbpath is elsewhere. (bsc#1178910)
- Fixed update of gpg keys with elongated expire date (bsc#1179222)
- needreboot: remove udev from the list (bsc#1179083)
- Fix lsof monitoring (bsc#1179909)
- Rephrase solver problem descriptions (jsc#SLE-8482)
- Adapt to changed gpg2/libgpgme behavior (bsc#1180721)
- Multicurl backend breaks with with unknown filesize (fixes #277)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1004-1
Released:    Thu Apr  1 15:07:09 2021
Summary:     Recommended update for libcap
Type:        recommended
Severity:    moderate
References:  1180073
This update for libcap fixes the following issues:

- Added support for the ambient capabilities (jsc#SLE-17092, jsc#ECO-3460)
- Changed the license tag from 'BSD-3-Clause and GPL-2.0' to 'BSD-3-Clause OR GPL-2.0-only' (bsc#1180073)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1141-1
Released:    Mon Apr 12 13:13:36 2021
Summary:     Recommended update for openldap2
Type:        recommended
Severity:    low
References:  1182791
This update for openldap2 fixes the following issues:

- Improved the proxy connection timeout options to prune connections properly (bsc#1182791)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1169-1
Released:    Tue Apr 13 15:01:42 2021
Summary:     Recommended update for procps
Type:        recommended
Severity:    low
References:  1181976
This update for procps fixes the following issues:

- Corrected a statement in the man page about processor pinning via taskset (bsc#1181976)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1230-1
Released:    Thu Apr 15 17:09:58 2021
Summary:     Recommended update for SUSE Manager Client Tools
Type:        recommended
Severity:    moderate
References:  1131670,1178072,1181124,1181474,1182339,1182603,1183959

This update fixes the following issues:

golang-github-boynux-squid_exporter:

- Build requires Go 1.15
- Add %license macro for LICENSE file 

golang-github-lusitaniae-apache_exporter:

- Build with Go 1.15

golang-github-prometheus-prometheus:

- Uyuni: `hostname` label is now set to FQDN instead of IP

grafana:

- Update to version 7.4.2:
  * Make Datetime local (No date if today) working (#31274) (#31275)
  * 'Release: Updated versions in package to 7.4.2' (#31272)
  * [v7.4.x] Chore: grafana-toolkit uses grafana-ui and grafana-data workspaces (#31269)
  * Snapshots: Disallow anonymous user to create snapshots (#31263) (#31266)
  * only update usagestats every 30min (#31131) (#31262)
  * Prometheus: Fix enabling of disabled queries when editing in dashboard (#31055) (#31248)
  * CloudWatch: Ensure empty query row errors are not passed to the panel (#31172) (#31245)
  * StatPanels: Fixes to palette color scheme is not cleared when loading panel (#31126) (#31246)
  * QueryEditors: Fixes issue that happens after moving queries then editing would update other queries (#31193) (#31244)
  * LibraryPanels: Disconnect before connect during dashboard save (#31235) (#31238)
  * SqlDataSources: Fixes the Show Generated SQL button in query editors (#31236) (#31239)
  * Variables: Adds back default option for data source variable (#31208) (#31232)
  * IPv6: Support host address configured with enclosing square brackets (#31226) (#31228)
  * Postgres: Fix timeGroup macro converts long intervals to invalid numbers when TimescaleDB is enabled (#31179) (#31224)
  * Remove last synchronisation field from LDAP debug view (#30984) (#31221)
  * [v7.4.x]: Sync drone config from master to stable release branch (#31213)
  * DataSourceSrv: Filter out non queryable data sources by default (#31144) (#31214)
  * Alerting: Fix modal text for deleting obsolete notifier (#31171) (#31209)
  * Variables: Fixes missing empty elements from regex filters (#31156) (#31201)
  * DashboardLinks: Fixes links always cause full page reload (#31178) (#31181)
  * DashboardListPanel: Fixes issue with folder picker always showing All and using old form styles (#31160) (#31162)
  * Permissions: Fix team and role permissions on folders/dashboards not displayed for non Grafana Admin users (#31132) (#31176)
  * Prometheus: Multiply exemplars timestamp to follow api change (#31143) (#31170)
- Added add-gotest-module.patch to fix 'inconsistent vendoring' build failure
- Update to version 7.4.1:
  * 'Release: Updated versions in package to 7.4.1' (#31128)
  * Transforms: Fixes Outer join issue with duplicate field names not getting the same unique field names as before  (#31121) (#31127)
  * MuxWriter: Handle error for already closed file (#31119) (#31120)
  * Logging: sourcemap transform asset urls from CDN in logged stacktraces (#31115) (#31117)
  * Exemplars: Change CTA style (#30880) (#31105)
  * test: add support for timeout to be passed in for addDatasource (#30736) (#31090)
  * Influx: Make max series limit configurable and show the limiting message if applied (#31025) (#31100)
  * Elasticsearch: fix log row context erroring out (#31088) (#31094)
  * test: update addDashboard flow for v7.4.0 changes (#31059) (#31084)
  * Usage stats: Adds source/distributor setting (#31039) (#31076)
  * DashboardLinks: Fixes crash when link has no title (#31008) (#31050)
  * Make value mappings correctly interpret numeric-like strings (#30893) (#30912)
  * Elasticsearch: Fix alias field value not being shown in query editor (#30992) (#31037)
  * BarGauge: Improvements to value sizing and table inner width calculations  (#30990) (#31032)
  * convert path to posix by default (#31045) (#31053)
  * Alerting: Fixes so notification channels are properly deleted (#31040) (#31046)
  * Drone: Fix deployment image (#31027) (#31029)
  * Graph: Fixes so graph is shown for non numeric time values (#30972) (#31014)
  * instrumentation: make the first database histogram bucket smaller (#30995) (#31001)
  * Build: Releases e2e and e2e-selectors too (#31006) (#31007)
  * TextPanel: Fixes so panel title is updated when variables change (#30884) (#31005)
  * StatPanel: Fixes issue formatting date values using unit option (#30979) (#30991)
  * Units: Fixes formatting of duration units (#30982) (#30986)
  * Elasticsearch: Show Size setting for raw_data metric (#30980) (#30983)
  * Logging: sourcemap support for frontend stacktraces (#30590) (#30976)
  * e2e: extends selector factory to plugins (#30932) (#30934)
  * Variables: Adds queryparam formatting option (#30858) (#30924)
  * Exemplars: change api to reflect latest changes (#30910) (#30915)
  * 'Release: Updated versions in package to 7.4.0' (#30898)
  * DataSourceSettings: Adds info box and link to Grafana Cloud (#30891) (#30896)
  * GrafanaUI: Add a way to persistently close InfoBox (#30716) (#30895)
  * [7.4.x] AlertingNG: List saved Alert definitions in Alert Rule list (30890)(30603)
  * Alerting: Fixes alert panel header icon not showing (#30840) (#30885)
  * Plugins: Requests validator (#30445) (#30877)
  * PanelLibrary: Adds library panel meta information to dashboard json (#30770) (#30883)
  * bump grabpl version to 0.5.36 (#30874) (#30878)
  * Chore: remove __debug_bin (#30725) (#30857)
  * Grafana-ui: fixes closing modals with escape key (#30745) (#30873)
  * DashboardLinks: Support variable expression in to tooltip - Issue #30409 (#30569) (#30852)
  * Add alt text to plugin logos (#30710) (#30872)
  * InfluxDB: Add http configuration when selecting InfluxDB v2 flavor  (#30827) (#30870)
  * Prometheus: Set type of labels to string (#30831) (#30835)
  * AlertingNG: change API permissions (#30781) (#30814)
  * Grafana-ui: fixes no data message in Table component (#30821) (#30855)
  * Prometheus: Add tooltip to explain possibility to use patterns in text and title fields in annotations (#30825) (#30843)
  * Chore: add more docs annotations (#30847) (#30851)
  * BarChart: inside-align strokes, upgrade uPlot to 1.6.4. (#30806) (#30846)
  * Transforms: allow boolean in field calculations (#30802) (#30845)
  * CDN: Fixes cdn path when Grafana is under sub path (#30822) (#30823)
  * bump cypress to 6.3.0 (#30644) (#30819)
  * Expressions: Measure total transformation requests and elapsed time (#30514) (#30789)
  * Grafana-UI: Add story/docs for ErrorBoundary (#30304) (#30811)
  * [v7.4.x]: Menu: Mark menu components as internal (#30801)
  * Graph: Fixes auto decimals issue in legend and tooltip (#30628) (#30635)
  * GraphNG: Disable Plot logging by default (#30390) (#30500)
  * Storybook: Migrate card story to use controls  (#30535) (#30549)
  * GraphNG: add bar alignment option (#30499) (#30790)
  * Variables: Clears drop down state when leaving dashboard (#30810) (#30812)
  * Add missing callback dependency (#30797) (#30809)
  * GraphNG: improve behavior when switching between solid/dash/dots (#30796) (#30799)
  * Add width for Variable Editors (#30791) (#30795)
  * Panels: Fixes so panels are refreshed when scrolling past them fast (#30784) (#30792)
  * PanelEdit: Trigger refresh when changing data source (#30744) (#30767)
  * AlertingNG: Enable UI to Save Alert Definitions (#30394) (#30548)
  * CDN: Fix passing correct prefix to GetContentDeliveryURL (#30777) (#30779)
  * CDN: Adds support for serving assets over a CDN (#30691) (#30776)
  * Explore: Update styling of buttons (#30493) (#30508)
  * Loki: Append refId to logs uid (#30418) (#30537)
  * skip symlinks to directories when generating plugin manifest (#30721) (#30738)
  * Mobile: Fixes issue scrolling on mobile in chrome (#30746) (#30750)
  * BarChart: add alpha bar chart panel (#30323) (#30754)
  * Datasource: Use json-iterator configuration compatible with standard library (#30732) (#30739)
  * Variables: Fixes so text format will show All instead of custom all (#30730) (#30731)
  * AlertingNG: pause/unpause definitions via the API (#30627) (#30672)
  * PanelLibrary: better handling of deleted panels (#30709) (#30726)
  * Transform: improve the 'outer join' performance/behavior (#30407) (#30722)
  * DashboardPicker: switch to promise-based debounce, return dashboard UID (#30706) (#30714)
  * Use connected GraphNG in Explore (#30707) (#30708)
  * PanelLibrary: changes casing of responses and adds meta property (#30668) (#30711)
  * DeployImage: Switch base images to Debian (#30684) (#30699)
  * Trace: trace to logs design update (#30637) (#30702)
  * Influx: Show all datapoints for dynamically windowed flux query (#30688) (#30703)
  * ci(npm-publish): add missing github package token to env vars (#30665) (#30673)
  * Loki: Improve live tailing errors and fix Explore's logs container type errors (#30517) (#30681)
  * Grafana-UI: Fix setting default value for MultiSelect (#30671) (#30687)
  * Explore: Fix jumpy live tailing (#30650) (#30677)
  * Docs: Refer to product docs in whats new for alerting templating feature (#30652) (#30670)
  * Variables: Fixes display value when using capture groups in regex (#30636) (#30661)
  * Docs: Fix expressions enabled description (#30589) (#30651)
  * Licensing Docs: Adding license restrictions docs (#30216) (#30648)
  * DashboardSettings: fixes vertical scrolling (#30640) (#30643)
  * chore: bump redux toolkit to 1.5.0 for immer 8.0.1 vulnerability fix (#30605) (#30631)
  * Explore: Fix loading visualisation on the top of the new time series panel (#30553) (#30557)
  * Footer: Fixes layout issue in footer  (#30443) (#30494)
  * Variables: Fixes so queries work for numbers values too (#30602) (#30624)
  * Admin: Fixes so form values are filled in from backend (#30544) (#30623)
  * Docs: Update 7.4 What's New to use more correct description of alerting notification template feature (#30502) (#30614)
  * NodeGraph: Add docs (#30504) (#30613)
  * Cloud Monitoring: Fix legend naming with display name override (#30440) (#30503)
  * Expressions: Add option to disable feature (#30541) (#30558)
  * OldGraph: Fix height issue in Firefox (#30565) (#30582)
  * XY Chart: fix editor error with empty frame (no fields) (#30573) (#30577)
  * XY Chart: share legend config with timeseries (#30559) (#30566)
  * DataFrame: cache frame/field index in field state (#30529) (#30560)
  * Prometheus: Fix show query instead of Value if no __name__ and metric (#30511) (#30556)
  * Decimals: Big Improvements to auto decimals and fixes to auto decimals bug found in 7.4-beta1  (#30519) (#30550)
  * chore: update packages dependent on dot-prop to fix security vulnerability (#30432) (#30487)
  * GraphNG: uPlot 1.6.3 (fix bands not filling below 0). close #30523. (#30527) (#30528)
  * GraphNG: uPlot 1.6.2 (#30521) (#30522)
  * Chore: Upgrade grabpl version (#30486) (#30513)
  * grafana/ui: Fix internal import from grafana/data (#30439) (#30507)
  * prevent field config from being overwritten (#30437) (#30442)
  * Chore: upgrade NPM security vulnerabilities (#30397) (#30495)
  * TimeSeriesPanel: Fixed default value for gradientMode (#30484) (#30492)
  * Admin: Fixes so whole org drop down is visible when adding users to org (#30481) (#30497)
  * Chore: adds wait to e2e test (#30488) (#30490)
  * Graph: Fixes so only users with correct permissions can add annotations (#30419) (#30466)
  * Alerting: Hides threshold handle for percentual thresholds (#30431) (#30467)
  * Timeseries: only migrage point size when configured (#30461) (#30470)
  * Expressions: Fix button icon (#30444) (#30450)
  * PanelModel: Make sure the angular options are passed to react panel type changed handler (#30441) (#30451)
  * Docs: Fix img link for alert notification template (#30436) (#30447)
  * Chore: Upgrade build pipeline tool (#30456) (#30457)
  * PanelOptions: Refactoring applying panel and field options out of PanelModel and add property clean up for properties not in field config registry  (#30389) (#30438)
  * 'Release: Updated versions in package to 7.4.0-beta.1' (#30427)
  * Chore: Update what's new URL (#30423)
  * GraphNG: assume uPlot's series stroke is always a function (#30416)
  * PanelLibrary: adding library panels to Dashboard Api (#30278)
  * Prettier: Fixes to files that came in after main upgrade (#30410)
  * Cloud Monitoring: Add curated dashboards for the most popular GCP services (#29930)
  *  Mssql integrated security (#30369)
  * Prettier: Upgrade to 2  (#30387)
  * GraphNG: sort ascending if the values appear reversed (#30405)
  * Docs: Grafana whats new 7.4 (#30404)
  * Dashboards: Adds cheat sheet toggle to supported query editors (#28857)
  * Docs: Update timeseries-dimensions.md (#30403)
  * Alerting: Evaluate data templating in alert rule name and message (#29908)
  * Docs: Add links to 7.3 patch release notes (#30292)
  * Docs: Update _index.md (#29546)
  * Docs: Update jaeger.md (#30401)
  * Expressions: Remove feature toggle (#30316)
  * Docs: Update tempo.md (#30399)
  * Docs: Update zipkin.md (#30400)
  * services/provisioning: Various cleanup (#30396)
  * DashboardSchemas: OpenAPI Schema Generation (#30242)
  * AlertingNG: Enforce unique alert definition title (non empty)/UID per organisation (#30380)
  * Licensing: Document new v7.4 options and APIs (#30217)
  * Auth: add expired token error and update CreateToken function (#30203)
  * NodeGraph: Add node graph visualization (#29706)
  * Add jwtTokenAuth to plugin metadata schema (#30346)
  * Plugins: Force POSIX style path separators for manifest generation (#30287)
  * Add enterprise reporting fonts to gitignore (#30385)
  * Field overrides: skipping overrides for properties no longer existing in plugin (#30197)
  * NgAlerting: View query result (#30218)
  * Grafana-UI: Make Card story public (#30388)
  * Dashboard: migrate version history list (#29970)
  * Search: use Card component (#29892)
  * PanelEvents: Isolate more for old angular query editors (#30379)
  * Loki: Remove showing of unique labels with the empty string value (#30363)
  * Chore: Lint all files for no-only-tests (#30364)
  * Clears errors after running new query (#30367)
  * Prometheus: Change exemplars endpoint (#30378)
  * Explore: Fix a bug where Typeahead crashes when a large amount of ite… (#29637)
  * Circular vector: improve generics (#30375)
  * Update signing docs (#30296)
  * Email: change the year in templates (#30294)
  * grafana/ui: export TLS auth component (#30320)
  * Query Editor: avoid word wrap (#30373)
  * Transforms: add sort by transformer (#30370)
  * AlertingNG: Save alert instances (#30223)
  * GraphNG: Color series from by value scheme & change to fillGradient to gradientMode  (#29893)
  * Chore: Remove not used PanelOptionsGrid component (#30358)
  * Zipkin: Remove browser access mode (#30360)
  * Jaeger: Remove browser access mode (#30349)
  * chore: bump lodash to 4.17.20 (#30359)
  * ToolbarButton: New emotion based component to replace all navbar, DashNavButton and scss styles (#30333)
  * Badge: Increase contrast, remove rocket icon for plugin beta/alpha state (#30357)
  * Licensing: Send map of environment variables to plugins (#30347)
  * Dashboards: Exit to dashboard when deleting panel from panel view / edit view (#29032)
  * Cloud Monitoring: MQL support (#26551)
  * ReleaseNotes: Updated changelog and release notes for 7.4.0-beta1 (#30348)
  * Panel options UI: Allow collapsible categories (#30301)
  * Grafana-ui: Fix context menu item always using onClick instead of href (#30350)
  * Badge: Design improvement & reduce contrast (#30328)
  * make sure stats are added horizontally and not vertically (#30106)
  * Chore(deps): Bump google.golang.org/grpc from 1.33.1 to 1.35.0 (#30342)
  * Chore(deps): Bump github.com/stretchr/testify from 1.6.1 to 1.7.0 (#30341)
  * Chore(deps): Bump github.com/google/uuid from 1.1.2 to 1.1.5 (#30340)
  * Chore(deps): Bump github.com/hashicorp/go-version from 1.2.0 to 1.2.1 (#30339)
  * Fix HTML character entity error (#30334)
  * GraphNG: fix fillBelowTo regression (#30330)
  * GraphNG: implement softMin/softMax for auto-scaling stabilization. close #979. (#30326)
  * Legend: Fixes right y-axis legend from being pushed outside the bounds of the panel (#30327)
  * Grafana-toolkit: Update component generator templates (#30306)
  * Panels: remove beta flag from stat and bargauge panels (#30324)
  * GraphNG: support fill below to (bands) (#30268)
  * grafana-cli: Fix security issue (#28888)
  * AlertingNG: Modify queries and transform endpoint to get datasource UIDs (#30297)
  * Chore: Fix missing property from ExploreGraph (#30315)
  * Prometheus: Add support for Exemplars (#28057)
  * Grafana-UI: Enhances for TimeRangePicker and TimeRangeInput (#30102)
  * ReleaseNotes: Updated changelog and release notes for 7.4.0 (#30312)
  * Table: Fixes BarGauge cell display mode font size so that it is fixed to the default cell font size (#30303)
  * AngularGraph: Fixes issues with legend wrapping after legend refactoring (#30283)
  * Plugins: Add Open Distro to the list of data sources supported by sigv4 (#30308)
  * Chore: Moves common and response into separate packages (#30298)
  * GraphNG: remove y-axis position control from series color picker in the legend (#30302)
  * Table: migrate old-table config to new table config (#30142)
  * Elasticsearch: Support extended stats and percentiles in terms order by (#28910)
  * Docs: Update release notes index
  * GraphNG: stats in legend (#30251)
  * Grafana UI: EmptySearchResult docs (#30281)
  * Plugins: Use the includes.path (if exists) on sidebar includes links (#30291)
  * Fix spinner and broken buttons (#30286)
  * Graph: Consider reverse sorted data points on isOutsideRange check (#30289)
  * Update getting-started.md (#30257)
  * Backend: use sdk version (v0.81.0) without transform (gel) code (#29236)
  * Chore: update latest versions to 7.3.7 (#30282)
  * Loki: Fix hiding of series in table if labels have number values (#30185)
  * Loki: Lower min step to 1ms (#30135)
  * Prometheus: Improve autocomplete performance and remove disabling of dynamic label lookup (#30199)
  * Icons: Adds custom icon support ands new panel and interpolation icons (#30277)
  * ReleaseNotes: Updated changelog and release notes for 7.3.7 (#30280)
  * Grafana-ui: Allow context menu items to be open in new tab (#30141)
  * Cloud Monitoring: Convert datasource to use Dataframes (#29830)
  * GraphNG: added support to change series color from legend. (#30256)
  * AzureMonitor: rename labels for query type dropdown (#30143)
  * Decimals: Improving auto decimals logic for high numbers and scaled units  (#30262)
  * Elasticsearch: Use minimum interval for alerts (#30049)
  * TimeSeriesPanel: The new graph panel now supports y-axis value mapping #30272
  * CODEOWNERS: Make backend squad owners of backend style guidelines (#30266)
  * Auth: Add missing request headers to SigV4 middleware allowlist (#30115)
  * Grafana-UI: Add story/docs for FilterPill (#30252)
  * Grafana-UI: Add story/docs for Counter (#30253)
  * Backend style guide: Document JSON guidelines (#30267)
  * GraphNG: uPlot 1.6, hide 'Show points' in Points mode, enable 'dot' lineStyle (#30263)
  * Docs: Update prometheus.md (#30240)
  * Docs: Cloudwatch filter should be JSON format (#30243)
  * API: Add by UID routes for data sources  (#29884)
  * Docs: Update datasource_permissions.md (#30255)
  * Cloudwatch: Move deep link creation to the backend (#30206)
  * Metrics API: Use jsoniter for JSON encoding (#30250)
  * Add option in database config to skip migrations for faster startup. (#30146)
  * Set signed in users email correctly (#30249)
  * Drone: Upgrade build pipeline tool (#30247)
  * runRequest: Fixes issue with request time range and time range returned to panels are off causing data points to be cut off (outside) (#30227)
  * Elasticsearch: fix handling of null values in query_builder (#30234)
  * Docs: help users connect to Prometheus using SigV4 (#30232)
  * Update documentation-markdown-guide.md (#30207)
  * Update documentation-markdown-guide.md (#30235)
  * Better logging of plugin scanning errors (#30231)
  * Print Node.js and Toolkit versions (#30230)
  * Chore: bump rollup across all packages (#29486)
  * Backend style guide: Document database patterns (#30219)
  * Chore: Bump plugin-ci-alpine Docker image version (#30225)
  * Legends: Refactoring and rewrites of legend components to simplify components & reuse (#30165)
  * Use Node.js 14.x in plugin CI (#30209)
  * Field overrides: extracting the field config factory into its own reusable module. (#30214)
  * LibraryPanels: adds connections (#30212)
  * PanelOptionsGroups: Only restore styles from PanelOptionsGroup (#30215)
  * Variables: Add deprecation warning for value group tags (#30160)
  * GraphNG: Hide grid for right-y axis if left x-axis exists (#30195)
  * Middleware: Add CSP support (#29740)
  * Updated image links to have newer format. (#30208)
  * Docs: Update usage-insights.md (#30150)
  * Share panel dashboard add images (#30201)
  * Update documentation-style-guide.md (#30202)
  * Docs: Fix links to transforms (#30194)
  * docs(badge): migrate story to use controls (#30180)
  * Chore(deps): Bump github.com/prometheus/common from 0.14.0 to 0.15.0 (#30188)
  * Fix alert definition routine stop (#30117)
  * Chore(deps): Bump gopkg.in/square/go-jose.v2 from 2.4.1 to 2.5.1 (#30189)
  * InlineSwitch: Minor story fix (#30186)
  * Chore(deps): Bump github.com/gosimple/slug from 1.4.2 to 1.9.0 (#30178)
  * Chore(deps): Bump github.com/fatih/color from 1.9.0 to 1.10.0 (#30183)
  * Chore(deps): Bump github.com/lib/pq from 1.3.0 to 1.9.0 (#30181)
  * Chore(deps): Bump github.com/hashicorp/go-plugin from 1.2.2 to 1.4.0 (#30175)
  * Chore(deps): Bump github.com/getsentry/sentry-go from 0.7.0 to 0.9.0 (#30171)
  * Gauge: Fixes issue with all null values cause min & max to be null (#30156)
  * Links: Add underline on hover for links in NewsPanel (#30166)
  * GraphNG: Update to test dashboards (#30153)
  * CleanUp: Removed old panel options group component (#30157)
  * AngularQueryEditors: Fixes to Graphite query editor and other who refer to other queries (#30154)
  * Chore(deps): Bump github.com/robfig/cron/v3 from 3.0.0 to 3.0.1 (#30172)
  * Chore(deps): Bump github.com/urfave/cli/v2 from 2.1.1 to 2.3.0 (#30173)
  * Chore: Fix spelling issue (#30168)
  * Revise README.md. (#30145)
  * Chore(deps): Bump github.com/mattn/go-sqlite3 from 1.11.0 to 1.14.6 (#30174)
  * InlineSwitch: Added missing InlineSwitch component and fixed two places that used unaligned inline switch (#30162)
  * GraphNG: add new alpha XY Chart  (#30096)
  * Elastic: Support request cancellation properly (Uses new backendSrv.fetch Observable request API) (#30009)
  * OpenTSDB: Support request cancellation properly (#29992)
  * InfluxDB: Update Flux external link (#30158)
  * Allow dependabot to keep go packages up-to-date (#30170)
  * PluginState: Update comment
  * GraphNG: Minor polish & updates to new time series panel and move it from alpha to beta (#30163)
  * Share panel dashboard (#30147)
  * GraphNG: rename 'graph3' to 'timeseries' panel (#30123)
  * Add info about access mode (#30137)
  * Prometheus: Remove running of duplicated metrics query (#30108)
  * Prometheus: Fix autocomplete does not work on incomplete input (#29854)
  * GraphNG: remove graph2 panel (keep the parts needed for explore) (#30124)
  * Docs: Add metadata to activating licensing page (#30140)
  * MixedDataSource: Added missing variable support flag (#30110)
  * AngularPanels: Fixes issue with some panels not rendering when going into edit mode due to no height (#30113)
  * AngularPanels: Fixes issue with discrete panel that used the initialized event (#30133)
  * Explore: Make getFieldLinksForExplore more reusable (#30134)
  * Elasticsearch: Add Support for Serial Differencing Pipeline Aggregation (#28618)
  * Angular: Fixes issue with angular directive caused by angular upgrade in master (#30114)
  * Analytics: add data source type in data-request events (#30087)
  * GraphNG: 'Interpolation: Step after' test (#30127)
  * GraphNG: check cross-axis presence when auto-padding. close #30121. (#30126)
  * Alerting: improve alerting default datasource search when extracting alerts (#29993)
  * Loki: Timeseries should not produce 0-values for missing data (#30116)
  * GraphNG: support dashes (#30070)
  * GraphNG: fix spanGaps optimization in alignDataFrames(). see #30101. (#30118)
  * Alerting NG: update API to expect UIDs instead of IDs (#29896)
  * GraphNG: Overhaul of main test dashboard and update to null & gaps dashboard (#30101)
  * Chore: Fix intermittent time-related test failure in explore datasource instance update (#30109)
  * QueryEditorRow: Ability to change query name (#29779)
  * Frontend: Failed to load application files message improvement IE11 (#30011)
  * Drone: Upgrade build pipeline tool (#30104)
  * Fix phrasing. (#30075)
  * Chore: Add CloudWatch HTTP API tests (#29691)
  * Elastic: Fixes so templating queries work (#30003)
  * Chore: Rewrite elasticsearch client test to standard library (#30093)
  * Chore: Rewrite tsdb influxdb test to standard library (#30091)
  * Fix default maximum lifetime  an authenticated user can be logged in (#30030)
  * Instrumentation: re-enable database wrapper feature to expose counter and histogram for database queries (#29662)
  * Docs: Update labels to fields transform (#30086)
  * GraphNG: adding possibility to toggle tooltip, graph and legend for series (#29575)
  * Chore: Rewrite tsdb cloudmonitoring test to standard library (#30090)
  * Chore: Rewrite tsdb azuremonitor time grain test to standard library (#30089)
  * Chore: Rewrite tsdb graphite test to standard library (#30088)
  * Chore: Upgrade Docker build image wrt. Go/golangci-lint/Node (#30077)
  * Usage Stats: Calculate concurrent users as a histogram (#30006)
  * Elasticsearch: Fix broken alerting when using pipeline aggregations (#29903)
  * Drone: Fix race conditions between Enterprise and Enterprise2 (#30076)
  * Chore: Rewrite models datasource cache test to standard library (#30040)
  * Plugins: prevent app plugin from rendering with wrong location (#30017)
  * Update NOTICE.md
  * Chore: Tiny typo fix `rage` -> `range` (#30067)
  * Docs: loki.md: Add example of Loki data source config (#29976)
  * ReleaseNotes: Updated changelog and release notes for 7.3.6 (#30066)
  * Docs: Update usage-insights.md (#30065)
  * Docs: Update white-labeling.md (#30064)
  * Chore(deps): Bump axios from 0.19.2 to 0.21.1 (#30059)
  * Chore: Rewrite models tags test to standard library (#30041)
  * Bump actions/setup-node from v1 to v2.1.4 (#29891)
  * Build(deps): Bump ini from 1.3.5 to 1.3.7 (#29787)
  * fall back to any architecture when getting plugin's checksum #30034 (#30035)
  * Lerna: Update to 3.22.1 (#30057)
  * SeriesToRows: Fixes issue in transform so that value field is always named Value (#30054)
  * [dashboard api] manage error when data in dashboard table is not valid json (#29999)
  * use sha256 checksum instead of md5 (#30018)
  * Chore: Rewrite brute force login protection test to standard library (#29986)
  * Chore: Rewrite login auth test to standard library (#29985)
  * Chore: Rewrite models dashboards test to standard library (#30023)
  * Chore: Rewrite models dashboard acl test to standard library (#30022)
  * Chore: Rewrite models alert test to standard library (#30021)
  * Chore: Rewrite ldap login test to standard library (#29998)
  * Chore: Rewrite grafana login test to standard library (#29997)
  * Fix two ini-file typos regarding LDAP (#29843)
  * Chore: Changes source map devtool to inline-source-map (#30004)
  * Chore: Sync Enterprise go.sum (#30005)
  * Chore: Add Enterprise dependencies (#29994)
  * SQLStore: customise the limit of retrieved datasources per organisation (#29358)
  * Chore: update crewjam/saml library to the latest master (#29991)
  * Graph: Fixes so users can not add annotations in readonly dash (#29990)
  * Currency: add Vietnamese dong (VND) (#29983)
  * Drone: Update pipelines for Enterprise (#29939)
  * Remove the bus from teamgroupsync (#29810)
  * Influx: Make variable query editor input uncontrolled (#29968)
  * PanelLibrary: Add PATCH to the API (#29956)
  * PanelEvents: Isolating angular panel events into it's own event bus + more event refactoring  (#29904)
  * Bump node-notifier from 8.0.0 to 8.0.1 (#29952)
  * LDAP: Update use_ssl documentation (#29964)
  * Docs: Missing 's' on 'logs' (#29966)
  * Docs: Update opentsdb.md (#29963)
  * Docs: Minor typo correction (#29962)
  * librarypanels: Fix JSON field casing in tests (#29954)
  * TemplateSrv: Do not throw  error for an unknown format but use glob as fallback and warn in the console (#29955)
  * PanelLibrary: Adds uid and renames title to name (#29944)
  * Docs: Fix raw format variable docs (#29945)
  * RedirectResponse: Implement all of api.Response (#29946)
  * PanelLibrary: Adds get and getAll to the api (#29772)
  * Chore: Remove duplicate interpolateString test (#29941)
  * Chore: Rewrite influxdb query parser test to standard library (#29940)
  * Folders: Removes the possibility to delete the General folder (#29902)
  * Chore: Convert tsdb request test to standard library (#29936)
  * Chore: Convert tsdb interval test to standard library (#29935)
  * Docs: Update configuration.md (#29912)
  * Docs: Update organization_roles.md (#29911)
  * Docs: Update _index.md (#29918)
  * GraphNG: bring back tooltip (#29910)
  * Ng Alerting: Remove scroll and fix SplitPane limiters (#29906)
  * Dashboard: Migrating dashboard settings to react (#27561)
  * Minor correction to explanation on correct MS SQL usage. (#29889)
  * AlertingNG: Create a scheduler to evaluate alert definitions (#29305)
  * Add changelog items for 7.3.6, 7.2.3 and 6.7.5 (#29901)
  * bump stable to 7.3.6 (#29899)
  * Upgrade go deps.  (#29900)
  * Expressions: Replace query input fields with select. (#29816)
  * PanelEdit: Update UI if panel plugin changes field config (#29898)
  * Elasticsearch: Remove timeSrv dependency (#29770)
  * PanelEdit: Need new data after plugin change (#29874)
  * Chore(toolkit): disable react/prop-types for eslint config (#29888)
  * Field Config API: Add ability to hide field option or disable it from the overrides (#29879)
  * SharedQuery: Fixes shared query editor now showing queries (#29849)
  * GraphNG: support fill gradient (#29765)
  * Backend style guide: Add more guidelines (#29871)
  * Keep query keys consistent (#29855)
  * Alerting: Copy frame field labels to time series tags (#29886)
  * Update configure-docker.md (#29883)
  * Usage Stats: Introduce an interface for usage stats service (#29882)
  * DataFrame: add a writable flag to fields (#29869)
  * InlineForms: Changes to make inline forms more flexible for query editors  (#29782)
  * Usage Stats: Allow to add additional metrics to the stats (#29774)
  * Fix the broken link of XORM documentation (#29865)
  * Move colors demo under theme colors (#29873)
  * Dashboard: Increase folder name size in search dashboard (#29821)
  * MSSQL: Config UI touches (#29834)
  * QueryOptions:  Open QueryEditors: run queries after changing group options #29864
  * GraphNG: uPlot 1.5.2, dynamic stroke/fill, Flot-style hover points (#29866)
  * Variables: Fixes so numerical sortorder works for options with null values (#29846)
  * GraphNG: only initialize path builders once (#29863)
  * GraphNG: Do not set fillColor from GraphNG only opacity (#29851)
  * add an example cloudwatch resource_arns() query that uses multiple tags (ref: #29499) (#29838)
  * Backend: Remove more globals (#29644)
  * MS SQL: Fix MS SQL add data source UI issues (#29832)
  * Display palette and colors for dark and light themes in storybook (#29848)
  * Docs: Fix broken link in logs-panel (#29833)
  * Docs: Add info about typing of connected props to Redux style guide (#29842)
  * Loki: Remove unnecessary deduplication (#29421)
  * Varibles: Fixes so clicking on Selected will not include All (#29844)
  * Explore/Logs: Correctly display newlines in detected fields (#29541)
  * Link suppliers: getLinks API update (#29757)
  * Select: Changes default menu placement for Select from auto to bottom (#29837)
  * Chore: Automatically infer types for dashgrid connected components  (#29818)
  * Chore: Remove unused Loki and Cloudwatch syntax providers  (#29686)
  * Pass row (#29839)
  * GraphNG: Context menu (#29745)
  * GraphNG: Enable scale distribution configuration (#29684)
  * Explore: Improve Explore performance but removing unnecessary re-renders (#29752)
  * DashboardDS: Fixes display of long queries (#29808)
  * Sparkline: Fixes issue with sparkline that sent in custom fillColor instead of fillOpacity (#29825)
  * Chore: Disable default golangci-lint filter (#29751)
  * Update style guide with correct usage of MS SQL (#29829)
  * QueryEditor: do not auto refresh on every update (#29762)
  * Chore: remove unused datasource status enum (#29827)
  * Expressions: support ${my var} syntax (#29819)
  * Docs: Update types-options.md (#29777)
  * Chore: Enable more go-ruleguard rules (#29781)
  * GraphNG: Load uPlot path builders lazily (#29813)
  * Elasticsearch: ensure query model has timeField configured in datasource settings (#29807)
  * Chore: Use Header.Set method instead of Header.Add (#29804)
  * Allow dependabot to check actions (#28159)
  * Grafana-UI: Support optgroup for MultiSelect (#29805)
  * Sliders: Update behavior and style tweak (#29795)
  * Grafana-ui: Fix collapsible children sizing (#29776)
  * Style guide: Document avoidance of globals in Go code (#29803)
  * Chore: Rewrite opentsdb test to standard library (#29792)
  * CloudWatch: Add support for AWS DirectConnect ConnectionErrorCount metric (#29583)
  * GraphNG: uPlot 1.5.1 (#29789)
  * GraphNG: update uPlot v1.5.0 (#29763)
  * Added httpMethod to webhook (#29780)
  * @grafana-runtime: Throw error if health check fails in DataSourceWithBackend (#29743)
  * Explore: Fix remounting of query row (#29771)
  * Expressions: Add placeholders to hint on input (#29773)
  * Alerting: Next gen Alerting page (#28397)
  * GraphNG: Add test dashboard for null & and gaps rendering (#29769)
  * Expressions: Field names from refId (#29755)
  * Plugins: Add support for signature manifest V2 (#29240)
  * Chore: Configure go-ruleguard via golangci-lint (#28419)
  * Move middleware context handler logic to service (#29605)
  * AlertListPanel: Add options to sort by Time(asc) and Time(desc) (#29764)
  * PanelLibrary: Adds delete Api (#29741)
  * Tracing: Release trace to logs feature (#29443)
  * ReleaseNotes: Updated changelog and release notes for 7.3.5 (#29753)
  * DataSourceSettings: Add servername field to DataSource TLS config (#29279)
  * Chore: update stable and testing versions (#29748)
  * ReleaseNotes: Updated changelog and release notes for 7.3.5 (#29744)
  * Elasticsearch: View in context feature for logs (#28764)
  * Chore: Disable gosec on certain line (#29382)
  * Logging: log frontend errors caught by ErrorBoundary, including component stack (#29345)
  * ChangePassword: improved keyboard navigation (#29567)
  * GrafanaDataSource: Fix selecting -- Grafana -- data source, broken after recent changes (#29737)
  * Docs: added version note for rename by regex transformation. (#29735)
  * @grafana/ui: Fix UI issues for cascader button dropdown and query input (#29727)
  * Docs: Update configuration.md (#29728)
  * Docs: Remove survey (#29549)
  * Logging: rate limit fronted logging endpoint (#29272)
  * API: add Status() to RedirectResponse (#29722)
  * Elasticsearch: Deprecate browser access mode (#29649)
  * Elasticsearch: Fix query initialization action (#29652)
  * PanelLibrary: Adds api and db to create Library/Shared/Reusable Panel (#29642)
  * Transformer: Rename metrics based on regex (#29281)
  * Variables: Fixes upgrade of legacy Prometheus queries (#29704)
  * Auth: Add SigV4 header allowlist to reduce chances of verification issues (#29650)
  * DataFrame: add path and description metadata (#29695)
  * Alerting: Use correct time series name override from frame fields (#29693)
  * GraphNG: fix bars migration and support color and linewidth (#29697)
  * PanelHeader: Fix panel header description inline code wrapping (#29628)
  * Bugfix 29848: Remove annotation_tag entries as part of annotations cleanup (#29534)
  * GraphNG: simple settings migration from flot panel (#29599)
  * GraphNG: replace bizcharts with uPlot for sparklines (#29632)
  * GitHubActions: Update node version in github action (#29683)
  * Adds go dep used by an Enterprise feature.  (#29645)
  * Typescript: Raise strict error limit for enterprise (#29688)
  * Remove unnecessary escaping (#29677)
  * Update getting-started-prometheus.md (#29678)
  * instrumentation: align label name with our other projects (#29514)
  * Typescript: Fixing typescript strict error, and separate check from publishing (#29679)
  * CloudWatch: namespace in search expression should be quoted if match exact is enabled #29109 (#29563)
  * Docs: Plugin schema updates (#28232)
  * RadioButton: Fix flex issue in master for radio buttons (#29664)
  * Update getting-started.md (#29670)
  * Expr: fix time unit typo in ds queries (#29668)
  * Expr: make reduction nan/null more consistent (#29665)
  * Expr: fix func argument panic (#29663)
  * Update documentation-style-guide.md (#29661)
  * Update documentation-markdown-guide.md (#29659)
  * Docs: Changed image format (#29658)
  * Expr: fix failure to execute due to OrgID (#29653)
  * GraphNG: rename 'points' to 'showPoints' (#29635)
  * Expressions: Restore showing expression query editor even if main data source is not mixed (#29656)
  * GraphNG: time range should match the panel timeRange (#29596)
  * Support svg embedded favicons in whitelabeling (#29436)
  * Add changelog to docs style guide (#29581)
  * Loki: Retry web socket connection when connection is closed abnormally (#29438)
  * GraphNG: Fix annotations and exemplars plugins (#29613)
  * Chore: Rewrite tsdb sql engine test to standard library (#29590)
  * GraphNG: fix and optimize spanNulls (#29633)
  * Build(deps): Bump highlight.js from 10.4.0 to 10.4.1 (#29625)
  * Cloudwatch: session cache should use UTC consistently (#29627)
  * GraphNG: rename GraphMode to DrawStyle (#29623)
  * GraphNG: add spanNulls config option (#29512)
  * Docs: add docs for concatenate transformer (#28667)
  * Stat/Gauge: expose explicit font sizing (#29476)
  * GraphNG: add gaps/nulls support to staircase & smooth interpolation modes (#29593)
  * grafana/ui: Migrate Field knobs to controls (#29433)
  * Prometheus: Fix link to Prometheus graph in dashboard (#29543)
  * Build: Publish next and latest npm channels to Github (#29615)
  * Update broken aliases (#29603)
  * API: add ID to snapshot API responses (#29600)
  * Elasticsearch: Migrate queryeditor to React (#28033)
  * QueryGroup & DataSourceSrv & DataSourcePicker changes simplify usage, error handling and reduce duplication, support for uid (#29542)
  * Elastic: Fixes config UI issues (#29608)
  * GraphNG: Fix issues with plugins not retrieving plot instance (#29585)
  * middleware: Make scenario test functions take a testing.T argument (#29564)
  * Grafana/ui: Storybook controls understand component types (#29574)
  * Login: Fixes typo in tooltip (#29604)
  * Panel: making sure we support all versions of chrome when detecting position of click event. (#29544)
  * Chore: Rewrite sqlstore migration test to use standard library (#29589)
  * Chore: Rewrite tsdb prometheus test to standard library (#29592)
  * Security: Add gosec G304 auditing annotations (#29578)
  * Chore: Rewrite tsdb testdatasource scenarios test to standard library (#29591)
  * Docs: Add missing key to enable SigV4 for provisioning Elasticsearch data source (#29584)
  * Add Microsoft.Network/natGateways (#29479)
  * Update documentation-style-guide.md (#29586)
  * @grafana/ui: Add bell-slash to available icons (#29579)
  * Alert: Fix forwardRef warning (#29577)
  * Update documentation-style-guide.md (#29580)
  * Chore: Upgrade typescript to 4.1 (#29493)
  * PanelLibrary: Adds library_panel table (#29565)
  * Make build docker full fix (#29570)
  * Build: move canary packages to github (#29411)
  * Devenv: Add default db for influxdb (#29371)
  * Chore: Check errors from Close calls (#29562)
  * GraphNG: support auto and explicit axis width (#29553)
  * Chore: upgrading y18n to 4.0.1 for security reasons (#29523)
  * Middleware: Rewrite tests to use standard library (#29535)
  * Overrides: show category on the overrides (#29556)
  * GraphNG: Bars, Staircase, Smooth modes (#29359)
  * Docs: Fix docs sync actions (#29551)
  * Chore: Update dev guide node version for Mac (#29548)
  * Docs: Update formatting-multi-value-variables.md (#29547)
  * Arrow: toArray() on nullable values should include null values (#29520)
  * Docs: Update syntax.md (#29545)
  * NodeJS: Update to LTS (14) (#29467)
  * Docs: Update repeat-panels-or-rows.md (#29540)
  * 3 minor changes, including updating the title TOC (#29501)
  * Auth proxy: Return standard error type (#29502)
  * Data: use pre-defined output array length in vectorToArray() (#29516)
  * Dashboards: hide playlist edit functionality from viewers and snapshots link from unauthenticated users (#28992)
  * docker: use yarn to build (#29538)
  * QueryEditors: Refactoring & rewriting out dependency on PanelModel (#29419)
  * Chore: skip flaky tests (#29537)
  * Graph NG: Invalidate uPlot config on timezone changes (#29531)
  * IntelliSense: Fix autocomplete and highlighting for Loki, Prometheus, Cloudwatch (#29381)
  * Variables: Fixes Textbox current value persistence (#29481)
  * OptionsEditor: simplify the options editor interfaces (#29518)
  * Icon: Changed the icon for signing in (#29530)
  * fixes bug with invalid handler name for metrics (#29529)
  * Middleware: Simplifications (#29491)
  * GraphNG: simplify effects responsible for plot updates/initialization  (#29496)
  * Alarting: fix alarm messages in dingding (Fixes #29470) (#29482)
  * PanelEdit: making sure the correct datasource query editor is being rendered. (#29500)
  * AzureMonitor: Unit MilliSeconds naming (#29399)
  * Devenv: update mysql_tests and postgres_tests blocks for allowing dynamically change of underlying docker image (#29525)
  * Chore: Enable remaining eslint-plugin-react rules (#29519)
  * Docs/Transformations: Add documentation about Binary operations in Add field from calculation (#29511)
  * Datasources: fixed long error message overflowing container (#29440)
  * docker: fix Dockerfile after Gruntfile.js removed (#29515)
  * Chore: Adds Panel Library featuretoggle (#29521)
  * Docs: Update filter-variables-with-regex.md (#29508)
  * Docs: InfluxDB_V2 datasource: adding an example on how to add InfluxQL as a datasource (#29490)
  * Loki: Add query type and line limit to query editor in dashboard (#29356)
  * Docs: Added Security Group support to Azure Auth (#29418)
  * DataLinks: Removes getDataSourceSettingsByUid from applyFieldOverrides  (#29447)
  * Bug: trace viewer doesn't show more than 300 spans (#29377)
  * Live: publish all dashboard changes to a single channel (#29474)
  * Chore: Enable eslint-plugin-react partial rules (#29428)
  * Alerting: Update alertDef.ts with more time options (#29498)
  * DataSourceSrv: Look up data source by uid and name transparently (#29449)
  * Instrumentation: Add examplars for request histograms (#29357)
  * Variables: Fixes Constant variable persistence confusion (#29407)
  * Docs: Fix broken link for plugins (#29346)
  * Prometheus: don't override displayName property (#29441)
  * Grunt: Removes grunt dependency and replaces some of its usage (#29461)
  * Transformation: added support for excluding/including rows based on their values. (#26884)
  * Chore: Enable exhaustive linter (#29458)
  * Field overrides: added matcher to match all fields within frame/query. (#28872)
  * Log: Use os.Open to open file for reading (#29483)
  * MinMax: keep global min/main in field state (#29406)
  * ReactGridLayout: Update dependency to 1.2 (#29455)
  * Jest: Upgrade to latest (#29450)
  * Chore: bump grafana-ui rollup dependencies (#29315)
  * GraphNG: use uPlot's native ms support (#29445)
  * Alerting: Add support for Sensu Go notification channel (#28012)
  * adds tracing for all bus calls that passes ctx (#29434)
  * prometheus: Improve IsAPIError's documentation (#29432)
  * ReleaseNotes: Updated changelog and release notes for 7.3.4 (#29430)
  * Elasticsearch: Fix index pattern not working with multiple base sections (#28348)
  * Plugins: Add support for includes' icon (#29416)
  * Docs: fixing frontend docs issue where enums ending up in wrong folder level. (#29429)
  * Variables: Fixes issue with upgrading legacy queries (#29375)
  * Queries: Extract queries from dashboard (#29349)
  * Docs: docker -> Docker (#29331)
  * PanelEvents: Refactors and removes unnecessary events, fixes panel editor update issue when panel options change (#29414)
  * Fix: Correct panel edit uistate migration (#29413)
  * Alerting: Improve Prometheus Alert Rule error message (#29390)
  * Fix: Migrate Panel edit uiState percentage strings to number (#29412)
  * remove insecure cipher suit as default option (#29378)
  * * prometheus fix variables fetching when  customQueryParameters used #28907 (#28949)
  * Chore: Removes observableTester (#29369)
  * Chore: Adds e2e tests for Variables (#29341)
  * Fix gosec finding of unhandled errors (#29398)
  * Getting started with Grafana and MS SQL (#29401)
  * Arrow: cast timestams to Number (#29402)
  * Docs: Add Cloud content links (#29317)
  * PanelEditor: allow access to the eventBus from panel options (#29327)
  * GraphNG: support x != time in library (#29353)
  * removes unused golint file (#29391)
  * prefer server cipher suites (#29379)
  * Panels/DashList: Fix order of recent dashboards (#29366)
  * Core: Move SplitPane layout from PanelEdit. (#29266)
  * Drone: Upgrade build pipeline tool (#29365)
  * Update yarn.lock to use latest rc-util (#29313)
  * Variables: Adds description field  (#29332)
  * Chore: Update latest.json (#29351)
  * Drone: Upload artifacts for release branch builds (#29297)
  * Docs: fixing link issues in auto generated frontend docs. (#29326)
  * Drone: Execute artifact publishing for both editions in parallel during release (#29362)
  * Devenv: adding default credentials for influxdb (#29344)
  * Drone: Check CUE dashboard schemas (#29334)
  * Backend: fix IPv6 address parsing erroneous (#28585)
  * dashboard-schemas cue 3.0.0 compatible (#29352)
  * Update documentation-style-guide.md (#29354)
  * Docs: Update requirements.md (#29350)
  * ReleaseNotes: Updated changelog and release notes for 7.3.4 (#29347)
  * ReleaseNotes: Updated changelog and release notes for 7.3.4 (#29338)
  * Drone: Publish NPM packages after Storybook to avoid race condition (#29340)
  * Add an option to hide certain users in the UI (#28942)
  * Guardian: Rewrite tests from goconvey (#29292)
  * Docs: Fix editor role and alert notification channel description (#29301)
  * Docs: Improve custom Docker image instructions (#29263)
  * Security: Fixes minor security issue with alert notification webhooks that allowed GET & DELETE requests #29330
  * Chore: Bump storybook to v6 (#28926)
  * ReleaseNotes: Updates release notes link in package.json (master) (#29329)
  * Docs: Accurately reflecting available variables (#29302)
  * Heatmap: Fixes issue introduced by new eventbus (#29322)
  * Dashboard Schemas (#28793)
  * devenv: Add docker load test which authenticates with API key (#28905)
  * Login: Fixes redirect url encoding issues of # %23 being unencoded after login (#29299)
  * InfluxDB: update flux library and support boolean label values (#29310)
  * Explore/Logs: Update Parsed fields to Detected fields (#28881)
  * GraphNG: Init refactorings and fixes (#29275)
  * fixing a broken relref link (#29312)
  * Drone: Upgrade build pipeline tool (#29308)
  * decreasing frontend docs threshold. (#29304)
  * Docker: update docker root group docs and docker image (#29222)
  * WebhookNotifier: Convert tests away from goconvey (#29291)
  * Annotations: fixing so when changing annotations query links submenu will be updated. (#28990)
  * [graph-ng] add temporal DataFrame alignment/outerJoin & move null-asZero pass inside (#29250)
  * Dashboard: Fixes kiosk state after being redirected to login page and back (#29273)
  * make it possible to hide change password link in profile menu (#29246)
  * Theme: Add missing color type (#29265)
  * Chore: Allow reducerTester to work with every data type & payload-less actions (#29241)
  * Explore/Prometheus: Update default query type option to 'Both' (#28935)
  * Loki/Explore: Add query type selector (#28817)
  * Variables: New Variables are stored immediately (#29178)
  * reduce severity level to warning (#28939)
  * Units: Changes FLOP/s to FLOPS and some other rates per second units get /s suffix  (#28825)
  * Docs: Remove duplicate 'Transformations overview' topics from the TOC (#29247)
  * Docs: Fixed broken relrefs and chanfed TOC entry name from Alerting to Alerts. (#29251)
  * Docs: Remove duplicate Panel overview topic.  (#29248)
  * Increase search limit on team add user and improve placeholder (#29258)
  * Fix warnings for conflicting style rules (#29249)
  * Make backwards compatible (#29212)
  * Minor cosmetic markdown tweaks in docs/cloudwatch.md (#29238)
  * Getting Started: Updated index topic, removed 'what-is-grafana', and adjusted weight o… (#29216)
  * BarGauge: Fix story for BarGauge, caused knobs to show for other stories (#29232)
  * Update glossary to add hyperlinks to Explore and Transformation entries (#29217)
  * Chore: Enable errorlint linter (#29227)
  * TimeRegions: Fixed issue with time regions and tresholds due to angular js upgrade (#29229)
  * CloudWatch: Support request cancellation properly (#28865)
  * CloudMonitoring: Support request cancellation properly (#28847)
  * Chore: Handle wrapped errors (#29223)
  * Expressions: Move GEL into core as expressions (#29072)
  * Chore: remove compress:release grunt task (#29225)
  * Refactor/Explore: Inline datasource actions into initialisation (#28953)
  * Fix README typo (#29219)
  * Grafana UI: Card API refactor (#29034)
  * Plugins: Changed alertlist alert url to view instead of edit (#29060)
  * React: Upgrading react to v17, wip (#29057)
  * Gauge: Tweaks short value auto-sizing (#29197)
  * BackendSrv: support binary responseType like $http did (#29004)
  * GraphNG: update the options config (#28917)
  * Backend: Fix build (#29206)
  * Permissions: Validate against Team/User permission role update (#29101)
  * ESlint: React fixes part 1 (#29062)
  * Tests: Adds expects for observables (#28929)
  * Variables: Adds new Api that allows proper QueryEditors for Query variables (#28217)
  * Introduce eslint-plugin-react (#29053)
  * Automation: Adds GitHub release action (#29194)
  * Refactor declarative series configuration to a config builder (#29106)
  * ReleaseNotes: Updated changelog and release notes for 7.3.3 (#29189)
  * Panels: fix positioning of the header title (#29167)
  * trace user login and datasource name instead of id (#29183)
  * playlist: Improve test (#29120)
  * Drone: Fix publish-packages invocation (#29179)
  * Table: Fix incorrect condtition for rendering table filter (#29165)
  * Chore: Upgrade grafana/build-ci-deploy image to latest Go (#29171)
  * DashboardLinks: will only refresh dashboard search when changing tags for link. (#29040)
  * ReleaseNotes: Updated changelog and release notes for 7.3.3 (#29169)
  * CloudWatch: added HTTP API Gateway specific metrics and dimensions (#28780)
  * Release: Adding release notes for 7.3.3 (#29168)
  * SQL: Define primary key for tables without it (#22255)
  * changed link format from MD to HTML (#29163)
  * Backend: Rename variables for style conformance (#29097)
  * Docs: Fixes what'new menu and creates index page, adds first draft of release notes to docs (#29158)
  * Drone: Upgrade build pipeline tool and build image (#29161)
  * ReleaseNotes: Updated changelog and release notes for 7.4.0 (#29160)
  * ReleaseNotes: Updated changelog and release notes for 7.3.3 (#29159)
  * Chore: Upgrade Go etc in build images (#29157)
  * Chore: Remove unused Go code (#28852)
  * API: Rewrite tests from goconvey (#29091)
  * Chore: Fix linting issues caught by ruleguard (#28799)
  * Fix panic when using complex dynamic URLs in app plugin routes  (#27977)
  * Snapshots: Fixes so that dashboard snapshots show data when using Stat, Gauge, BarGauge or Table panels (#29031)
  * Fix authomation text: remove hyphen (#29149)
  * respect fronted-logging.enabled flag (#29107)
  * build paths in an os independent way (#29143)
  * Provisioning: always pin app to the sidebar when enabled (#29084)
  * Automation: Adds new changelog actions (#29142)
  * Chore: Rewrite preferences test from GoConvey to stdlib and testify (#29129)
  * Chore: Upgrade Go dev tools (#29124)
  * Automation: Adding version bump action
  * DataFrames: add utility function to check if structure has changed (#29006)
  * Drone: Fix Drone config verification for enterprise on Windows (#29118)
  * Chore: Require OrgId to be specified in delete playlist command (#29117)
  * Plugin proxy: Handle URL parsing errors (#29093)
  * Drone: Verify Drone config at beginning of pipelines (#29071)
  * Legend/GraphNG: Refactoring legend types and options (#29067)
  * Doc: Update documentation-style-guide.md (#29082)
  * Chore: Bumps types for jest (#29098)
  * LogsPanel: Fix scrolling in dashboards (#28974)
  * sort alphabetically unique labels, labels and parsed fields (#29030)
  * Data source proxy: Convert 401 from data source to 400 (#28962)
  * Plugins: Implement testDatasource for Jaeger (#28916)
  * Update react-testing-library (#29061)
  * Graph: Fixes stacking issues like floating bars when data is not aligned  (#29051)
  * StatPanel: Fixes hanging issue when all values are zero (#29077)
  * Auth: Enable more complete credential chain for SigV4 default SDK auth option (#29065)
  * Chore: Convert API tests to standard Go lib (#29009)
  * Update README.md (#29075)
  * Update CODEOWNERS (#28906)
  * Enhance automation text for missing information (#29052)
  * GraphNG: Adding ticks test dashboard and improves tick spacing (#29044)
  * Chore: Migrate Dashboard List panel to React (#28607)
  * Test Datasource/Bug: Fixes division by zero in csv metric values scenario (#29029)
  * Plugins: Bring back coreplugin package (#29064)
  * Add 'EventBusName' dimension to CloudWatch 'AWS/Events' namespace (#28402)
  * CloudWatch: Add support for AWS/ClientVPN metrics and dimensions (#29055)
  * AlertingNG: manage and evaluate alert definitions via the API (#28377)
  * Fix linting issues (#28811)
  * Logging: Log frontend errors (#28073)
  * Fix for multi-value template variable for project selector (#29042)
  * Chore: Rewrite test helpers from GoConvey to stdlib (#28919)
  * GraphNG: Fixed axis measurements (#29036)
  * Fix links to logql docs (#29037)
  * latest 7.3.2 (#29041)
  * Elasticsearch: Add Moving Function Pipeline Aggregation (#28131)
  * changelog 7.3.2 (#29038)
  * MutableDataFrame: Remove unique field name constraint and values field index and unused/seldom used stuff  (#27573)
  * Fix prometheus docs related to query variable (#29027)
  * Explore: support ANSI colors in live logs (#28895)
  * Docs: Add documentation about log levels (#28975)
  * Dashboard: remove usage of Legacyforms (#28707)
  * Docs: Troubleshoot starting docker containers on Mac (#28754)
  * Elasticsearch: interpolate variables in Filters Bucket Aggregation (#28969)
  * Chore: Bump build pipeline version (#29023)
  * Annotations: Fixes error when trying to create annotation when dashboard is unsaved (#29013)
  * TraceViewer: Make sure it does not break when no trace is passed (#28909)
  * Thresholds: Fixes color assigned to null values (#29010)
  * Backend: Remove unused code (#28933)
  * Fix documentation (#28998)
  * Tracing: Add setting for sampling server (#29011)
  * Logs Panel: Fix inconsistent higlighting (#28971)
  * MySQL: Update README.md (#29003)
  * IntervalVariable: Fix variable tooltip (#28988)
  * StatPanels: Fixes auto min max when latest value is zero (#28982)
  * Chore: Fix SQL related Go variable naming (#28887)
  * MSSQL: Support request cancellation properly (Uses new backendSrv.fetch Observable request API) (#28809)
  * Variables: Fixes loading with a custom all value in url (#28958)
  * Backend: Adds route for well-known change password URL (#28788)
  * docs: fix repeated dashboards link (#29002)
  * LogsPanel: Don't show scroll bars when not needed (#28972)
  * Drone: Fix docs building (#28986)
  * StatPanel: Fixed center of values in edge case scenarios (#28968)
  * Update getting-started-prometheus.md (#28502)
  * Docs: fix relref (#28977)
  * Docs: Minor docs update
  * Docs: Another workflow docs update
  * Docs: Workflow minor edit
  * Docs: Another minor edit
  * Docs: Update PR workflow docs
  * Docs: Update bot docs
  * StatPanels: set default to last (#28617)
  * Tracing: log traceID in request logger (#28952)
  * start tracking usage stats for tempo (#28948)
  * Docs: Update bot docs
  * GrafanaBot: Update labels and commands and adds docs  (#28950)
  * Docs: updates for file-based menu (#28500)
  * Grot: Added command/label to close feature requests with standard message (#28937)
  * GraphNG: Restore focus option (#28946)
  * Docs: Fix links (#28945)
  * Short URL: Cleanup unvisited/stale short URLs (#28867)
  * GraphNG: Using new VizLayout, moving Legend into GraphNG and some other refactorings (#28913)
  * CloudWatch Logs: Change what we use to measure progress (#28912)
  * Chore: use jest without grunt (#28558)
  * Chore: Split Explore redux code into multiple sections (#28819)
  * TestData: Fix issue with numeric inputs in TestData query editor (#28936)
  * setting: Fix tests on Mac (#28886)
  *  Plugins signing: Fix docs urls (#28930)
  * Field color: handling color changes when switching panel types (#28875)
  * Variables: make sure that we support both old and new syntax for custom variables. (#28896)
  * CodeEditor: added support for javascript language (#28818)
  * Update CHANGELOG.md (#28928)
  * Plugins: allow override when allowing unsigned plugins (#28901)
  * Chore: Fix spelling issue (#28904)
  * Grafana-UI: LoadingPlaceholder docs (#28874)
  * Gauge: making sure threshold panel json is correct before render (#28898)
  * Chore: Rewrite test in GoConvey to stdlib and testify (#28918)
  * Update documentation-style-guide.md (#28908)
  * Adding terms to glossary (#28884)
  * Devenv: Fix Prometheus basic auth proxy (#28889)
  * API: replace SendLoginLogCommand with LoginHook (#28777)
  * Dashboards / Folders: delete related data (permissions, stars, tags, versions, annotations) when deleting a dashboard or a folder (#28826)
  * Loki: Correct grammar in DerivedFields.tsx (#28885)
  * Docs: Update list of Enterprise plugins (#28882)
  * Live: update centrifuge and the ChannelHandler api (#28843)
  * Update share-panel.md (#28880)
  * CRLF (#28822)
  * PanelHeader: show streaming indicator (and allow unsubscribe)  (#28682)
  * Docs: Plugin signing docs (#28671)
  * Chore: Fix issues reported by staticcheck; enable stylecheck linter (#28866)
  * Elasticsearch: Filter pipeline aggregations from order by options (#28620)
  * Variables: added __user.email to global variable (#28853)
  * Fix titles case and add missing punctuation marks (#28713)
  * VizLayout: Simple viz layout component for legend placement and scaling (#28820)
  * Chore: Fix staticcheck issues (#28860)
  * Chore: Fix staticcheck issues (#28854)
  * Disable selecting enterprise plugins with no license (#28758)
  * Tempo: fix test data source (#28836)
  * Prometheus: fix missing labels from value (#28842)
  * Chore: Fix issues found by staticcheck (#28802)
  * Chore: Remove dead code (#28664)
  * Units: added support to handle negative fractional numbers. (#28849)
  * Variables: Adds variables inspection (#25214)
  * Marked: Upgrade and always sanitize by default (#28796)
  * Currency: add Philippine peso currency (PHP) (#28823)
  * Alert: Remove z-index on Alert component so that it does not overlay ontop of other content (#28834)
  * increase blob column size for encrypted dashboard data (#28831)
  * Gauge: Improve font size auto sizing (#28797)
  * grafana/toolkit: allow builds with lint warnings (#28810)
  * core and grafana/toolkit: Use latest version of grafana-eslint-conifg (#28816)
  * Icon: Replace font awesome icons where possible (#28757)
  * Remove homelinks panel (#28808)
  * StatPanels: Add new calculation option for percentage difference  (#26369)
  * Dashboard: Add Datetime local (No date if today) option in panel axes' units (#28011)
  * Variables: Adds named capture groups to variable regex (#28625)
  * Panel inspect: Interpolate variables in panel inspect title (#28779)
  * grafana/toolkit: Drop console and debugger statements by default when building plugin with toolkit (#28776)
  * Variables: Fixes URL values for dependent variables (#28798)
  * Graph: Fixes event emit function error (#28795)
  * Adds storybook integrity check to drone config (#28785)
  * Live: improve broadcast semantics and avoid double posting (#28765)
  * Events: Remove unused or unnecessary events  (#28783)
  * Docs: added code comments to frontend packages. (#28784)
  * Plugin Dockerfiles: Upgrade Go, golangci-lint, gcloud SDK (#28767)
  * Dependencies: Update angularjs to 1.8.2 (#28736)
  * EventBus: Introduces new event bus with emitter backward compatible interface (#27564)
  * ColorSchemes: Add new color scheme (#28719)
  * Docs: Add NGINX example for using websockets to Loki (#27998)
  * Docs: Made usage of config/configuration consistent #19270 (#28167)
  * Cloudwatch: Fix issue with field calculation transform not working properly with Cloudwatch data (#28761)
  * grafana/toolkit: Extract CHANGELOG when building plugin (#28773)
  * Drone: Upgrade build pipeline tool (#28769)
  * devenv: Upgrade MSSQL Docker image (#28749)
  * Docs: Add docs for InfoBox component (#28705)
  * Reoeragnization. (#28760)
  * gtime: Add ParseDuration function (#28525)
  * Explore: Remove redundant decodeURI and fix urls (#28697)
  * Dashboard: fix view panel mode for Safari / iOS (#28702)
  * Provisioning: Fixed problem with getting started panel being added to custom home dashboard (#28750)
  * LoginPage: Removed auto-capitalization from the login form (#28716)
  * Plugin page: Fix dom validation warning (#28737)
  * Migration: Remove LegacyForms from dashboard folder permissions (#28564)
  * Dependencies: Remove unused dependency (#28711)
  * AlertRuleList: Add keys to alert rule items (#28735)
  * Chore: Pin nginx base image in nginx proxy Dockerfiles (#28730)
  * Drone: Upgrade build-pipeline tool (#28728)
  * TableFilters: Fixes filtering with field overrides (#28690)
  * Templating: Speeds up certain variable queries for Postgres, MySql and MSSql (#28686)
  * Fix typo in unsigned plugin warning (#28709)
  * Chore: Convert sqlstore annotation test from GoConvey to testify (#28715)
  * updates from https://github.com/grafana/grafana/pull/28679 (#28708)
  * Chore: Add some scenario tests for Explore (#28534)
  * Update latest version to 7.3.1 (#28701)
  * Changelog update - 7.3.1 (#28699)
  * Drone: Don't build on Windows for PRs (#28663)
  * Build: changing docs docker image to prevent setting up frontend devenv. (#28670)
  * Prometheus: Fix copy paste behaving as cut and paste (#28622)
  * Loki: Fix error when some queries return zero results (#28645)
  * Chore: allow higher nodejs version than 12 (#28624)
  * TextPanel: Fixes problems where text panel would show old content (#28643)
  * PanelMenu: Fixes panel submenu not being accessible for panels close to the right edge of the screen (#28666)
  * Cloudwatch: Fix duplicate metric data (#28642)
  * Add info about CSV download for Excel in What's new article (#28661)
  * Docs: Describe pipeline aggregation changes in v7.3 (#28660)
  * Plugins: Fix descendent frontend plugin signature validation (#28638)
  * Docker:  use root group in the custom Dockerfile (#28639)
  * Bump rxjs to 6.6.3 (#28657)
  * StatPanel: Fixed value being under graph and reduced likley hood for white and dark value text mixing (#28641)
  * Table: Fix image cell mode so that it works with value mappings (#28644)
  * Build: support custom build tags (#28609)
  * Plugin signing: Fix copy on signed plugin notice (#28633)
  * Dashboard: Fix navigation from one SoloPanelPage to another one (#28578)
  * CloudWatch: Improve method name, performance optimization (#28632)
  * Developer guide: Update wrt. Windows (#28559)
  * Docs: Update graph panel for tabs (#28552)
  * update latest.json (#28603)
  * Docs: data source insights (#28542)
  * Field config API: add slider editor (#28007)
  * changelog: update for 7.3.0 (#28602)
  * Update uPlot to 1.2.2 and align timestamps config with new uPLot API (#28569)
  * Live: updated the reference to use lazy loaded Monaco in code editor. (#28597)
  * Dashboard: Allow add panel for viewers_can_edit (#28570)
  * Docs: Data source provisioning and sigV4 (#28593)
  * Docs: Additional 7.3 upgrade notes (#28592)
  * CI: Add GCC to Windows Docker image (#28562)
  * CloudWatch Logs queue and websocket support (#28176)
  * Explore/Loki: Update docs and cheatsheet (#28541)
  * Grafana-UI: Add Card component (#28216)
  * AddDatasource: Improve plugin categories (#28584)
  * StatPanel: Fixes BizChart error max: yyy should not be less than min zzz (#28587)
  * docs: a few tweaks for clarity and readability (#28579)
  * API: Reducing some api docs errors (#28575)
  * Grafana-UI: ContextMenu docs (#28508)
  * Short URL: Update last seen at when visiting a short URL (#28565)
  * Fix backend build on Windows (#28557)
  * add value prop (#28561)
  * Plugin signing: UI information (#28469)
  * Use fetch API in InfluxDB data source (#28555)
  * PanelEdit: Prevent the preview pane to be resized further than window height (#28370)
  * Docs: Update generic-oauth.md (#28517)
  * GCS image uploader: Add tests (#28521)
  * Move metrics collector queries to config (#28549)
  * Plugins: Fix plugin URL paths on Windows (#28548)
  * API: add login username in SendLoginLogCommand (#28544)
  * AzureMonitor: Support decimal (as float64) type in analytics/logs (#28480)
  * Auth: Fix SigV4 request verification step for Amazon Elasticsearch Service (#28481)
  * Grafana/ui: auto focus threshold editor input (#28360)
  * Docs: SigV4 What's New and AWS Elasticsearch documentation (#28506)
  * Drone: Upgrade build pipeline tool (#28533)
  * Drone: Refactor version branch pipeline logic (#28531)
  * Drone: Upgrade build-pipeline tool (#28520)
  * Docs: Update field color scheme docs and 7.3 what's new (#28496)
  * Templating: Custom variable edit UI, change text input into textarea  (#28312) (#28322)
  * Currency: Adds Indonesian IDR currency (#28363)
  * Chore: Fix flaky sqlstore annotation test (#28527)
  * Checkbox: Fix component sample typo (#28518)
  * Image uploader: Fix uploading of images to GCS (#26493)
  * OAuth: Support Forward OAuth Identity for backend data source plugins (#27055)
  * Updated documentation style guide  (#28488)
  * Cloud Monitoring: Fix help section for aliases (#28499)
  * Docs: what's new in enterprise 7.3 (#28472)
  * Plugins: Track plugin signing errors and expose them to the frontend (#28219)
  * Elasticsearch: Fix handling of errors when testing data source (#28498)
  * Auth: Should redirect to login when anonymous enabled and URL with different org than anonymous specified  (#28158)
  * Drone: Don't build Windows installer for version branches (#28494)
  * Docs: Grafana Enterprise auditing feature (#28356)
  * Drone: Add version branch pipeline (#28490)
  * Getting Started section rehaul (#28090)
  * Docs: Add survey content (#28446)
  * Docs: Update prometheus.md (#28483)
  * Docs: Add view settings and view stats (#28155)
  * Remove entry from 7.3.0-beta2 Changelog (#28478)
  * Circle: Remove release pipeline (#28474)
  * Update latest.json (#28476)
  * Switch default version to Graphite 1.1 (#28471)
  * Plugin page: update readme icon (#28465)
  * Chore: Update changelog (#28473)
  * Explore: parse time range fix (#28467)
  * Alerting: Log alert warnings for obsolete notifiers when extracting alerts and remove spammy error (#28162)
  * Shorten url: Unification across Explore and Dashboards (#28434)
  * Explore: Support wide data frames (#28393)
  * Docs: updated cmd to build docs locally to generate docs prior to building site. (#28371)
  * Live: support real time measurements (alpha) (#28022)
  * CloudWatch/Athena - valid metrics and dimensions. (#28436)
  * Chore: Use net.JoinHostPort (#28421)
  * Chore: Upgrade grafana-eslint to latest (#28444)
  * Fix cut off icon (#28442)
  * Docs: Add shared (#28411)
  * Loki: Visually distinguish error logs for LogQL2 (#28359)
  * Database; Remove database metric feature flag and update changelog (#28438)
  * TestData: multiple arrow requests should return multiple frames (#28417)
  * Docs: Test survey code (#28437)
  * Docs: improved github action that syncs docs to website (#28277)
  * update latest.json with latest stable version (#28433)
  * 7.2.2 changelog update (#28406)
  * plugins: Don't exit on duplicate plugin (#28390)
  * API: Query database from /api/health endpoint (#28349)
  * Chore: Fix conversion of a 64-bit integer to a lower bit size type uint (#28425)
  * Prometheus: fix parsing of infinite sample values (#28287) (#28288)
  * Chore: Rewrite some tests to use testify (#28420)
  * Plugins: do not remount app plugin on nav change (#28105)
  * App Plugins: Add backend support (#28272)
  * Chore: react hooks eslint fixes in grafana-ui (#28026)
  * ci-e2e: Add Git (#28410)
  * TestData: Remove useEffect that triggeres query on component load (#28321)
  * FieldColor: Remove inverted color scheme (#28408)
  * Chore: Set timezone for tests to non utc. (#28405)
  * Chore: fix jsdoc desc and return (#28383)
  * Docs: Fixing v51 link (#28396)
  * fixes windows crlf warning (#28346)
  * Grafana/ui: pass html attributes to segment (#28316)
  * Alerting: Return proper status code when trying to create alert notification channel with duplicate name or uid (#28043)
  * OAuth: Able to skip auto login (#28357)
  * CloudWatch: Fix custom metrics (#28391)
  * Docs: Adds basic frontend data request concepts (#28253)
  * Instrumentation: Add histogram for request duration (#28364)
  * remove status label from histogram (#28387)
  * OAuth: configurable user name attribute (#28286)
  * Component/NewsPanel: Add rel='noopener' to NewsPanel links (#28379)
  * Webpack: Split out unicons and bizcharts (#28374)
  * Explore: Fix date formatting in url for trace logs link (#28381)
  * Docs: Add activate-license (#28156)
  * Instrumentation: Add counters and histograms for database queries (#28236)
  * Docs: Make tables formatting more consistent (#28164)
  * CloudWatch: Adding support for additional Amazon CloudFront metrics (#28378)
  * Add unique ids to query editor fields (#28376)
  * Plugins: Compose filesystem paths with filepath.Join (#28375)
  * Explore: Minor tweaks to exemplars marble (#28366)
  * Instrumentation: Adds environment_info metric  (#28355)
  * AzureMonitor: Fix capitalization of NetApp 'volumes' namespace (#28369)
  * ColorSchemes: Adds more color schemes and text colors that depend on the background (#28305)
  * Automation: Update backport github action trigger (#28352)
  * Dashboard links: Places drop down list so it's always visible (#28330)
  * Docs: Add missing records from grafana-ui 7.2.1 CHANGELOG (#28302)
  * Templating: Replace all '$tag' in tag values query (#28343)
  * Docs: Add docs for valuepicker (#28327)
  * Git: Create .gitattributes for windows line endings (#28340)
  * Update auth-proxy.md (#28339)
  * area/grafana/toolkit: update e2e docker image (#28335)
  * AlertingNG: remove warn/crit from eval prototype (#28334)
  * Automation: Tweaks to more info message (#28332)
  * Loki: Run instant query only when doing metric query (#28325)
  * SAML: IdP-initiated SSO docs (#28280)
  * IssueTriage: Needs more info automation and messages (#28137)
  * GraphNG: Use AxisSide enum (#28320)
  * BackendSrv: Fixes queue countdown when unsubscribe is before response (#28323)
  * Automation: Add backport github action (#28318)
  * Build(deps): Bump http-proxy from 1.18.0 to 1.18.1 (#27507)
  * Bump handlebars from 4.4.3 to 4.7.6 (#27416)
  * Bump tree-kill from 1.2.1 to 1.2.2 (#27405)
  * Loki: Base maxDataPoints limits on query type (#28298)
  * Explore: respect min_refresh_interval (#27988)
  * Drone: Use ${DRONE_TAG} in release pipelines, since it should work (#28299)
  * Graph NG: fix toggling queries and extract Graph component from graph3 panel (#28290)
  * fix: for graph size not taking up full height or width
  * should only ignore the file in the grafana mixin root folder (#28306)
  * Drone: Fix grafana-mixin linting (#28308)
  * SQLStore: Run tests as integration tests (#28265)
  * Chore: Add cloud-middleware as code owners (#28310)
  * API: Fix short URLs (#28300)
  * CloudWatch: Add EC2CapacityReservations Namespace (#28309)
  * Jaeger: timeline collapser to show icons (#28284)
  * update latest.json with latest beta version (#28293)
  * Update changelog (#28292)
  * Docs : - Added period (#28260)
  * Add monitoring mixing for Grafana (#28285)
  * Chore: Update package.json (#28291)
  * Drone: Fix enterprise release pipeline (#28289)
  * Alerting: Append appSubUrl to back button on channel form (#28282)
- Rework package Makefile & README now that Grunt is gone
- Update to version 7.3.6:
  * fixes for saml vulnerability
  * [v7.3.x] Fix: Correct panel edit uistate migration (#29413) (#29711)
  * PanelEdit: Prevent the preview pane to be resized further than window height (#28370) (#29726)
  * Fix: Migrate Panel edit uiState percentage strings to number (#29412) (#29723)
  * 'Release: Updated versions in package to 7.3.5' (#29710)
  * Chore: upgrading y18n to 4.0.1 for security reasons (#29523) (#29709)
  * Panel: making sure we support all versions of chrome when detecting position of click event. (#29544) (#29708)
  * PanelEdit: making sure the correct datasource query editor is being rendered. (#29500) (#29707)
  * [v7.3.x] Auth: Add SigV4 header allowlist to reduce chances of verification issues (#29705)
  * Alerting: Use correct time series name override from frame fields (#29693) (#29698)
  * CloudWatch: namespace in search expression should be quoted if match exact is enabled #29109 (#29563) (#29687)
  * Adds go dep used by an Enterprise feature.  (#29645) (#29690)
  * instrumentation: align label name with our other projects (#29514) (#29685)
  * Instrumentation: Add examplars for request histograms (#29357) (#29682)
  * Login: Fixes typo in tooltip (#29604) (#29606)
  * fixes bug with invalid handler name for metrics (#29529) (#29532)
  * AzureMonitor: Unit MilliSeconds naming (#29399) (#29526)
  * Alarting: fix alarm messages in dingding (Fixes #29470) (#29482) (#29527)
  * Bug: trace viewer doesn't show more than 300 spans (#29377) (#29504)
  * Prometheus: don't override displayName property (#29441) (#29488)
  * resolve conflicts (#29415)
  * Drone: Upgrade build pipeline tool (#29365) (#29368)
  * Drone: Upload artifacts for release branch builds (#29297) (#29364)
  * Drone: Execute artifact publishing for both editions in parallel during release (#29362) (#29363)
  * Drone: Publish NPM packages after Storybook to avoid race condition (#29340) (#29343)
  * Docs: Fix editor role and alert notification channel description (#29301) (#29337)
  * 'Release: Updated versions in package to 7.3.4' (#29336)
  * Security: Fixes minor security issue with alert notification webhooks that allowed GET & DELETE requests #29330 (#29335)
  * Backport of InfluxDB: update flux library and support boolean label values #29333
  * ReleaseNotes: Update link in package.json (#29328)
  * Login: Fixes redirect url encoding issues of # %23 being unencoded after login (#29299) (#29323)
  * Drone: Upgrade build pipeline tool (#29308) (#29309)
  * Annotations: fixing so when changing annotations query links submenu will be updated. (#28990) (#29285)
  * Dashboard: Fixes kiosk state after being redirected to login page and back (#29273) (#29278)
  * Increase search limit on team add user and improve placeholder (#29258) (#29261)
  * Drone: Sync with master (#29205)
  * Drone: Fix publish-packages invocation (#29179) (#29184)
  * Chore: Upgrade grafana/build-ci-deploy image to latest Go (#29171) (#29180)
  * Table: Fix incorrect condtition for rendering table filter (#29165) (#29181)
  * DashboardLinks: will only refresh dashboard search when changing tags for link. (#29040) (#29177)
  * Drone: Upgrade build pipeline tool and build image (#29161) (#29162)
  * Release: Updated versions in package to 7.3.3 (#29126)
  * git cherry-pick -x 0f3bebb38daa488e108881ce17d4f68167a834e6 (#29155)
  * Build: support custom build tags (#28609) (#29128)
  * Revert 'Graph: Fixes stacking issues like floating bars when data is not aligned  (#29051) (#29088)' (#29151)
  * Provisioning: always pin app to the sidebar when enabled (#29084) (#29146)
  * build paths in an os independent way (#29143) (#29147)
  * Chore: Upgrade Go dev tools (#29124) (#29132)
  * Automatin: set node version
  * Automation: Adding version bump action
  * Drone: Fix Drone config verification for enterprise on Windows (#29118) (#29119)
  * [v7.3.x] Drone: Verify Drone config at beginning of pipelines (#29111)
  * Test Datasource/Bug: Fixes division by zero in csv metric values scenario (#29029) (#29068)
  * [v7.3.x] StatPanel: Fixes hanging issue when all values are zero (#29087)
  * Data source proxy: Convert 401 from data source to 400 (#28962) (#29095)
  * Graph: Fixes stacking issues like floating bars when data is not aligned  (#29051) (#29088)
  * Auth: Enable more complete credential chain for SigV4 default SDK auth option (#29065) (#29086)
  * Fix for multi-value template variable for project selector (#29042) (#29054)
  * Thresholds: Fixes color assigned to null values (#29010) (#29018)
  * [v7.3.x] Chore: Bump build pipeline version (#29025)
  * Release v7.3.2 (#29024)
  * Fix conflict (#29020)
  * StatPanels: Fixes auto min max when latest value is zero (#28982) (#29007)
  * Tracing: Add setting for sampling server (#29011) (#29015)
  * Gauge: making sure threshold panel json is correct before render (#28898) (#28984)
  * Variables: make sure that we support both old and new syntax for custom variables. (#28896) (#28985)
  * Explore: Remove redundant decodeURI and fix urls (#28697) (#28963)
  * [v7.3.x] Drone: Fix docs building (#28987)
  * Alerting: Append appSubUrl to back button on channel form (#28282) (#28983)
  * Plugins: allow override when allowing unsigned plugins (#28901) (#28927)
  * CloudWatch Logs: Change what we use to measure progress (#28912) (#28964)
  * Tracing: log traceID in request logger (#28952) (#28959)
  * Panel inspect: Interpolate variables in panel inspect title (#28779) (#28801)
  * UsageStats: start tracking usage stats for tempo (#28948) (#28951)
  * Short URL: Cleanup unvisited/stale short URLs (#28867) (#28944)
  *  Plugins signing: Fix docs urls (#28930) (#28934)
  * Chore: Fix spelling issue (#28904) (#28925)
  * API: replace SendLoginLogCommand with LoginHook (#28777) (#28891)
  * Elasticsearch: Exclude pipeline aggregations from order by options (#28620) (#28873)
  * Dashboards / Folders: delete related data (permissions, stars, tags, versions, annotations) when deleting a dashboard or a folder (#28826) (#28890)
  * Disable selecting enterprise plugins with no license (#28758) (#28859)
  * Tempo: fix test data source (#28836) (#28856)
  * Prometheus: fix missing labels from value (#28842) (#28855)
  * Units: added support to handle negative fractional numbers. (#28849) (#28851)
  * increase blob column size for encrypted dashboard data (#28831) (#28832)
  * Gauge: Improve font size auto sizing (#28797) (#28828)
  * Variables: Fixes URL values for dependent variables (#28798) (#28800)
  * grafana/toolkit: Extract CHANGELOG when building plugin (#28773) (#28774)
  * Templating: Custom variable edit UI, change text input into textarea  (#28312) (#28322) (#28704)
  * Cloudwatch: Fix issue with field calculation transform not working properly with Cloudwatch data (#28761) (#28775)
  * Plugin page: Fix dom validation warning (#28737) (#28741)
  * Dashboard: fix view panel mode for Safari / iOS (#28702) (#28755)
  * Fix typo in unsigned plugin warning (#28709) (#28722)
  * TableFilters: Fixes filtering with field overrides (#28690) (#28727)
  * Templating: Speeds up certain variable queries for Postgres, MySql and MSSql (#28686) (#28726)
  * Prometheus: Fix copy paste behaving as cut and paste (#28622) (#28691)

rhnlib:

- Require missing python-backports.ssl_match_hostname on SLE 11 (bsc#1183959)

spacecmd:

- Handle SIGPIPE without user-visible Exception (bsc#1181124)

spacewalk-client-tools:

- Fallback to sysfs when reading info from python-dmidecode fails (bsc#1182603)
- Log an error when product detection failed (bsc#1182339)

supportutils-plugin-salt:

- Fix yaml.load() warnings and issues with Python versions (bsc#1178072) (bsc#1181474)
- Fix errors when collecting data for salt-minion (bsc#1131670) 

zypp-plugin-spacewalk:

- Support for 'allow vendor change' for patching/upgrading


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1233-1
Released:    Thu Apr 15 17:21:08 2021
Summary:     Security update for grafana and system-user-grafana
Type:        security
Severity:    moderate
References:  1148383,1170557,1170657,1172409,1172450,1175951,1178243,CVE-2018-18623,CVE-2019-15043,CVE-2019-19499,CVE-2020-12052,CVE-2020-12245,CVE-2020-13379,CVE-2020-24303
This update for grafana and system-user-grafana fixes the following issues:

- Updated grafana to upstream version 7.3.1
  * CVE-2019-15043: In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use.
    This makes it possible to run a denial of service attack against the server running Grafana
  * CVE-2020-12245: Grafana before 6.7.3 allows table-panel XSS via column.title or cellLinkTooltip (bsc#1170557)
  * CVE-2020-13379: The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue.
    This vulnerability allows any unauthenticated user/client to make Grafana send HTTP requests to any URL and
    return its result to the user/client. This can be used to gain information about the network that Grafana is
    running on. Furthermore, passing invalid URL objects could be used for DOS'ing Grafana via SegFault (bsc#1172409)
  * CVE-2019-15043: In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use.
    This makes it possible to run a denial of service attack against the server running Grafana (bsc#1148383)
  * CVE-2020-12052: Grafana version below 6.7.3 is vulnerable for annotation popup XSS (bsc#1170657)
  * CVE-2020-24303: Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource. (bsc#1178243)
  * CVE-2018-18623: Grafana 5.3.1 has XSS via the 'Dashboard > Text Panel' screen (bsc#1172450)
  * CVE-2019-19499: Grafana versions below or equal to 6.4.3 has an Arbitrary File Read vulnerability, which
    could be exploited by an authenticated attacker that has privileges to modify the data source configurations (bsc#1175951)

  * Please refer to this package's changelog to get a full list of all changes (including bug fixes etc.)

- Initial shipment of system-user-grafana to SES 6
-----------------------------------------------------------------
Advisory ID: SUSE-OU-2021:1296-1
Released:    Wed Apr 21 14:09:28 2021
Summary:     Optional update for e2fsprogs
Type:        optional
Severity:    low
References:  1183791
This update for e2fsprogs fixes the following issues:

- Fixed an issue when building e2fsprogs (bsc#1183791)

This patch does not fix any user visible issues and is therefore optional to install.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1297-1
Released:    Wed Apr 21 14:10:10 2021
Summary:     Recommended update for systemd
Type:        recommended
Severity:    moderate
References:  1178219
This update for systemd fixes the following issues:

- Improved the logs emitted by systemd-shutdown during the shutdown process, when applications cannot
  be stopped properly and would leave mount points mounted.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1407-1
Released:    Wed Apr 28 15:49:02 2021
Summary:     Recommended update for libcap
Type:        recommended
Severity:    important
References:  1184690
This update for libcap fixes the following issues:

- Add explicit dependency on 'libcap2' with version to 'libcap-progs' and 'pam_cap'. (bsc#1184690)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1412-1
Released:    Wed Apr 28 17:09:28 2021
Summary:     Security update for libnettle
Type:        security
Severity:    important
References:  1184401,CVE-2021-20305
This update for libnettle fixes the following issues:

- CVE-2021-20305: Fixed the multiply function which was being called with out-of-range scalars (bsc#1184401).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1523-1
Released:    Wed May  5 18:24:20 2021
Summary:     Security update for libxml2
Type:        security
Severity:    moderate
References:  1185408,1185409,1185410,CVE-2021-3516,CVE-2021-3517,CVE-2021-3518
This update for libxml2 fixes the following issues:

- CVE-2021-3518: Fixed a use after free in xinclude.c:xmlXIncludeDoProcess (bsc#1185408).
- CVE-2021-3517: Fixed a heap based buffer overflow in entities.c:xmlEncodeEntitiesInternal (bsc#1185410).
- CVE-2021-3516: Fixed a use after free in entities.c:xmlEncodeEntitiesInternal (bsc#1185409).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1527-1
Released:    Thu May  6 08:58:53 2021
Summary:     Recommended update for bash
Type:        recommended
Severity:    important
References:  1183064
This update for bash fixes the following issues:

- Fixed a segmentation fault that used to occur when bash read a history file
  that was malformed in a very specific way. (bsc#1183064)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1543-1
Released:    Fri May  7 15:16:32 2021
Summary:     Recommended update for patterns-microos
Type:        recommended
Severity:    moderate
References:  1184435
This update for patterns-microos provides the following fix:

- Require the libvirt-daemon-qemu package and include the needed dependencies in the
  product. (bsc#1184435)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1549-1
Released:    Mon May 10 13:48:00 2021
Summary:     Recommended update for procps
Type:        recommended
Severity:    moderate
References:  1185417
This update for procps fixes the following issues:

- Support up to 2048 CPU as well. (bsc#1185417)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1565-1
Released:    Tue May 11 14:20:04 2021
Summary:     Recommended update for krb5
Type:        recommended
Severity:    moderate
References:  1185163
This update for krb5 fixes the following issues:

- Use '/run' instead of '/var/run' for daemon PID files. (bsc#1185163);

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2021:1592-1
Released:    Wed May 12 13:47:41 2021
Summary:     Optional update for sed
Type:        optional
Severity:    low
References:  1183797
This update for sed fixes the following issues:

- Fixed a building issue with glibc-2.31 (bsc#1183797).

This patch is optional to install.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1602-1
Released:    Thu May 13 16:35:19 2021
Summary:     Recommended update for libsolv, libzypp
Type:        recommended
Severity:    moderate
References:  1180851,1181874,1182936,1183628,1184997,1185239
This update for libsolv and libzypp fixes the following issues:

libsolv:

Upgrade from version 0.7.17 to version 0.7.19

- Fix rare segfault in `resolve_jobrules()` that could happen if new rules are learned.
- Fix memory leaks in error cases
- Fix error handling in `solv_xfopen_fd()`
- Fix regex code on win32
- fixed memory leak in choice rule generation
- `repo_add_conda`: add a flag to skip version 2 packages.

libzypp:

Upgrade from version 17.25.8 to version 17.25.10

- Properly handle permission denied when providing optional files. (bsc#1185239)
- Fix service detection with `cgroupv2`. (bsc#1184997)
- Add missing includes for GCC 11. (bsc#1181874)
- Fix unsafe usage of static in media verifier.
- `Solver`: Avoid segfault if no system is loaded. (bsc#1183628)
- `MediaVerifier`: Relax media set verification in case of a single not-volatile medium. (bsc#1180851)
- Do no cleanup in custom cache dirs. (bsc#1182936)
- `ZConfig`: let `pubkeyCachePath` follow `repoCachePath`.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1612-1
Released:    Fri May 14 17:09:39 2021
Summary:     Recommended update for openldap2
Type:        recommended
Severity:    moderate
References:  1184614
This update for openldap2 fixes the following issue:

- Provide `openldap2-contrib` to the modules SUSE Linux Enterprise Legacy 15-SP2 and 15-SP3. (bsc#1184614)
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1643-1
Released:    Wed May 19 13:51:48 2021
Summary:     Recommended update for pam
Type:        recommended
Severity:    important
References:  1181443,1184358,1185562
This update for pam fixes the following issues:

- Fixed a bug, where the 'unlimited'/'-1' value was not interpreted correctly (bsc#1181443)
- Fixed a bug, where pam_access interpreted the keyword 'LOCAL' incorrectly, leading to
  an attempt to resolve it as a hostname (bsc#1184358)
- In the 32-bit compatibility package for 64-bit architectures, require 'systemd-32bit' to be also installed as it contains pam_systemd.so for 32 bit applications. (bsc#1185562)


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1647-1
Released:    Wed May 19 13:59:12 2021
Summary:     Security update for lz4
Type:        security
Severity:    important
References:  1185438,CVE-2021-3520
This update for lz4 fixes the following issues:

- CVE-2021-3520: Fixed memory corruption due to an integer overflow bug caused by memmove argument (bsc#1185438).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1654-1
Released:    Wed May 19 16:43:36 2021
Summary:     Security update for libxml2
Type:        security
Severity:    important
References:  1185408,1185409,1185410,1185698,CVE-2021-3516,CVE-2021-3517,CVE-2021-3518,CVE-2021-3537
This update for libxml2 fixes the following issues:

- CVE-2021-3537: NULL pointer dereference in valid.c:xmlValidBuildAContentModel (bsc#1185698)
- CVE-2021-3518: Fixed a use after free in xinclude.c:xmlXIncludeDoProcess (bsc#1185408).
- CVE-2021-3517: Fixed a heap based buffer overflow in entities.c:xmlEncodeEntitiesInternal (bsc#1185410).
- CVE-2021-3516: Fixed a use after free in entities.c:xmlEncodeEntitiesInternal (bsc#1185409).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1809-1
Released:    Mon May 31 16:24:59 2021
Summary:     Security update for curl
Type:        security
Severity:    moderate
References:  1177976,1183933,1186114,CVE-2021-22876,CVE-2021-22898
This update for curl fixes the following issues:

- CVE-2021-22876: Fixed an issue where the automatic referer was leaking credentials (bsc#1183933).
- CVE-2021-22898: Fixed curl TELNET stack contents disclosure (bsc#1186114).
- Fix for SFTP uploads when it results in empty uploaded files (bsc#1177976).
- Allow partial chain verification (jsc#SLE-17956).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1861-1
Released:    Fri Jun  4 09:59:40 2021
Summary:     Recommended update for gcc10
Type:        recommended
Severity:    moderate
References:  1029961,1106014,1178577,1178624,1178675,1182016
This update for gcc10 fixes the following issues:

- Disable nvptx offloading for aarch64 again since it doesn't work
- Fixed a build failure issue. (bsc#1182016)
- Fix for memory miscompilation on 'aarch64'. (bsc#1178624, bsc#1178577)
- Fix 32bit 'libgnat.so' link. (bsc#1178675)
- prepare usrmerge: Install libgcc_s into %_libdir. ABI wise it stays /%lib. (bsc#1029961)
- Build complete set of multilibs for arm-none target. (bsc#1106014)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1917-1
Released:    Wed Jun  9 14:48:05 2021
Summary:     Security update for libxml2
Type:        security
Severity:    moderate
References:  1186015,CVE-2021-3541
This update for libxml2 fixes the following issues:

- CVE-2021-3541: Fixed exponential entity expansion attack bypasses all existing protection mechanisms. (bsc#1186015)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1953-1
Released:    Thu Jun 10 16:18:50 2021
Summary:     Recommended update for gpg2
Type:        recommended
Severity:    moderate
References:  1161268,1172308
This update for gpg2 fixes the following issues:

- Fixed an issue where the gpg-agent's ssh-agent does not handle flags 
  in signing requests properly (bsc#1161268 and bsc#1172308).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2143-1
Released:    Wed Jun 23 16:27:04 2021
Summary:     Security update for libnettle
Type:        security
Severity:    important
References:  1187060,CVE-2021-3580
This update for libnettle fixes the following issues:

- CVE-2021-3580: Fixed a remote denial of service in the RSA decryption via manipulated ciphertext (bsc#1187060).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2157-1
Released:    Thu Jun 24 15:40:14 2021
Summary:     Security update for libgcrypt
Type:        security
Severity:    important
References:  1187212,CVE-2021-33560
This update for libgcrypt fixes the following issues:

- CVE-2021-33560: Fixed a side-channel against ElGamal encryption, caused by missing exponent blinding (bsc#1187212).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2173-1
Released:    Mon Jun 28 14:59:45 2021
Summary:     Recommended update for automake
Type:        recommended
Severity:    moderate
References:  1040589,1047218,1182604,1185540,1186049
This update for automake fixes the following issues:

- Implement generated autoconf makefiles reproducible (bsc#1182604)
- Add fix to avoid date variations in docs. (bsc#1047218, jsc#SLE-17848)
- Avoid bashisms in test-driver script. (bsc#1185540)

This update for pcre fixes the following issues:

- Do not run profiling 'check' in parallel to make package build reproducible. (bsc#1040589)

This update for brp-check-suse fixes the following issues:

- Add fixes to support reproducible builds. (bsc#1186049) 


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2196-1
Released:    Tue Jun 29 09:41:39 2021
Summary:     Security update for lua53
Type:        security
Severity:    moderate
References:  1175448,1175449,CVE-2020-24370,CVE-2020-24371
This update for lua53 fixes the following issues:

Update to version 5.3.6:

- CVE-2020-24371: lgc.c mishandles the interaction between barriers and the sweep phase, leading to a memory access violation involving collectgarbage (bsc#1175449)
- CVE-2020-24370: ldebug.c allows a negation overflow and segmentation fault in getlocal and setlocal (bsc#1175448)
- Long brackets with a huge number of '=' overflow some internal buffer arithmetic.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2205-1
Released:    Wed Jun 30 09:17:41 2021
Summary:     Recommended update for openldap2
Type:        recommended
Severity:    important
References:  1187210
This update for openldap2 fixes the following issues:

- Resolve issues in the idle / connection 'TTL' timeout implementation in OpenLDAP. (bsc#1187210)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2246-1
Released:    Mon Jul  5 15:17:49 2021
Summary:     Recommended update for systemd
Type:        recommended
Severity:    moderate
References:  1154935,1167471,1178561,1184761,1184967,1185046,1185331,1185807,1185958,1187292,1187400
This update for systemd fixes the following issues:

  cgroup: Parse infinity properly for memory protections. (bsc#1167471)
  cgroup: Make empty assignments reset to default. (bsc#1167471)
  cgroup: Support 0-value for memory protection directives. (bsc#1167471)
  core/cgroup: Fixed an issue with ignored parameter of 'MemorySwapMax=0'. (bsc#1154935)
  bus-unit-util: Add proper 'MemorySwapMax' serialization.
  core: Accept MemorySwapMax= properties that are scaled.
  execute: Make sure to call into PAM after initializing resource limits. (bsc#1184967)
  core: Rename 'ShutdownWatchdogSec' to 'RebootWatchdogSec'. (bsc#1185331)
  Return -EAGAIN instead of -EALREADY from unit_reload. (bsc#1185046)
  rules: Don't ignore Xen virtual interfaces anymore. (bsc#1178561)
  write_net_rules: Set execute bits. (bsc#1178561)
  udev: Rework network device renaming.
  Revert 'Revert 'udev: Network device renaming - immediately give up if the target name isn't available''
    
  mount-util: tape over name_to_handle_at() flakiness (#7517) (bsc#1184761)
  core: fix output (logging) for mount units (#7603) (bsc#1187400)
  udev requires systemd in its %post (bsc#1185958)
  cgroup: Parse infinity properly for memory protections (bsc#1167471)
  cgroup: Make empty assignments reset to default (bsc#1167471)
  cgroup: Support 0-value for memory protection directives (bsc#1167471)
  Create /run/lock/subsys again (bsc#1187292)
  The creation of this directory was mistakenly dropped when
  'filesystem' package took the initialization of the generic paths
  over.
  Expect 644 permissions for /usr/lib/udev/compat-symlink-generation (bsc#1185807)
  
  

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2320-1
Released:    Wed Jul 14 17:01:06 2021
Summary:     Security update for sqlite3
Type:        security
Severity:    important
References:  1157818,1158812,1158958,1158959,1158960,1159491,1159715,1159847,1159850,1160309,1160438,1160439,1164719,1172091,1172115,1172234,1172236,1172240,1173641,928700,928701,CVE-2015-3414,CVE-2015-3415,CVE-2019-19244,CVE-2019-19317,CVE-2019-19603,CVE-2019-19645,CVE-2019-19646,CVE-2019-19880,CVE-2019-19923,CVE-2019-19924,CVE-2019-19925,CVE-2019-19926,CVE-2019-19959,CVE-2019-20218,CVE-2020-13434,CVE-2020-13435,CVE-2020-13630,CVE-2020-13631,CVE-2020-13632,CVE-2020-15358,CVE-2020-9327
This update for sqlite3 fixes the following issues:

- Update to version 3.36.0
- CVE-2020-15358: heap-based buffer overflow in multiSelectOrderBy due to mishandling of query-flattener
  optimization (bsc#1173641)
- CVE-2020-9327: NULL pointer dereference and segmentation fault because of generated column optimizations in
  isAuxiliaryVtabOperator (bsc#1164719)
- CVE-2019-20218: selectExpander in select.c proceeds with WITH stack unwinding even after a parsing error (bsc#1160439)
- CVE-2019-19959: memory-management error via ext/misc/zipfile.c involving embedded '\0' input (bsc#1160438)
- CVE-2019-19923: improper handling  of  certain uses of SELECT DISTINCT in flattenSubquery may lead to null pointer
  dereference (bsc#1160309)
- CVE-2019-19924: improper error handling in sqlite3WindowRewrite() (bsc#1159850)
- CVE-2019-19925: improper handling of NULL pathname during an update of a ZIP archive (bsc#1159847)
- CVE-2019-19926: improper handling  of certain errors during parsing  multiSelect in select.c (bsc#1159715)
- CVE-2019-19880: exprListAppendList in window.c allows attackers to trigger an invalid pointer dereference
  (bsc#1159491)
- CVE-2019-19603: during handling of CREATE TABLE and CREATE VIEW statements, does not consider confusion with
  a shadow table name (bsc#1158960)
- CVE-2019-19646: pragma.c mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated
  columns (bsc#1158959)
- CVE-2019-19645: alter.c allows attackers to trigger infinite recursion via certain types of self-referential views
  in conjunction with ALTER TABLE statements (bsc#1158958)
- CVE-2019-19317: lookupName in resolve.c omits bits from the colUsed bitmask in the case of a generated column,
  which allows attackers to cause a denial of service (bsc#1158812)
- CVE-2019-19244: sqlite3,sqlite2,sqlite: The function sqlite3Select in select.c allows a crash if a
  sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage (bsc#1157818)
- CVE-2015-3415: sqlite3VdbeExec comparison operator vulnerability (bsc#928701)
- CVE-2015-3414: sqlite3,sqlite2: dequoting of collation-sequence names (bsc#928700)
- CVE-2020-13434: integer overflow in sqlite3_str_vappendf (bsc#1172115)
- CVE-2020-13630: (bsc#1172234: use-after-free in fts3EvalNextRow
- CVE-2020-13631: virtual table allowed to be renamed to one of its shadow tables (bsc#1172236)
- CVE-2020-13632: NULL pointer dereference via crafted matchinfo() query (bsc#1172240)
- CVE-2020-13435: Malicious SQL statements could have crashed the process that is running SQLite (bsc#1172091)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2404-1
Released:    Tue Jul 20 14:21:30 2021
Summary:     Security update for systemd
Type:        security
Severity:    moderate
References:  1184994,1188063,CVE-2021-33910
This update for systemd fixes the following issues:

- CVE-2021-33910: Fixed a denial of service in systemd via unit_name_path_escape() (bsc#1188063)
- Skip udev rules if 'elevator=' is used (bsc#1184994)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2440-1
Released:    Wed Jul 21 13:48:24 2021
Summary:     Security update for curl
Type:        security
Severity:    moderate
References:  1188217,1188218,1188219,1188220,CVE-2021-22922,CVE-2021-22923,CVE-2021-22924,CVE-2021-22925
This update for curl fixes the following issues:

- CVE-2021-22925: TELNET stack contents disclosure again. (bsc#1188220)
- CVE-2021-22924: Bad connection reuse due to flawed path name checks. (bsc#1188219)
- CVE-2021-22923: Insufficiently Protected Credentials. (bsc#1188218)
- CVE-2021-22922: Wrong content via metalink not discarded. (bsc#1188217)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2660-1
Released:    Thu Aug 12 12:01:22 2021
Summary:     Security update for grafana
Type:        security
Severity:    important
References:  1183803,1183809,1183811,1183813,1184371,CVE-2021-27358,CVE-2021-27962,CVE-2021-28146,CVE-2021-28147,CVE-2021-28148
This update for grafana fixes the following issues:

- CVE-2021-27358: unauthenticated remote attackers to trigger a Denial of Service via a remote API call (bsc#1183803)
- Update to version 7.5.7:
  * Updated relref to 'Configuring exemplars' section (#34240) (#34243)
  * Added exemplar topic (#34147) (#34226)
  * Quota: Do not count folders towards dashboard quota (#32519) (#34025)
  * Instructions to separate emails with semicolons (#32499) (#34138)
  * Docs: Remove documentation of v8 generic OAuth feature (#34018)
  * Annotations: Prevent orphaned annotation tags cleanup when no annotations were cleaned (#33957) (#33975)
  * [GH-33898] Add missing --no-cache to Dockerfile. (#33906) (#33935)
  * ReleaseNotes: Updated changelog and release notes for 7.5.6 (#33932) (#33936)
  * Stop hoisting @icons/material (#33922)
  * Chore: fix react-color version in yarn.lock (#33914)
  * 'Release: Updated versions in package to 7.5.6' (#33909)
  * Loki: fix label browser crashing when + typed (#33900) (#33901)
  * Document `hide_version` flag (#33670) (#33881)
  * Add isolation level db configuration parameter (#33830) (#33878)
  * Sanitize PromLink button (#33874) (#33876)
  * Removed content as per MarcusE's suggestion in https://github.com/grafana/grafana/issues/33822. (#33870) (#33872)
  * Docs feedback: /administration/provisioning.md (#33804) (#33842)
  * Docs: delete from high availability docs references to removed configurations related to session storage (#33827) (#33851)
  * Docs: Update _index.md (#33797) (#33799)
  * Docs: Update installation.md (#33656) (#33703)
  * GraphNG: uPlot 1.6.9 (#33598) (#33612)
  * dont consider invalid email address a failed email (#33671) (#33681)
  * InfluxDB: Improve measurement-autocomplete behavior in query editor (#33494) (#33625)
  * add template for dashboard url parameters  (#33549) (#33588)
  * Add note to Snapshot API doc to specify that user has to provide the entire dashboard model  (#33572) (#33586)
  * Update team.md (#33454) (#33536)
  * Removed duplicate file 'dashboard_folder_permissions.md (#33497)
  * Document customQueryParameters for prometheus datasource provisioning (#33440) (#33495)
  * ReleaseNotes: Updated changelog and release notes for 7.5.5 (#33473) (#33492)
  * Documentation: Update developer-guide.md (#33478) (#33490)
  * add closed parenthesis to fix a hyperlink (#33471) (#33481)

- Update to version 7.5.5:
  * 'Release: Updated versions in package to 7.5.5' (#33469)
  * GraphNG: Fix exemplars window position (#33427) (#33462)
  * Remove field limitation from slack notification (#33113) (#33455)
  * Prometheus: Support POST in template variables (#33321) (#33441)
  * Instrumentation: Add success rate metrics for email notifications (#33359) (#33409)
  * Use either moment objects (for absolute times in the datepicker) or string (for relative time) (#33315) (#33406)
  * Docs: Removed type from find annotations example. (#33399) (#33403)
  * [v7.5.x]: FrontendMetrics: Adds new backend api that frontend can use to push frontend measurements and counters to prometheus (#33255)
  * Updated label for add panel. (#33285) (#33286)
  * Bug: Add git to Dockerfile.ubuntu (#33247) (#33248)
  * Docs: Sync latest master docs with 7.5.x (#33156)
  * Docs: Update getting-started-influxdb.md (#33234) (#33241)
  * Doc: Document the X-Grafana-Org-Id HTTP header (#32478) (#33239)
  * Minor Changes in Auditing.md (#31435) (#33238)
  * Docs: Add license check endpoint doc (#32987) (#33236)
  * Postgres: Fix time group macro when TimescaleDB is enabled and interval is less than a second (#33153) (#33219)
  * Docs: InfluxDB doc improvements (#32815) (#33185)
  * [v7.5.x] Loki: Pass Skip TLS Verify setting to alert queries (#33031)
  * update cla (#33181)
  * Fix inefficient regular expression (#33155) (#33159)
  * Auth: Don't clear auth token cookie when lookup token fails (#32999) (#33136)
  * Elasticsearch:  Add documentation for supported Elasticsearch query transformations (#33072) (#33128)
  * Update team.md (#33060) (#33084)
  * GE issue 1268 (#33049) (#33081)
  * Fixed some formatting issues for PRs from yesterday. (#33078) (#33079)
  * Explore: Load default data source in Explore when the provided source does not exist (#32992) (#33061)
  * Docs: Replace next with latest in aliases (#33054) (#33059)
  * Added missing link item. (#33052) (#33055)
  * Backport 33034 (#33038)
  * Docs: Backport 32916 to v7.5x  (#33008)
  * ReleaseNotes: Updated changelog and release notes for 7.5.4 (#32973) (#32998)
  * Elasticsearch: Force re-rendering of each editor row type change (#32993) (#32996)
  * Docs: Sync release branch with latest docs (#32986)

- Update to version 7.5.4:
  * 'Release: Updated versions in package to 7.5.4' (#32971)
  * fix(datasource_srv): prevent infinite loop where default datasource is named default (#32949) (#32967)
  * Added Azure Monitor support for Microsoft.AppConfiguration/configurationStores namespace (#32123) (#32968)
  * fix sqlite3 tx retry condition operator precedence (#32897) (#32952)
  * AzureMonitor: Add support for Virtual WAN namespaces (#32935) (#32947)
  * Plugins: Allow a non-dashboard page to be the default home page (#32926) (#32945)
  * GraphNG: uPlot 1.6.8 (#32859) (#32863)
  * Alerting: Add ability to include aliases with dashes (/) and at (@) signs in InfluxDB (#32844)
  * Prometheus: Allow exemplars endpoint in data source proxy (#32802) (#32804)
  * [v7.5.x] Table: Fixes table data links so they refer to correct row after sorting (#32758)
  * TablePanel: Makes sorting case-insensitive (#32435) (#32752)

- Update to version 7.5.3:
  * 'Release: Updated versions in package to 7.5.3' (#32745)
  * FolderPicker: Prevent dropdown menu from disappearing off screen (#32603) (#32741)
  * Loki: Remove empty annotations tags (#32359) (#32490)
  * SingleStat: fix wrong call to getDataLinkUIModel (#32721) (#32739)
  * Prometheus: Fix instant query to run two times when exemplars enabled (#32508) (#32726)
  * Elasticsearch: Fix bucket script variable duplication in UI (#32705) (#32714)
  * Variables: Confirms selection before opening new picker (#32586) (#32710)
  * CloudWarch: Fix service quotas link (#32686) (#32689)
  * Configuration: Prevent browser hanging / crashing with large number of org users (#32546) (#32598)
  * chore: bump execa to v2.1.0 (#32543) (#32592)
  * Explore: Fix bug where navigating to explore would result in wrong query and datasource to be shown (#32558)
  * Fix broken gtime tests (#32582) (#32587)
  * resolve conflicts (#32567)
  * gtime: Make ParseInterval deterministic (#32539) (#32560)
  * Dashboard: No longer includes default datasource when externally exporting dashboard with row (#32494) (#32535)
  * TextboxVariable: Limits the length of the preview value (#32472) (#32530)
  * AdHocVariable: Adds default data source (#32470) (#32476)
  * Variables: Fixes Unsupported data format error for null values (#32480) (#32487)
  * Prometheus: align exemplars check to latest api change (#32513) (#32515)
  * 'Release: Updated versions in package to 7.5.2' (#32502)
  * SigV4: Add support EC2 IAM role auth and possibility to toggle auth providers  (#32444) (#32488)
  * Set spanNulls to default (#32471) (#32486)
  * Graph: Fix setting right y-axis when standard option unit is configured (#32426) (#32442)
  * API: Return 409 on datasource version conflict (#32425) (#32433)
  * API: Return 400 on invalid Annotation requests (#32429) (#32431)
  * Variables: Fixes problem with data source variable when default ds is selected (#32384) (#32424)
  * Table: Fixes so links work for image cells (#32370) (#32410)
  * Variables: Fixes error when manually non-matching entering custom value in variable input/picker (#32390) (#32394)
  * DashboardQueryEditor: Run query after selecting source panel (#32383) (#32395)
  * API: Datasource endpoint should return 400 bad request if id and orgId is invalid (#32392) (#32397)
  * 'Release: Updated versions in package to 7.5.1' (#32362)
  * MSSQL: Upgrade go-mssqldb (#32347) (#32361)
  * GraphNG: Fix tooltip displaying wrong or no data (#32312) (#32348)
  * 'Release: Updated versions in package to 7.5.0' (#32308)
  * Loki: Fix text search in Label browser (#32293) (#32306)
  * Explore: Show all dataFrames in data tab in Inspector (#32161) (#32299)
  * PieChartV2: Add migration from old piechart (#32259) (#32291)
  * LibraryPanels: Adds Type and Description to DB (#32258) (#32288)
  * LibraryPanels: Prevents deletion of connected library panels (#32277) (#32284)
  * Library Panels: Add 'Discard' button to panel save modal (#31647) (#32281)
  * LibraryPanels: Changes to non readonly reducer (#32193) (#32200)
  * Notifications: InfluxDB - Fix regex to include metrics with hyphen in aliases (#32224) (#32262)
  * SSE/InfluxDB: Change InfluxQL to work with server side expressions (#31691) (#32102)
  * DashboardSettings: Fixes issue with tags list not updating when changes are made (#32241) (#32247)
  * Logs: If log message missing, use empty string (#32080) (#32243)
  * CloudWatch: Use latest version of aws sdk (#32217) (#32223)
  * Release: Updated versions in package to 7.5.0-beta.2 (#32158)
  * HttpServer: Make read timeout configurable but disabled by default (#31575) (#32154)
  * GraphNG: Ignore string fields when building data for uPlot in GraphNG (#32150) (#32151)
  * Fix loading timezone info on windows (#32029) (#32149)
  * SQLStore: Close session in withDbSession (#31775) (#32108)
  * Remove datalink template suggestions for accessing specific fields when there are multiple dataframes. (#32057) (#32148)
  * GraphNG: make sure dataset and config are in sync when initializing and re-initializing uPlot (#32106) (#32125)
  * MixedDataSource: Name is updated when data source variable changes (#32090) (#32144)
  * Backport 32005 to v7.5.x #32128 (#32130)
  * Loki: Label browser UI updates (#31737) (#32119)
  * ValueMappings: Fixes value 0 not being mapped (#31924) (#31929)
  * GraphNG: Fix tooltip series color for multi data frame scenario (#32098) (#32103)
  * LibraryPanels: Improves the Get All experience (#32028) (#32093)
  * Grafana/ui: display all selected levels for selected value when searching (#32030) (#32032)
  * Exemplars: always query exemplars (#31673) (#32024)
  * [v7.5.x] TimePicker: Fixes hidden time picker shown in kiosk TV mode (#32055)
  * Chore: Collect elasticsearch version usage stats (#31787) (#32063)
  * Chore: Tidy up Go deps (#32053)
  * GraphNG: Fix PlotLegend field display name being outdated (#32064) (#32066)
  * Data proxy: Fix encoded characters in URL path should be proxied encoded (#30597) (#32060)
  * [v7.5.x] Auth: Allow soft token revocation (#32037)
  * Snapshots: Fix usage of sign in link from the snapshot page (#31986) (#32036)
  * Make master green (#32011) (#32015)
  * Query editor: avoid avoiding word wrap on query editor components (#31949) (#31982)
  * Variables: Fixes filtering in picker with null items (#31979) (#31995)
  * TooltipContainer - use resize observer instead of getClientBoundingRect (#31937) (#32003)
  * Loki: Fix autocomplete when re-editing Loki label values (#31828) (#31987)
  * Loki: Fix type errors in language_provider (#31902) (#31945)
  * PanelInspect: Interpolates variables in CSV file name (#31936) (#31977)
  * Cloudwatch: use shared library for aws auth (#29550) (#31946)
  * Tooltip: partial perf improvement (#31774) (#31837) (#31957)
  * Backport 31913 to v7.5.x (#31955)
  * Grafana/ui: fix searchable options for Cascader with options update (#31906) (#31938)
  * Variables: Do not reset description on variable type change (#31933) (#31939)
  * [v7.5.x] AnnotationList: Adds spacing to UI  (#31888) (#31894)
  * Elasticseach: Support histogram fields (#29079) (#31914)
  * Chore: upgrade eslint and fork-ts-checker-webpack-plugin (#31854) (#31896)
  * Update scripts and Dockerfiles to use Go 1.16.1 (#31881) (#31891)
  * Templating: use dashboard timerange when variables are set to refresh 'On Dashboard Load' (#31721) (#31801)
  * [v7.5.x] Tempo: Add test for backend data source (#31835) (#31882)
  * Run go mod tidy to update go.mod and go.sum (#31859)
  * Grafana/ui: display all selected levels for Cascader (#31729) (#31862)
  * CloudWatch: Consume the grafana/aws-sdk (#31807) (#31861)
  * Cloudwatch: ListMetrics API page limit (#31788) (#31851)
  * Remove invalid attribute (#31848) (#31850)
  * CloudWatch: Restrict auth provider and assume role usage according to… (#31845)
  * CloudWatch: Add support for EC2 IAM role (#31804) (#31841)
  * Loki, Prometheus: Change the placement for query type explanation (#31784) (#31819)
  * Variables: Improves inspection performance and unknown filtering (#31811) (#31813)
  * Change piechart plugin state to beta (#31797) (#31798)
  * ReduceTransform: Include series with numeric string  names (#31763) (#31794)
  * Annotations: Make the annotation clean up batch size configurable (#31487) (#31769)
  * Fix escaping in ANSI and dynamic button removal (#31731) (#31767)
  * DataLinks: Bring back single click links for Stat, Gauge and BarGauge panel (#31692) (#31718)
  * log skipped, performed and duration for migrations (#31722) (#31754)
  * Search: Make items more compact (#31734) (#31750)
  * loki_datasource: add documentation to label_format and line_format (#31710) (#31746)
  * Tempo: Convert tempo to backend data source2 (#31733)
  * Elasticsearch: Fix script fields in query editor (#31681) (#31727)
  * Elasticsearch: revert to isoWeek when resolving weekly indices (#31709) (#31717)
  * Admin: Keeps expired api keys visible in table after delete (#31636) (#31675)
  * Tempo: set authentication header properly (#31699) (#31701)
  * Tempo: convert to backend data source (#31618) (#31695)
  * Update package.json (#31672)
  * Release: Bump version to 7.5.0-beta.1 (#31664)
  * Fix whatsNewUrl version to 7.5 (#31666)
  * Chore: add alias for what's new 7.5 (#31669)
  * Docs: Update doc for PostgreSQL authentication (#31434)
  * Docs: document report template variables (#31637)
  * AzureMonitor: Add deprecation message for App Insights/Insights Analytics (#30633)
  * Color: Fixes issue where colors where reset to gray when switch panels (#31611)
  * Live: Use pure WebSocket transport (#31630)
  * Docs: Fix broken image link (#31661)
  * Docs: Add Whats new in 7.5 (#31659)
  * Docs: Fix links for 7.5 (#31658)
  * Update enterprise-configuration.md (#31656)
  * Explore/Logs: Escaping of incorrectly escaped log lines (#31352)
  * Tracing: Small improvements to trace types (#31646)
  * Update _index.md (#31645)
  * AlertingNG: code refactoring (#30787)
  * Remove pkill gpg-agent (#31169)
  * Remove format for plugin routes (#31633)
  * Library Panels: Change unsaved change detection logic (#31477)
  * CloudWatch: Added AWS Timestream Metrics and Dimensions (#31624)
  * add new metrics and dimensions (#31595)
  * fix devenv dashboard content typo (#31583)
  * DashList: Sort starred and searched dashboard alphabetically (#31605)
  * Docs: Update whats-new-in-v7-4.md (#31612)
  * SSE: Add 'Classic Condition' on backend (#31511)
  * InfluxDB: Improve maxDataPoints error-message in Flux-mode, raise limits (#31259)
  * Alerting: PagerDuty: adding current state to the payload (#29270)
  * devenv: Fix typo (#31589)
  * Loki: Label browser (#30351)
  * LibraryPanels: No save modal when user is on same dashboard (#31606)
  * Bug: adding resolution for `react-use-measure` to prevent plugin tests from failing. (#31603)
  * Update node-graph.md (#31571)
  * test: pass Cypress options objects into selector wrappers (#31567)
  * Loki: Add support for alerting (#31424)
  * Tracing: Specify type of the data frame that is expected for TraceView (#31465)
  * LibraryPanels: Adds version column (#31590)
  * PieChart: Add color changing options to pie chart (#31588)
  * Explore: keep enabled/disabled state in angular based QueryEditors correctly (#31558)
  * Bring back correct legend sizing afer PlotLegend refactor (#31582)
  * Alerting: Fix bug in Discord for when name for metric value is absent (#31257)
  * LibraryPanels: Deletes library panels during folder deletion (#31572)
  * chore: bump lodash to 4.17.21 (#31549)
  * Elasticsearch: Fix impossibility to perform non-logs queries after importing queries from loki or prometheus in explore (#31518)
  * TestData: Fixes never ending annotations scenario (#31573)
  * CloudWatch: Added AWS Network Firewall metrics and dimensions (#31498)
  * propagate plugin unavailable message to UI (#31560)
  * ConfirmButton: updates story from knobs to controls (#31476)
  * Loki: Refactor line limit to use grafana/ui component (#31509)
  * LibraryPanels: Adds folder checks and permissions (#31473)
  * Add guide on custom option editors (#31254)
  * PieChart: Update text color and minor changes (#31546)
  * Grafana-data: bump markedjs to v2.x to resolve vulnerability (#31036)
  * Chore(deps): Bump google.golang.org/api from 0.39.0 to 0.40.0 (#31210)
  * PieChart: Improve piechart legend and options (#31446)
  * Chore(deps): Bump google.golang.org/grpc from 1.35.0 to 1.36.0 (#31541)
  * Chore(deps): Bump github.com/aws/aws-sdk-go from 1.37.7 to 1.37.20 (#31538)
  * Chore(deps): Bump github.com/prometheus/common from 0.17.0 to 0.18.0 (#31539)
  * Add multiselect options ui (#31501)
  * Profile: Fixes profile preferences being accessible when anonymous access was enabled (#31516)
  * Variables: Fixes error with: cannot read property length of undefined (#31458)
  * Explore: Show ANSI colored logs in logs context (#31510)
  * LogsPanel: Show all received logs  (#31505)
  * AddPanel: Design polish  (#31484)
  * TimeSeriesPanel: Remove unnecessary margin from legend  (#31467)
  * influxdb: flux: handle is-hidden (#31324)
  * Graph: Fix tooltip not showing when close to the edge of viewport  (#31493)
  * FolderPicker: Remove useNewForms from FolderPicker (#31485)
  * Add reportVariables feature toggle (#31469)
  * Grafana datasource: support multiple targets (#31495)
  * Update license-restrictions.md (#31488)
  * Docs: Derived fields links in logs detail view (#31482)
  * Docs: Add new data source links to Enterprise page (#31480)
  * Convert annotations to dataframes (#31400)
  * ReleaseNotes: Updated changelog and release notes for v7.4.2 (#31475)
  * GrafanaUI: Fixes typescript error for missing css prop (#31479)
  * Login: handle custom token creation error messages (#31283)
  * Library Panels: Don't list current panel in available panels list (#31472)
  * DashboardSettings: Migrate Link Settings to React (#31150)
  * Frontend changes for library panels feature (#30653)
  * Alerting notifier SensuGo: improvements in default message (#31428)
  * AppPlugins: Options to disable showing config page in nav (#31354)
  * add aws config (#31464)
  * Heatmap: Fix missing/wrong value in heatmap legend (#31430)
  * Chore: Fixes small typos (#31461)
  * Graphite/SSE: update graphite to work with server side expressions (#31455)
  * update the lastest version to 7.4.3 (#31457)
  * ReleaseNotes: Updated changelog and release notes for 7.4.3 (#31454)
  * AWS: Add aws plugin configuration (#31312)
  * Revert ''Release: Updated versions in package to 7.4.3' (#31444)' (#31452)
  * Remove UserSyncInfo.tsx (#31450)
  * Elasticsearch: Add word highlighting to search results (#30293)
  * Chore: Fix eslint react hook warnings in grafana-ui (#31092)
  * CloudWatch: Make it possible to specify custom api endpoint (#31402)
  * Chore: fixed incorrect naming for disable settings (#31448)
  * TraceViewer: Fix show log marker in spanbar (#30742)
  * LibraryPanels: Adds permissions to getAllHandler (#31416)
  * NamedColorsPalette: updates story from knobs to controls (#31443)
  * 'Release: Updated versions in package to 7.4.3' (#31444)
  * ColorPicker: updates story from knobs to controls (#31429)
  * Streaming: Fixes an issue with time series panel and streaming data source when scrolling back from being out of view (#31431)
  * ClipboardButton: updates story from knobs to controls (#31422)
  * we should never log unhashed tokens (#31432)
  * CI: Upgrade Dockerfiles wrt. Go, Node, Debian (#31407)
  * Elasticsearch: Fix query initialization logic & query transformation from Promethous/Loki (#31322)
  * Postgres: allow providing TLS/SSL certificates as text in addition to file paths (#30353)
  * CloudWatch: Added AWS Ground Station metrics and dimensions (#31362)
  * TraceViewer: Fix trace to logs icon to show in right pane (#31414)
  * add hg team as migrations code owners (#31420)
  * Remove tidy-check script (#31423)
  * InfluxDB: handle columns named 'table' (#30985)
  * Prometheus: Use configured HTTP method for /series and /labels endpoints (#31401)
  * Devenv: Add gdev-influxdb2 data source (#31250)
  * Update grabpl from 0.5.38 to 0.5.42 version (#31419)
  * Move NOOP_CONTROL to storybook utils and change to a standalone file (#31421)
  * remove squadcast details from docs (#31413)
  * Add new Cloudwatch AWS/DDoSProtection metrics and dimensions (#31297)
  * Logging: add frontend logging helpers to @grafana/runtime package (#30482)
  * CallToActionCard: updates story from knobs to controls (#31393)
  * Add eu-south-1 cloudwatch region, closes #31197 (#31198)
  * Chore: Upgrade eslint packages (#31408)
  * Cascader: updates story from knobs to controls (#31399)
  * addressed issues 28763 and 30314. (#31404)
  * Added section Query a time series database by id (#31337)
  * Prometheus: Change default httpMethod for new instances to POST (#31292)
  * Data source list: Use Card component (#31326)
  * Chore: Remove gotest.tools dependency (#31391)
  * Revert 'StoryBook: Introduces Grafana Controls (#31351)' (#31388)
  * Chore(deps): Bump github.com/prometheus/common from 0.15.0 to 0.17.0 (#31387)
  * AdHocVariables: Fixes crash when values are stored as numbers (#31382)
  * Chore(deps): Bump github.com/golang/mock from 1.4.4 to 1.5.0 (#31379)
  * Chore: Fix strict errors, down to 416 (#31365)
  * Chore(deps): Bump github.com/getsentry/sentry-go from 0.9.0 to 0.10.0 (#31378)
  * StoryBook: Introduces Grafana Controls (#31351)
  * ReleaseNotes: Updated changelog and release notes for 7.4.2 (#31313)
  * Theming: Support for runtime theme switching and hooks for custom themes (#31301)
  * Devenv: Remove old-versioned loki blocks and update prometheus2 block  (#31282)
  * Zipkin: Show success on test data source (#30829)
  * Update grot template (needs more info) (#31350)
  * DatasourceSrv: Fix instance retrieval when datasource variable value set to 'default' (#31347)
  * TimeSeriesPanel: Fixes overlapping time axis ticks (#31332)
  * Grafana/UI: Add basic legend to the PieChart (#31278)
  * SAML: single logout only enabled in enterprise (#31325)
  * QueryEditor: handle query.hide changes in angular based query-editors (#31336)
  * DashboardLinks: Fixes another issue where dashboard links cause full page reload (#31334)
  * LibraryPanels: Syncs panel title with name (#31311)
  * Chore: Upgrade golangci-lint (#31330)
  * Add info to docs about concurrent session limits (#31333)
  * Table: Fixes issue with fixed min and auto max with bar gauge cell (#31316)
  * BarGuage: updates story from knobs to controls (#31223)
  * Docs: Clarifies how to add Key/Value pairs (#31303)
  * Usagestats: Exclude folders from total dashboard count (#31320)
  * ButtonCascader: updates story from knobs to controls (#31288)
  * test: allow check for Table as well as Graph for Explore e2e flow (#31290)
  * Grafana-UI: Update tooltip type (#31310)
  * fix 7.4.2 release note (#31299)
  * Add `--tries 3` arg when triggering e2e-tests upon releasing (#31285)
  * Chore: reduce strict errors for variables (#31241)
  * update latest release version (#31296)
  * ReleaseNotes: Updated changelog and release notes for 7.4.2 (#31291)
  * Correct name of Discord notifier tests (#31277)
  * Docs: Clarifies custom date formats for variables (#31271)
  * BigValue: updates story from knobs to controls (#31240)
  * Docs: Annotations update (#31194)
  * Introduce functions for interacting with library panels API (#30993)
  * Search: display sort metadata (#31167)
  * Folders: Editors should be able to edit name and delete folders (#31242)
  * Make Datetime local (No date if today) working (#31274)
  * UsageStats: Purpose named variables (#31264)
  * Snapshots: Disallow anonymous user to create snapshots (#31263)
  * only update usagestats every 30min (#31131)
  * Chore: grafana-toolkit uses grafana-ui and grafana-data workspaces (#30701)
  * Grafana-UI: Add id to Select to make it easier to test (#31230)
  * Prometheus: Fix enabling of disabled queries when editing in dashboard (#31055)
  * UI/Card: Fix handling of 'onClick' callback (#31225)
  * Loki: Add line limit for annotations (#31183)
  * Remove deprecated and breaking loki config field (#31227)
  * SqlDataSources: Fixes the Show Generated SQL button in query editors (#31236)
  * LibraryPanels: Disconnect before connect during dashboard save (#31235)
  * Disable Change Password for OAuth users (#27886)
  * TagsInput: Design update and component refactor (#31163)
  * Variables: Adds back default option for data source variable (#31208)
  * IPv6: Support host address configured with enclosing square brackets (#31226)
  * Postgres: Fix timeGroup macro converts long intervals to invalid numbers when TimescaleDB is enabled (#31179)
  * GraphNG: refactor core to class component (#30941)
  * Remove last synchronisation field from LDAP debug view (#30984)
  * Chore: Upgrade grafana-plugin-sdk-go to v0.88.0 (#30975)
  * Graph: Make axes unit option work even when field option unit is set (#31205)
  * AlertingNG:  Test definition  (#30886)
  * Docs: Update Influx config options (#31146)
  * WIP: Skip this call when we skip migrations (#31216)
  * use 0.1.0 (#31215)
  * DataSourceSrv: Filter out non queryable data sources by default (#31144)
  * QueryEditors: Fixes issue that happens after moving queries then editing would update other queries (#31193)
  * Chore: report eslint no-explicit-any errors to metrics (#31182)
  * Chore(deps): Bump cloud.google.com/go/storage from 1.12.0 to 1.13.0 (#31211)
  * Chore(deps): Bump xorm.io/xorm from 0.8.1 to 0.8.2 (#30773)
  * Alerting: Fix modal text for deleting obsolete notifier (#31171)
  * Chore(deps): Bump github.com/linkedin/goavro/v2 from 2.9.7 to 2.10.0 (#31204)
  * Variables: Fixes missing empty elements from regex filters (#31156)
  * StatPanels: Fixes to palette color scheme is not cleared when loading panel (#31126)
  * Fixed the typo. (#31189)
  * Docs: Rewrite preferences docs (#31154)
  * Explore/Refactor: Simplify URL handling (#29173)
  * DashboardLinks: Fixes links always cause full page reload (#31178)
  * Replace PR with Commit truncated hash when build fails (#31177)
  * Alert: update story to use controls (#31145)
  * Permissions: Fix team and role permissions on folders/dashboards not displayed for non Grafana Admin users (#31132)
  * CloudWatch: Ensure empty query row errors are not passed to the panel (#31172)
  * Update prometheus.md (#31173)
  * Variables: Extend option pickers to accept custom onChange callback (#30913)
  * Prometheus: Multiply exemplars timestamp to follow api change (#31143)
  * DashboardListPanel: Fixes issue with folder picker always showing All and using old form styles (#31160)
  * Add author name and pr number in drone pipeline notifications (#31124)
  * Prometheus: Add documentation for ad-hoc filters (#31122)
  * DataSourceSettings: Fixes add header button, it should not trigger a save & test action (#31135)
  * Alerting: Fix so that sending an alert with the Alertmanager notifier doesn't fail when one of multiple configured URL's are down (#31079)
  * Chore: Update latest.json (#31139)
  * Docs: add 7.4.1 relese notes link (#31137)
  * PieChart: Progress on new core pie chart  (#28020)
  * ReleaseNotes: Updated changelog and release notes for 7.4.1 (#31133)
  * Eslint: no-duplicate-imports rule (bump grafana-eslint-config) (#30989)
  * Transforms: Fixes Outer join issue with duplicate field names not getting the same unique field names as before  (#31121)
  * MuxWriter: Handle error for already closed file (#31119)
  * Logging: sourcemap transform asset urls from CDN in logged stacktraces (#31115)
  * Search: add sort information in dashboard results (#30609)
  * area/grafana/e2e: ginstall should pull version specified (#31056)
  * Exemplars: Change CTA style (#30880)
  * Influx: Make max series limit configurable and show the limiting message if applied (#31025)
  * Docs: request security (#30937)
  * update configurePanel for 7.4.0 changes (#31093)
  * Elasticsearch: fix log row context erroring out (#31088)
  * Prometheus: Fix issues with ad-hoc filters (#30931)
  * LogsPanel: Add deduplication option for logs (#31019)
  * Drone: Make sure CDN upload is ok before pushing docker images (#31075)
  * PluginManager: Remove some global state (#31081)
  * test: update addDashboard flow for v7.4.0 changes (#31059)
  * Transformations: Fixed typo in FilterByValue transformer description. (#31078)
  * Docs: Group id should be 0 instead of 1 in Docker upgrade notes (#31074)
  * Usage stats: Adds source/distributor setting (#31039)
  * CDN: Add CDN upload step to enterprise and release pipelines (#31058)
  * Chore: Replace native select with grafana ui select  (#31030)
  * Docs: Update json-model.md (#31066)
  * Docs: Update whats-new-in-v7-4.md (#31069)
  * Added hyperlinks to Graphite documentation (#31064)
  * DashboardSettings: Update to new form styles (#31022)
  * CDN: Fixing drone CI config (#31052)
  * convert path to posix by default (#31045)
  * DashboardLinks: Fixes crash when link has no title (#31008)
  * Alerting: Fixes so notification channels are properly deleted (#31040)
  * Explore: Remove emotion error when displaying logs (#31026)
  * Elasticsearch: Fix alias field value not being shown in query editor (#30992)
  * CDN: Adds uppload to CDN step to drone CI (#30879)
  * Improved glossary (#31004)
  * BarGauge: Improvements to value sizing and table inner width calculations  (#30990)
  * Drone: Fix deployment image (#31027)
  * ColorPicker: migrated styles from sass to emotion (#30909)
  * Dashboard: Migrate general settings to react (#30914)
  * Chore(deps): Bump github.com/jung-kurt/gofpdf from 1.10.1 to 1.16.2 (#30586)
  * Chore(deps): Bump github.com/aws/aws-sdk-go from 1.36.31 to 1.37.7 (#31018)
  * Prometheus: Min step defaults to seconds when no unit is set to prevent errors when running alerts. (#30966)
  * Chore(deps): Bump github.com/magefile/mage from 1.10.0 to 1.11.0 (#31017)
  * Chore(deps): Bump github.com/grpc-ecosystem/go-grpc-middleware (#31013)
  * Graph: Fixes so graph is shown for non numeric time values (#30972)
  * CloudMonitoring: Prevent resource type variable function from crashing (#30901)
  * Chore(deps): Bump google.golang.org/api from 0.33.0 to 0.39.0 (#30971)
  * Build: Releases e2e and e2e-selectors too (#31006)
  * TextPanel: Fixes so panel title is updated when variables change (#30884)
  * Docs: Update configuration.md (login_maximum_inactive_lifetime_duration, login_maximum_lifetime_duration) (#31000)
  * instrumentation: make the first database histogram bucket smaller (#30995)
  * Grafana/UI: Remove DismissableFeatureInfoBox and replace with LocalSt… (#30988)
  * StatPanel: Fixes issue formatting date values using unit option (#30979)
  * Chore(deps): Bump actions/cache from v2 to v2.1.4 (#30973)
  * Units: Fixes formatting of duration units (#30982)
  * Elasticsearch: Show Size setting for raw_data metric (#30980)
  * Alerts: Dedupe alerts so that we do not fill the screen with the same alert messsage (#30935)
  * make sure service and slo display name is passed to segment comp (#30900)
  * assign changes in cloud datasources to the new cloud datasources team (#30645)
  * Table: Updates devenv test dashboard after change to TestData Randrom Table response (#30927)
  * Theme: Use higher order theme color variables rather then is light/dark logic (#30939)
  * Docs: Add alias for what's new in 7.4 (#30945)
  * e2e: extends selector factory to plugins (#30932)
  * Chore: Upgrade docker build image (#30820)
  * Docs: updated developer guide (#29978)
  * Alerts: Update Alert storybook to show more states (#30908)
  * Variables: Adds queryparam formatting option (#30858)
  * Chore: pad unknown values with undefined (#30808)
  * Transformers: add search to transform selection (#30854)
  * Exemplars: change api to reflect latest changes (#30910)
  * docs: use selinux relabelling on docker containers (#27685)
  * Docs: Fix bad image path for alert notification template (#30911)
  * Make value mappings correctly interpret numeric-like strings (#30893)
  * Chore: Update latest.json (#30905)
  * Docs: Update whats-new-in-v7-4.md (#30882)
  * Dashboard: Ignore changes to dashboard when the user session expires (#30897)
  * ReleaseNotes: Updated changelog and release notes for 7.4.0 (#30902)
  * test: add support for timeout to be passed in for addDatasource (#30736)
  * increase page size and make sure the cache supports query params (#30892)
  * DataSourceSettings: Adds info box and link to Grafana Cloud (#30891)
  * OAuth: custom username docs (#28400)
  * Panels: Remove value mapping of values that have been formatted #26763 (#30868)
  * Alerting: Fixes alert panel header icon not showing (#30840)
  * AlertingNG: Edit Alert Definition (#30676)
  * Logging: sourcemap support for frontend stacktraces (#30590)
  * Added 'Restart Grafana' topic. (#30844)
  * Docs: Org, Team, and User Admin (#30756)
  * bump grabpl version to 0.5.36 (#30874)
  * Plugins: Requests validator (#30445)
  * Docs: Update whats-new-in-v7-4.md (#30876)
  * Docs: Add server view folder (#30849)
  * Fixed image name and path  (#30871)
  * Grafana-ui: fixes closing modals with escape key (#30745)
  * InfluxDB: Add http configuration when selecting InfluxDB v2 flavor  (#30827)
  * TestData: Fixes issue with for ever loading state when all queries are hidden (#30861)
  * Chart/Tooltip: refactored style declaration (#30824)
  * ReleaseNotes: Updated changelog and release notes for 7.4.0-beta1 (#30853)
  * Grafana-ui: fixes no data message in Table component (#30821)
  * grafana/ui: Update pagination component for large number of pages (#30151)
  * Alerting: Customise OK notification priorities for Pushover notifier (#30169)
  * DashboardLinks: Support variable expression in to tooltip - Issue #30409 (#30569)
  * Chore: Remove panelTime.html, closes #30097 (#30842)
  * Docs: Time series panel, bar alignment docs (#30780)
  * Chore: add more docs annotations (#30847)
  * Transforms: allow boolean in field calculations (#30802)
  * Prometheus: Add tooltip to explain possibility to use patterns in text and title fields in annotations (#30825)
  * Update prometheus.md with image link fix (#30833)
  * BarChart: inside-align strokes, upgrade uPlot to 1.6.4. (#30806)
  * Update license-expiration.md (#30839)
  * Explore rewrite (#30804)
  * Prometheus: Set type of labels to string (#30831)
  * GrafanaUI: Add a way to persistently close InfoBox (#30716)
  * Fix typo in transformer registry (#30712)
  * Elasticsearch: Display errors with text responses (#30122)
  * CDN: Fixes cdn path when Grafana is under sub path (#30822)
  * TraceViewer: Fix lazy loading (#30700)
  * FormField: migrated sass styling to emotion (#30392)
  * AlertingNG: change API permissions (#30781)
  * Variables: Clears drop down state when leaving dashboard (#30810)
  * Grafana-UI: Add story/docs for ErrorBoundary (#30304)
  * Add missing callback dependency (#30797)
  * PanelLibrary: Adds library panel meta information to dashboard json (#30770)
  * Chore(deps): Bump gonum.org/v1/gonum from 0.6.0 to 0.8.2 (#30343)
  * Chore(deps): Bump gopkg.in/yaml.v2 from 2.3.0 to 2.4.0 (#30771)
  * GraphNG: improve behavior when switching between solid/dash/dots (#30796)
  * Chore(deps): Bump github.com/hashicorp/go-hclog from 0.14.1 to 0.15.0 (#30778)
  * Add width for Variable Editors (#30791)
  * Chore: Remove warning when calling resource (#30752)
  * Auth: Use SigV4 lib from grafana-aws-sdk  (#30713)
  * Panels: Fixes so panels are refreshed when scrolling past them fast (#30784)
  * GraphNG: add bar alignment option (#30499)
  * Expressions: Measure total transformation requests and elapsed time (#30514)
  * Menu: Mark menu components as internal (#30740)
  * TableInputCSV: migrated styles from sass to emotion (#30554)
  * CDN: Fix passing correct prefix to GetContentDeliveryURL (#30777)
  * Chore(deps): Bump gopkg.in/ini.v1 from 1.57.0 to 1.62.0 (#30772)
  * CDN: Adds support for serving assets over a CDN (#30691)
  * PanelEdit: Trigger refresh when changing data source (#30744)
  * Chore: remove __debug_bin (#30725)
  * BarChart: add alpha bar chart panel (#30323)
  * Docs: Time series panel (#30690)
  * Backend Plugins: Convert test data source to use SDK contracts (#29916)
  * Docs: Update whats-new-in-v7-4.md (#30747)
  * Add link to Elasticsearch docs. (#30748)
  * Mobile: Fixes issue scrolling on mobile in chrome (#30746)
  * TagsInput: Make placeholder configurable (#30718)
  * Docs: Add config settings for fonts in reporting (#30421)
  * Add menu.yaml to .gitignore (#30743)
  * bump cypress to 6.3.0 (#30644)
  * Datasource: Use json-iterator configuration compatible with standard library (#30732)
  * AlertingNG: Update UX to use new PageToolbar component (#30680)
  * Docs: Add usage insights export feature (#30376)
  * skip symlinks to directories when generating plugin manifest (#30721)
  * PluginCiE2E: Upgrade base images (#30696)
  * Variables: Fixes so text format will show All instead of custom all (#30730)
  * PanelLibrary: better handling of deleted panels (#30709)
  * Added section 'Curated dashboards for Google Cloud Monitoring' for 7.4 What's New (#30724)
  * Added 'curated dashboards' information and broke down, rearranged topics. (#30659)
  * Transform: improve the 'outer join' performance/behavior (#30407)
  * Add alt text to plugin logos (#30710)
  * Deleted menu.yaml file (#30717)
  * Dashboard: Top Share URL icon should share panel URL when on viewPanel page (#30000)
  * Added entry for web server. (#30715)
  * DashboardPicker: switch to promise-based debounce, return dashboard UID (#30706)
  * Use connected GraphNG in Explore (#30707)
  * Fix documentation for streaming data sources (#30704)
  * PanelLibrary: changes casing of responses and adds meta property (#30668)
  * Influx: Show all datapoints for dynamically windowed flux query (#30688)
  * Trace: trace to logs design update (#30637)
  * DeployImage: Switch base images to Debian (#30684)
  * Chore: remove CSP debug logging line (#30689)
  * Docs: 7.4 documentation for expressions (#30524)
  * PanelEdit: Get rid of last remaining usage of navbar-button (#30682)
  * Grafana-UI: Fix setting default value for MultiSelect (#30671)
  * CustomScrollbar: migrated styles from sass to emotion (#30506)
  * DashboardSettings & PanelEdit: Use new PageToolbar (#30675)
  * Explore: Fix jumpy live tailing (#30650)
  * ci(npm-publish): add missing github package token to env vars (#30665)
  * PageToolbar: Extracting navbar styles & layout into a modern emotion based component (#30588)
  * AlertingNG: pause/unpause definitions via the API (#30627)
  * Docs: Refer to product docs in whats new for alerting templating feature (#30652)
  * ReleaseNotes: Updated changelog and release notes for 7.4.0-beta1 (#30666)
  * Variables: Fixes display value when using capture groups in regex (#30636)
  * Docs: Update _index.md (#30655)
  * Docs: Auditing updates (#30433)
  * Docs: add hidden_users configuration field (#30435)
  * Docs: Define TLS/SSL terminology (#30533)
  * Docs: Fix expressions enabled description (#30589)
  * Docs: Update ES screenshots (#30598)
  * Licensing Docs: Adding license restrictions docs (#30216)
  * Update documentation-style-guide.md (#30611)
  * Docs: Update queries.md (#30616)
  * chore(grafana-ui): bump storybook to 6.1.15 (#30642)
  * DashboardSettings: fixes vertical scrolling (#30640)
  * Usage Stats: Remove unused method for getting user stats (#30074)
  * Grafana/UI: Unit picker should not set a category as unit (#30638)
  * Graph: Fixes auto decimals issue in legend and tooltip (#30628)
  * AlertingNG: List saved Alert definitions in Alert Rule list (#30603)
  * chore: bump redux toolkit to 1.5.0 for immer 8.0.1 vulnerability fix (#30605)
  * Grafana/UI: Add disable prop to Segment (#30539)
  * Variables: Fixes so queries work for numbers values too (#30602)
  * Admin: Fixes so form values are filled in from backend (#30544)
  * Docs: Add new override info and add whats new 7.4 links (#30615)
  * TestData: Improve what's new in v7.4 (#30612)
  * Docs: Update 7.4 What's New to use more correct description of alerting notification template feature (#30502)
  * NodeGraph: Add docs (#30504)
  * Loki: Improve live tailing errors and fix Explore's logs container type errors (#30517)
  * TimeRangePicker: Updates components to use new ToolbarButton & ButtonGroup (#30570)
  * Update styling.md guide (#30594)
  * TestData: Adding what's new in v7.4 to the devenv dashboards (#30568)
  * Chore(deps): Bump github.com/aws/aws-sdk-go from 1.35.5 to 1.36.31 (#30583)
  * Chore(deps): Bump github.com/prometheus/client_golang (#30585)
  * Chore(deps): Bump gopkg.in/macaron.v1 from 1.3.9 to 1.4.0 (#30587)
  * Chore(deps): Bump github.com/google/uuid from 1.1.5 to 1.2.0 (#30584)
  * Explore: Fix logs hover state so that it is visible and in dark mode & simply hover code (#30572)
  * RefreshPicker: Fixes so valid intervals in url are visible in RefreshPicker (#30474)
  * Add documentation for Exemplars (#30317)
  * OldGraph: Fix height issue in Firefox (#30565)
  * XY Chart: fix editor error with empty frame (no fields) (#30573)
  * ButtonSelect & RefreshPicker: Rewrite of components to use new emotion based ToolbarButton & Menu (#30510)
  * XY Chart: share legend config with timeseries (#30559)
  * configuration.md: Document Content Security Policy options (#30413)
  * DataFrame: cache frame/field index in field state (#30529)
  * List + before -; rm old Git ref; reformat. (#30543)
  * Expressions: Add option to disable feature (#30541)
  * Explore: Fix loading visualisation on the top of the new time series panel (#30553)
  * Prometheus: Fix show query instead of Value if no __name__ and metric (#30511)
  * Decimals: Big Improvements to auto decimals and fixes to auto decimals bug found in 7.4-beta1  (#30519)
  * Postgres: Convert tests to stdlib (#30536)
  * Storybook: Migrate card story to use controls  (#30535)
  * AlertingNG: Enable UI to Save Alert Definitions (#30394)
  * Postgres: Be consistent about TLS/SSL terminology (#30532)
  * Loki: Append refId to logs uid (#30418)
  * Postgres: Fix indentation (#30531)
  * GraphNG: uPlot 1.6.3 (fix bands not filling below 0). close #30523. (#30527)
  * updates for e2e docker image (#30465)
  * GraphNG: uPlot 1.6.2 (#30521)
  * Docs: Update whats-new-in-v7-4.md (#30520)
  * Prettier: ignore build and devenv dirs (#30501)
  * Chore: Upgrade grabpl version (#30486)
  * Explore: Update styling of buttons (#30493)
  * Cloud Monitoring: Fix legend naming with display name override (#30440)
  * GraphNG: Disable Plot logging by default (#30390)
  * Admin: Fixes so whole org drop down is visible when adding users to org (#30481)
  * Docs: include Makefile option for local assets (#30455)
  * Footer: Fixes layout issue in footer  (#30443)
  * TimeSeriesPanel: Fixed default value for gradientMode (#30484)
  * Docs: fix typo in what's new doc (#30489)
  * Chore: adds wait to e2e test (#30488)
  * chore: update packages dependent on dot-prop to fix security vulnerability (#30432)
  * Dashboard: Remove Icon and change copy -> Copy to clipboard in the share embedded panel modal (#30480)
  * Chore: fix spelling mistake (#30473)
  * Chore: Restrict internal imports from other packages (#30453)
  * Docs: What's new fixes and improvements (#30469)
  * Timeseries: only migrage point size when configured (#30461)
  * Alerting: Hides threshold handle for percentual thresholds (#30431)
  * Graph: Fixes so only users with correct permissions can add annotations (#30419)
  * Chore: update latest version to 7.4.0-beta1 (#30452)
  * Docs: Add whats new 7.4 links (#30463)
  * Update whats-new-in-v7-4.md (#30460)
  * docs: 7.4 what's new (Add expressions note) (#30446)
  * Chore: Upgrade build pipeline tool (#30456)
  * PanelModel: Make sure the angular options are passed to react panel type changed handler (#30441)
  * Expressions: Fix button icon (#30444)
  * ReleaseNotes: Updated changelog and release notes for 7.4.0-beta1 (#30449)
  * Docs: Fix img link for alert notification template (#30436)
  * grafana/ui: Fix internal import from grafana/data (#30439)
  * prevent field config from being overwritten (#30437)
  * PanelOptions: Refactoring applying panel and field options out of PanelModel and add property clean up for properties not in field config registry  (#30389)
  * Dashboard: Remove template variables option from ShareModal (#30395)
  * Added doc content for variables inspector code change by Hugo (#30408)
  * Docs: update license expiration behavior for reporting (#30420)
  * Chore: use old version format in package.json (#30430)
  * Chore: upgrade NPM security vulnerabilities (#30397)
  * 'Release: Updated versions in package to 7.5.0-pre.0' (#30428)
  * contribute: Add backend and configuration guidelines for PRs (#30426)
  * Chore: Update what's new URL (#30424)
- Update to version 7.4.5
- CVE-2021-28146, CVE-2021-28147: Fix API permissions issues related to team-sync. (Enterprise) (bsc#1183811, bsc#1183809)
- CVE-2021-28148: Usage insights requires signed in users. (Enterprise) (bsc#1183813)
- CVE-2021-27962: Do not allow editors to incorrectly bypass permissions on the default data source. (Enterprise) (bsc#1184371)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2689-1
Released:    Mon Aug 16 10:54:52 2021
Summary:     Security update for cpio
Type:        security
Severity:    important
References:  1189206,CVE-2021-38185
This update for cpio fixes the following issues:

It was possible to trigger Remote code execution due to a integer overflow (CVE-2021-38185, bsc#1189206)


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2763-1
Released:    Tue Aug 17 17:16:22 2021
Summary:     Recommended update for cpio
Type:        recommended
Severity:    critical
References:  1189465
This update for cpio fixes the following issues:

- A regression in last update would cause builds to hang on various architectures(bsc#1189465)
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2780-1
Released:    Thu Aug 19 16:09:15 2021
Summary:     Recommended update for cpio
Type:        recommended
Severity:    critical
References:  1189465,CVE-2021-38185
This update for cpio fixes the following issues:

- A regression in the previous update could lead to crashes (bsc#1189465)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2800-1
Released:    Fri Aug 20 10:43:04 2021
Summary:     Security update for krb5
Type:        security
Severity:    important
References:  1188571,CVE-2021-36222
This update for krb5 fixes the following issues:

- CVE-2021-36222: Fixed KDC null deref on bad encrypted challenge. (bsc#1188571)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2831-1
Released:    Tue Aug 24 16:20:45 2021
Summary:     Security update for openssl-1_1
Type:        security
Severity:    important
References:  1189521,CVE-2021-3712
This update for openssl-1_1 fixes the following security issue:

- CVE-2021-3712: a bug in the code for printing certificate details could
  lead to a buffer overrun that a malicious actor could exploit to crash
  the application, causing a denial-of-service attack. [bsc#1189521]

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2938-1
Released:    Fri Sep  3 09:19:36 2021
Summary:     Recommended update for openldap2
Type:        recommended
Severity:    moderate
References:  1184614

This update for openldap2 fixes the following issue:

- openldap2-contrib is shipped to the Legacy Module. (bsc#1184614)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2968-1
Released:    Tue Sep  7 09:53:00 2021
Summary:     Security update for openssl-1_1
Type:        security
Severity:    low
References:  1189521,CVE-2021-3712
This update for openssl-1_1 fixes the following issues:

- CVE-2021-3712: This is an update for the incomplete fix for CVE-2021-3712. 
  Read buffer overruns processing ASN.1 strings (bsc#1189521).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3001-1
Released:    Thu Sep  9 15:08:13 2021
Summary:     Recommended update for netcfg
Type:        recommended
Severity:    moderate
References:  1189683
This update for netcfg fixes the following issues:

- add submissions port/protocol to services file for message submission over TLS protocol [bsc#1189683]

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3182-1
Released:    Tue Sep 21 17:04:26 2021
Summary:     Recommended update for file
Type:        recommended
Severity:    moderate
References:  1189996
This update for file fixes the following issues:

- Fixes exception thrown by memory allocation problem (bsc#1189996)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3297-1
Released:    Wed Oct  6 16:53:29 2021
Summary:     Security update for curl
Type:        security
Severity:    moderate
References:  1190373,1190374,CVE-2021-22946,CVE-2021-22947
This update for curl fixes the following issues:

- CVE-2021-22947: Fixed STARTTLS protocol injection via MITM (bsc#1190374).
- CVE-2021-22946: Fixed protocol downgrade required TLS bypassed (bsc#1190373).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3348-1
Released:    Tue Oct 12 13:08:06 2021
Summary:     Security update for systemd
Type:        security
Severity:    moderate
References:  1134353,1171962,1184994,1188018,1188063,1188291,1188713,1189480,1190234,CVE-2021-33910
This update for systemd fixes the following issues:

- CVE-2021-33910: Fixed use of strdupa() on a path (bsc#1188063).

- logind: terminate cleanly on SIGTERM/SIGINT (bsc#1188018).
- Adopting BFQ to control I/O (jsc#SLE-21032, bsc#1134353).
- Rules weren't applied to dm devices (multipath) (bsc#1188713).
- Ignore obsolete 'elevator' kernel parameter (bsc#1184994, bsc#1190234).
- Make sure the versions of both udev and systemd packages are always the same (bsc#1189480).
- Avoid error message when udev is updated due to udev being already active when the sockets are started again (bsc#1188291).
- Allow the systemd sysusers config files to be overriden during system installation (bsc#1171962).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3385-1
Released:    Tue Oct 12 15:54:31 2021
Summary:     Security update for glibc
Type:        security
Severity:    moderate
References:  1186489,1187911,CVE-2021-33574,CVE-2021-35942
This update for glibc fixes the following issues:

- CVE-2021-35942: wordexp: handle overflow in positional parameter number (bsc#1187911)
- CVE-2021-33574: Use __pthread_attr_copy in mq_notify (bsc#1186489)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3454-1
Released:    Mon Oct 18 09:29:26 2021
Summary:     Security update for krb5
Type:        security
Severity:    moderate
References:  1189929,CVE-2021-37750
This update for krb5 fixes the following issues:

- CVE-2021-37750: Fixed KDC null pointer dereference via a FAST inner body that lacks a server field (bsc#1189929).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3480-1
Released:    Wed Oct 20 11:24:10 2021
Summary:     Recommended update for yast2-network
Type:        recommended
Severity:    moderate
References:  1185016,1185524,1186910,1187270,1187512,1188344,1190645,1190739,1190915,1190933
This update for yast2-network fixes the following issues:

- Don't crash when the interfaces table contains a not configured one (bnc#1190645, bsc#1190915).
- Fix the shown description using the interface friendly name when it is empty (bsc#1190933).
- Consider aliases sections as case insensitive (bsc#1190739).
- Display user defined device name in the devices overview (bnc#1190645).
- Don't crash when defined aliases in AutoYaST profile are not defined as a map (bsc#1188344).
- Support 'boot' and 'on' as aliases for the 'auto' startmode (bsc#1186910).
- Fix desktop file so the control center tooltip is translated (bsc#1187270).
- Use the linuxrc proxy settings for the HTTPS and FTP proxies (bsc#1185016).
- Don't crash at the end of installation when storing wifi configuration for NetworkManager (bsc#1185524, bsc#1187512).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3490-1
Released:    Wed Oct 20 16:31:55 2021
Summary:     Security update for ncurses
Type:        security
Severity:    moderate
References:  1190793,CVE-2021-39537
This update for ncurses fixes the following issues:

- CVE-2021-39537: Fixed an heap-based buffer overflow in _nc_captoinfo. (bsc#1190793)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3494-1
Released:    Wed Oct 20 16:48:46 2021
Summary:     Recommended update for pam
Type:        recommended
Severity:    moderate
References:  1190052
This update for pam fixes the following issues:

- Added pam_faillock to the set of available PAM modules. (jsc#SLE-20638)
- Added new file macros.pam on request of systemd. (bsc#1190052)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3510-1
Released:    Tue Oct 26 11:22:15 2021
Summary:     Recommended update for pam
Type:        recommended
Severity:    important
References:  1191987
This update for pam fixes the following issues:

- Fixed a bad directive file which resulted in
  the 'securetty' file to be installed as 'macros.pam'.
  (bsc#1191987)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3523-1
Released:    Tue Oct 26 15:40:13 2021
Summary:     Security update for util-linux
Type:        security
Severity:    moderate
References:  1122417,1125886,1178236,1188921,CVE-2021-37600
This update for util-linux fixes the following issues:

Update to version 2.33.2 to provide seamless update from SLE12 SP5 to SLE15 SP2:

- CVE-2021-37600: Fixed an integer overflow which could lead to a buffer overflow in get_sem_elements() in sys-utils/ipcutils.c (bsc#1188921).
- agetty: Fix 8-bit processing in get_logname() (bsc#1125886).
- mount: Fix 'mount' output for net file systems (bsc#1122417).
- ipcs: Avoid overflows (bsc#1178236)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3529-1
Released:    Wed Oct 27 09:23:32 2021
Summary:     Security update for pcre
Type:        security
Severity:    moderate
References:  1172973,1172974,CVE-2019-20838,CVE-2020-14155
This update for pcre fixes the following issues:

Update pcre to version 8.45:

- CVE-2020-14155: Fixed integer overflow via a large number after a '(?C' substring (bsc#1172974).
- CVE-2019-20838: Fixed buffer over-read in JIT compiler (bsc#1172973)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3781-1
Released:    Tue Nov 23 23:48:43 2021
Summary:     This update for libzypp, zypper and libsolv fixes the following issues:
Type:        recommended
Severity:    moderate
References:  1153687,1182372,1183268,1183589,1184326,1184399,1184997,1185325,1186447,1186503,1186602,1187224,1187425,1187466,1187738,1187760,1188156,1188435,1189031,1190059,1190199,1190356,1190465,1190712,1190815,1191286,1191324,1191370,1191609,1192337,1192436
This update for zypper fixes the following issues:

- Manpage: Recommend the needs-rebooting command to test whether a system reboot is suggested.
- Let a patch's reboot-needed flag overrule included packages. (bsc#1183268)
- Quickfix setting 'openSUSE_Tumbleweed' as default platform for 'MicroOS'. (bsc#1153687)
- Protect against strict/relaxed user umask via sudo. (bsc#1183589)
- xml summary: Add solvables repository alias. (bsc#1182372)
- Allow trusted repos to add additional signing keys. (bsc#1184326)
- MediaCurl: Fix logging of redirects.
- Let negative values wait forever for the zypp lock. (bsc#1184399)
- Fix 'purge-kernels' is broken in Leap 15.3. (bsc#1185325)
- Fix service detection with cgroupv2. (bsc#1184997)
- Add hints to 'trust GPG key' prompt.
- Enhance XML output of repo GPG options
- Add optional attributes showing the raw values actually present in the '.repo' file.
- Link all executables with -pie (bsc#1186447)
- Ship an empty '/etc/zypp/needreboot' per default. (jsc#PM-2645)
- Fix solver jobs for PTFs. (bsc#1186503)
- choice rules: treat orphaned packages as newest. (bc#1190465)
- Add need reboot/restart hint to XML install summary. (bsc#1188435)
- Fix kernel-*-livepatch removal in purge-kernels. (bsc#1190815)
- Fix obs:// platform guessing for Leap. (bsc#1187425)
- Fix purge-kernels fails. (bsc#1187738)
- Do not download full files even if the checkExistsOnly flag is set. (bsc#1190712)
- Prompt: choose exact match if prompt options are not prefix free. (bsc#1188156)
- Do not check of signatures and keys two times(redundant). (bsc#1190059)
- Rephrase vendor conflict message in case 2 packages are involved. (bsc#1187760)
- Show key fpr from signature when signature check fails. (bsc#1187224)
- Make sure to keep states alives while transitioning. (bsc#1190199)
- Fix crashes in logging code when shutting down. (bsc#1189031)
- Manpage: Improve description about patch updates. (bsc#1187466)
- Avoid calling 'su' to detect a too restrictive sudo user umask. (bsc#1186602)
- Consolidate reboot-recommendations across tools and stop using /etc/zypp/needreboot (jsc#-SLE-18858)
- Disable logger in the child after fork (bsc#1192436)
- Check log writer before accessing it (bsc#1192337)
- Allow uname-r format in purge kernels keepspec
- zypper should keep cached files if transaction is aborted (bsc#1190356)
- Require a minimum number of mirrors for multicurl (bsc#1191609)
- Use procfs to detect nr of open fd's if rlimit is too high (bsc#1191324)
- Fix translations (bsc#1191370)
- RepoManager: Don't probe for plaindir repo if URL schema is plugin (bsc#1191286)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3799-1
Released:    Wed Nov 24 18:07:54 2021
Summary:     Recommended update for gcc11
Type:        recommended
Severity:    moderate
References:  1187153,1187273,1188623
This update for gcc11 fixes the following issues:

The additional GNU compiler collection GCC 11 is provided:

To select these compilers install the packages:

- gcc11
- gcc-c++11
- and others with 11 prefix.

to select them for building:

- CC='gcc-11'
- CXX='g++-11'

The compiler baselibraries (libgcc_s1, libstdc++6 and others) are being replaced by the GCC 11 variants.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3809-1
Released:    Fri Nov 26 00:31:59 2021
Summary:     Recommended update for systemd
Type:        recommended
Severity:    moderate
References:  1189803,1190325,1190440,1190984,1191252,1192161
This update for systemd fixes the following issues:

- Add timestamp to D-Bus events to improve traceability (jsc#SLE-21862, jsc#SLE-18102, jsc#SLE-18103)
- Fix IO scheduler udev rules to address performance issues (jsc#SLE-21032, bsc#1192161)
- shutdown: Reduce log level of unmounts (bsc#1191252)
- pid1: make use of new 'prohibit_ipc' logging flag in PID 1 (bsc#1189803)
- core: rework how we connect to the bus (bsc#1190325)
- mount-util: fix fd_is_mount_point() when both the parent and directory are network fs (bsc#1190984)
- virt: detect Amazon EC2 Nitro instance (bsc#1190440)
- Several fixes for umount
- busctl: use usec granularity for the timestamp printed by the busctl monitor command
- fix unitialized fields in MountPoint in dm_list_get()
- shutdown: explicitly set a log target
- mount-util: add mount_option_mangle()
- dissect: automatically mark partitions read-only that have a read-only file system
- build-sys: require proper libmount version
- systemd-shutdown: use log_set_prohibit_ipc(true)
- rationalize interface for opening/closing logging
- pid1: when we can't log to journal, remember our fallback log target
- log: remove LOG_TARGET_SAFE pseudo log target
- log: add brief comment for log_set_open_when_needed() and log_set_always_reopen_console()
- log: add new 'prohibit_ipc' flag to logging system
- log: make log_set_upgrade_syslog_to_journal() take effect immediately
- dbus: split up bus_done() into seperate functions
- machine-id-setup: generate machine-id from DMI product ID on Amazon EC2
- virt: if we detect Xen by DMI, trust that over CPUID

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3830-1
Released:    Wed Dec  1 13:45:46 2021
Summary:     Security update for glibc
Type:        security
Severity:    moderate
References:  1027496,1183085,CVE-2016-10228

This update for glibc fixes the following issues:


- libio: do not attempt to free wide buffers of legacy streams (bsc#1183085) 
- CVE-2016-10228: Rewrite iconv option parsing to fix security issue (bsc#1027496)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3891-1
Released:    Fri Dec  3 10:21:49 2021
Summary:     Recommended update for keyutils
Type:        recommended
Severity:    moderate
References:  1029961,1113013,1187654
This update for keyutils fixes the following issues:

- Add /etc/keys/ and /usr/etc/keys/ directory (bsc#1187654)

keyutils was updated to 1.6.3 (jsc#SLE-20016):

* Revert the change notifications that were using /dev/watch_queue.
* Apply the change notifications that use pipe2(O_NOTIFICATION_PIPE).
* Allow 'keyctl supports' to retrieve raw capability data.
* Allow 'keyctl id' to turn a symbolic key ID into a numeric ID.
* Allow 'keyctl new_session' to name the keyring.
* Allow 'keyctl add/padd/etc.' to take hex-encoded data.
* Add 'keyctl watch*' to expose kernel change notifications on keys.
* Add caps for namespacing and notifications.
* Set a default TTL on keys that upcall for name resolution.
* Explicitly clear memory after it's held sensitive information.
* Various manual page fixes.
* Fix C++-related errors.
* Add support for keyctl_move().
* Add support for keyctl_capabilities().
* Make key=val list optional for various public-key ops.
* Fix system call signature for KEYCTL_PKEY_QUERY.
* Fix 'keyctl pkey_query' argument passing.
* Use keyctl_read_alloc() in dump_key_tree_aux().
* Various manual page fixes. 

Updated to 1.6:

* Apply various specfile cleanups from Fedora.
* request-key: Provide a command line option to suppress helper execution.
* request-key: Find least-wildcard match rather than first match.
* Remove the dependency on MIT Kerberos.
* Fix some error messages
* keyctl_dh_compute.3: Suggest /proc/crypto for list of available hashes.
* Fix doc and comment typos.
* Add public key ops for encrypt, decrypt, sign and verify (needs linux-4.20).
* Add pkg-config support for finding libkeyutils.
* upstream isn't offering PGP signatures for the source tarballs anymore

Updated to 1.5.11 (bsc#1113013)

* Add keyring restriction support.
* Add KDF support to the Diffie-Helman function.
* DNS: Add support for AFS config files and SRV records
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3899-1
Released:    Fri Dec  3 11:27:41 2021
Summary:     Security update for aaa_base
Type:        security
Severity:    moderate
References:  1162581,1174504,1191563,1192248
This update for aaa_base fixes the following issues:

- Allowed ping and ICMP commands without CAP_NET_RAW (bsc#1174504).
- Add $HOME/.local/bin to PATH, if it exists (bsc#1192248).
- Fixed get_kernel_version.c to work also for recent kernels on the s390/X platform (bsc#1191563).
- Support xz compressed kernel (bsc#1162581)   

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2021:3925-1
Released:    Fri Dec  3 14:20:36 2021
Summary:     Feature update for SUSE Manager Client Tools
Type:        feature
Severity:    moderate
References:  1191194
This update fixes the following issues:

prometheus-blackbox_exporter:

- Provide 'prometheus-blackbox_exporter' version 0.19.0 (jsc#SLE-22351)
- Use '%set_permissions' and '%verify_permissions' for SUSE Linux Enterprise 12 (bsc#1191194)
- Set 'CAP_NET_RAW' capability to allow ICMP requests

grafana:

- Add URL to package source code in the login page footer

spacecmd:

- Update translation strings

spacewalk-client-tools:

- Update translation strings

zypp-plugin-spacewalk:

- Use proxy configured in 'up2date' config when it is defined
- Added RHEL8 build.


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3930-1
Released:    Mon Dec  6 11:16:10 2021
Summary:     Recommended update for curl
Type:        recommended
Severity:    moderate
References:  1192790
This update for curl fixes the following issues:

- Fix sftp via proxy failure in curl, by preventing libssh from creating socket (bsc#1192790)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3946-1
Released:    Mon Dec  6 14:57:42 2021
Summary:     Security update for gmp
Type:        security
Severity:    moderate
References:  1192717,CVE-2021-43618
This update for gmp fixes the following issues:
    
- CVE-2021-43618: Fixed buffer overflow via crafted input in mpz/inp_raw.c (bsc#1192717).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:4017-1
Released:    Tue Dec 14 07:26:55 2021
Summary:     Recommended update for openssl-1_1
Type:        recommended
Severity:    moderate
References:  1180995
This update for openssl-1_1 fixes the following issues:

- Add RFC3526 and RFC7919 groups to 'openssl genpkey' so that it can output FIPS-appropriate parameters 
  consistently with our other codestreams (bsc#1180995)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:4139-1
Released:    Tue Dec 21 17:02:44 2021
Summary:     Recommended update for systemd
Type:        recommended
Severity:    critical
References:  1193481,1193521
This update for systemd fixes the following issues:

- Revert 'core: rework how we connect to the bus' (bsc#1193521 bsc#1193481)
  sleep-config: partitions can't be deleted, only files can
  shared/sleep-config: exclude zram devices from hibernation candidates

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:4154-1
Released:    Wed Dec 22 11:02:38 2021
Summary:     Security update for p11-kit
Type:        security
Severity:    important
References:  1180064,1187993,CVE-2020-29361
This update for p11-kit fixes the following issues:

- CVE-2020-29361: Fixed multiple integer overflows in rpc code (bsc#1180064)
- Add support for CKA_NSS_{SERVER,EMAIL}_DISTRUST_AFTER (bsc#1187993).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:4182-1
Released:    Thu Dec 23 11:51:51 2021
Summary:     Recommended update for zlib
Type:        recommended
Severity:    moderate
References:  1192688
This update for zlib fixes the following issues:

- Fix hardware compression incorrect result on z15 hardware (bsc#1192688)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4-1
Released:    Mon Jan  3 08:28:54 2022
Summary:     Recommended update for libgcrypt
Type:        recommended
Severity:    moderate
References:  1193480
This update for libgcrypt fixes the following issues:

- Fix function gcry_mpi_sub_ui subtracting from negative value (bsc#1193480)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:57-1
Released:    Wed Jan 12 07:10:42 2022
Summary:     Recommended update for libzypp
Type:        recommended
Severity:    moderate
References:  1193488,954813
This update for libzypp fixes the following issues:
    
- Use the default zypp.conf settings if no zypp.conf exists (bsc#1193488)
- Fix wrong encoding of URI compontents of ISO images (bsc#954813)
- When invoking 32bit mode in userland of an aarch64 kernel, handle armv8l as armv7hl compatible
- Introduce zypp-curl as a sublibrary for CURL related code
- zypp-rpm: Increase rpm loglevel if ZYPP_RPM_DEBUG is set
- Save all signatures associated with a public key in its PublicKeyData

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:139-1
Released:    Thu Jan 20 13:24:56 2022
Summary:     Security update for grafana
Type:        security
Severity:    important
References:  1191454,1193688,CVE-2021-39226,CVE-2021-43813
This update for grafana fixes the following issues:

- CVE-2021-39226: Fixed snapshot authentication bypass (bsc#1191454)
- CVE-2021-43813: Fixed markdown path traversal (bsc#1193688)


The following package changes have been done:

- aaa_base-84.87+git20180409.04c9dae-3.52.1 updated
- bash-4.4-9.14.1 updated
- cpio-2.12-3.9.1 updated
- file-magic-5.32-7.14.1 updated
- filesystem-15.0-11.3.2 updated
- glibc-2.26-13.62.1 updated
- gpg2-2.2.5-4.19.8 updated
- grafana-7.5.12-1.27.1 updated
- krb5-1.16.3-3.24.1 updated
- libaugeas0-1.10.1-3.3.1 updated
- libblkid1-2.33.2-4.16.1 updated
- libbz2-1-1.0.6-5.11.1 updated
- libcap2-2.26-4.6.1 updated
- libcom_err2-1.43.8-4.26.1 updated
- libcurl4-7.60.0-28.1 updated
- libfdisk1-2.33.2-4.16.1 updated
- libgcc_s1-11.2.1+git610-1.3.9 updated
- libgcrypt20-1.8.2-8.42.1 updated
- libglib-2_0-0-2.54.3-4.24.1 updated
- libgmp10-6.1.2-4.9.1 updated
- libgnutls30-3.6.7-6.40.2 updated
- libhogweed4-3.4.1-4.18.1 updated
- libidn2-0-2.2.0-3.6.1 updated
- libkeyutils1-1.6.3-5.6.1 updated
- libldap-2_4-2-2.4.46-9.58.1 updated
- libldap-data-2.4.46-9.58.1 updated
- liblua5_3-5-5.3.6-3.6.1 updated
- liblz4-1-1.8.0-3.8.1 updated
- libmagic1-5.32-7.14.1 updated
- libmount1-2.33.2-4.16.1 updated
- libncurses6-6.1-5.9.1 updated
- libnettle6-3.4.1-4.18.1 updated
- libnghttp2-14-1.40.0-3.11.1 updated
- libopenssl1_1-1.1.0i-14.24.3 updated
- libp11-kit0-0.23.2-4.13.1 updated
- libpcre1-8.45-20.10.1 updated
- libprocps7-3.3.15-7.19.1 updated
- libprotobuf-lite15-3.5.0-5.2.1 added
- libreadline7-7.0-9.14.1 updated
- libselinux1-2.8-8.3.1 updated
- libsigc-2_0-0-2.10.0-3.7.1 updated
- libsmartcols1-2.33.2-4.16.1 updated
- libsolv-tools-0.7.20-4.3.1 updated
- libsqlite3-0-3.36.0-3.12.1 updated
- libstdc++6-11.2.1+git610-1.3.9 updated
- libsystemd0-234-24.102.1 updated
- libudev1-234-24.102.1 updated
- libuuid1-2.33.2-4.16.1 updated
- libxml2-2-2.9.7-3.37.1 updated
- libz1-1.2.11-3.24.1 updated
- libzstd1-1.4.4-1.6.1 updated
- libzypp-17.29.0-3.64.1 updated
- ncurses-utils-6.1-5.9.1 updated
- netcfg-11.6-3.3.1 updated
- pam-1.3.0-6.50.1 updated
- procps-3.3.15-7.19.1 updated
- sed-4.4-4.3.1 updated
- sles-release-15.1-66.1 added
- system-user-grafana-1.0.0-3.9.1 added
- terminfo-base-6.1-5.9.1 updated
- util-linux-2.33.2-4.16.1 updated
- zypper-1.14.50-3.46.1 updated
- container:sles15-image-15.0.0-6.2.559 updated
- blog-2.18-4.11 removed
- ca-certificates-2+git20170807.10b2785-7.3.3 removed
- ca-certificates-mozilla-2.44-4.29.1 removed
- dbus-1-1.12.2-8.3.1 removed
- kbd-2.0.4-8.3.1 removed
- kbd-legacy-2.0.4-8.3.1 removed
- kmod-25-6.7.1 removed
- libapparmor1-2.12.3-7.20.1 removed
- libargon2-1-0.0+git20171227.670229c-2.14 removed
- libcryptsetup12-2.0.6-4.3.1 removed
- libdbus-1-3-1.12.2-8.3.1 removed
- libdevmapper1_03-1.02.149-12.28.1 removed
- libexpat1-2.2.5-3.6.1 removed
- libjson-c3-0.13-1.19 removed
- libkmod2-25-6.7.1 removed
- libqrencode4-4.0.0-1.17 removed
- libseccomp2-2.4.1-3.3.1 removed
- openssl-1.1.0i-3.3.1 removed
- openssl-1_1-1.1.0i-14.12.1 removed
- p11-kit-0.23.2-4.8.3 removed
- p11-kit-tools-0.23.2-4.8.3 removed
- pam-config-0.96-5.17 removed
- pkg-config-0.29.2-1.436 removed
- systemd-234-24.64.1 removed
- systemd-presets-branding-SLE-15.1-20.5.1 removed
- systemd-presets-common-SUSE-15-6.10 removed
- sysvinit-tools-2.88+-1.26 removed
- udev-234-24.64.1 removed
- update-alternatives-1.19.0.4-2.48 removed


More information about the sle-security-updates mailing list