SUSE-SU-2022:2134-1: important: Security update for SUSE Manager Client Tools

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Mon Jun 20 16:39:26 UTC 2022


   SUSE Security Update: Security update for SUSE Manager Client Tools
______________________________________________________________________________

Announcement ID:    SUSE-SU-2022:2134-1
Rating:             important
References:         #1181223 #1181400 #1190462 #1190535 #1193600 
                    #1194873 #1195726 #1195727 #1195728 #1196338 
                    #1196704 #1197507 #1197689 SLE-23422 SLE-23439 
                    SLE-24077 SLE-24238 SLE-24239 
Cross-References:   CVE-2021-36222 CVE-2021-3711 CVE-2021-39226
                    CVE-2021-41174 CVE-2021-41244 CVE-2021-43798
                    CVE-2021-43813 CVE-2021-43815 CVE-2022-21673
                    CVE-2022-21698 CVE-2022-21702 CVE-2022-21703
                    CVE-2022-21713
CVSS scores:
                    CVE-2021-36222 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2021-36222 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2021-3711 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-3711 (SUSE): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-39226 (NVD) : 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
                    CVE-2021-39226 (SUSE): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
                    CVE-2021-41174 (NVD) : 6.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:N
                    CVE-2021-41174 (SUSE): 6.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:N
                    CVE-2021-41244 (NVD) : 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-41244 (SUSE): 9.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
                    CVE-2021-43798 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
                    CVE-2021-43798 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
                    CVE-2021-43813 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
                    CVE-2021-43813 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
                    CVE-2021-43815 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
                    CVE-2021-43815 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
                    CVE-2022-21673 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
                    CVE-2022-21673 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
                    CVE-2022-21698 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-21698 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-21702 (NVD) : 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
                    CVE-2022-21702 (SUSE): 6.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N
                    CVE-2022-21703 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2022-21703 (SUSE): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
                    CVE-2022-21713 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
                    CVE-2022-21713 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Affected Products:
                    HPE Helion Openstack 8
                    SUSE Linux Enterprise Server 12-SP3-BCL
                    SUSE Linux Enterprise Server 12-SP3-LTSS
                    SUSE Linux Enterprise Server 12-SP4-LTSS
                    SUSE Linux Enterprise Server 12-SP5
                    SUSE Linux Enterprise Server for SAP 12-SP3
                    SUSE Linux Enterprise Server for SAP 12-SP4
                    SUSE Manager Tools 12
                    SUSE OpenStack Cloud 8
                    SUSE OpenStack Cloud 9
                    SUSE OpenStack Cloud Crowbar 8
                    SUSE OpenStack Cloud Crowbar 9
______________________________________________________________________________

   An update that fixes 13 vulnerabilities, contains 5
   features is now available.

Description:

   This update fixes the following issues:

   golang-github-QubitProducts-exporter_exporter:

   - Adapted to build on Enterprise Linux.
   - Fix build for RedHat 7
   - Require Go >= 1.14 also for CentOS
   - Add support for CentOS
   - Replace %{?systemd_requires} with %{?systemd_ordering}

   golang-github-prometheus-alertmanager:

   - CVE-2022-21698: Denial of service using InstrumentHandlerCounter.
     * Update vendor tarball with prometheus/client_golang 1.11.1
       (bsc#1196338, jsc#SLE-24077)
   - Update required Go version to 1.16
   - Update to version 0.23.0:
     * amtool: Detect version drift and warn users (#2672)
     * Add ability to skip TLS verification for amtool (#2663)
     * Fix empty isEqual in amtool. (#2668)
     * Fix main tests (#2670)
     * cli: add new template render command (#2538)
     * OpsGenie: refer to alert instead of incident (#2609)
     * Docs: target_match and source_match are DEPRECATED (#2665)
     * Fix test not waiting for cluster member to be ready
   - Added hardening to systemd service(s) (bsc#1181400)

   golang-github-prometheus-node_exporter:

   - CVE-2022-21698: Denial of service using InstrumentHandlerCounter.
     * Update vendor tarball with prometheus/client_golang 1.11.1
       (bsc#1196338, jsc#SLE-24238, jsc#SLE-24239)
   - Update to 1.3.0
     * [CHANGE] Add path label to rapl collector #2146
     * [CHANGE] Exclude filesystems under /run/credentials #2157
     * [CHANGE] Add TCPTimeouts to netstat default filter #2189
     * [FEATURE] Add lnstat collector for metrics from /proc/net/stat/ #1771
     * [FEATURE] Add darwin powersupply collector #1777
     * [FEATURE] Add support for monitoring GPUs on Linux #1998
     * [FEATURE] Add Darwin thermal collector #2032
     * [FEATURE] Add os release collector #2094
     * [FEATURE] Add netdev.address-info collector #2105
     * [FEATURE] Add clocksource metrics to time collector #2197
     * [ENHANCEMENT] Support glob textfile collector directories #1985
     * [ENHANCEMENT] ethtool: Expose node_ethtool_info metric #2080
     * [ENHANCEMENT] Use include/exclude flags for ethtool filtering #2165
     * [ENHANCEMENT] Add flag to disable guest CPU metrics #2123
     * [ENHANCEMENT] Add DMI collector #2131
     * [ENHANCEMENT] Add threads metrics to processes collector #2164
     * [ENHANCMMENT] Reduce timer GC delays in the Linux filesystem collector
       #2169
     * [ENHANCMMENT] Add TCPTimeouts to netstat default filter #2189
     * [ENHANCMMENT] Use SysctlTimeval for boottime collector on BSD #2208
     * [BUGFIX] ethtool: Sanitize metric names #2093
     * [BUGFIX] Fix ethtool collector for multiple interfaces #2126
     * [BUGFIX] Fix possible panic on macOS #2133
     * [BUGFIX] Collect flag_info and bug_info only for one core #2156
     * [BUGFIX] Prevent duplicate ethtool metric names #2187
   - Update to 1.2.2
     * Bug fixes Fix processes collector long int parsing #2112
   - Update to 1.2.1
     * Removed Remove obsolete capture permission denied error patch that is
       already included upstream Fix zoneinfo parsing prometheus/procfs#386
       Fix nvme collector log noise #2091 Fix rapl collector log noise #2092
   - Update to 1.2.0
     * Changes Rename filesystem collector flags to match other collectors
       #2012 Make node_exporter print usage to STDOUT #203
     * Features Add conntrack statistics metrics #1155 Add ethtool stats
       collector #1832 Add flag to ignore network speed if it is unknown
       #1989 Add tapestats collector for Linux #2044 Add nvme collector #2062
     * Enhancements Add ErrorLog plumbing to promhttp #1887 Add more
       Infiniband counters #2019 netclass: retrieve interface names and
       filter before parsing #2033 Add time zone offset metric #2060 Handle
       errors from disabled PSI subsystem #1983 Fix panic when using
       backwards compatible flags #2000 Fix wrong value for OpenBSD memory
       buffer cache #2015 Only initiate collectors once #2048 Handle small
       backwards jumps in CPU idle #2067
   - Apply patch to capture permission denied error for "energy_uj" file
     (bsc#1190535)

   grafana:

   - Update to version 8.3.5 (jsc#SLE-23439, jsc#SLE-23422)
     + Security:
       * Fixes XSS vulnerability in handling data sources (bsc#1195726,
         CVE-2022-21702)
       * Fixes cross-origin request forgery vulnerability (bsc#1195727,
         CVE-2022-21703)
       * Fixes Insecure Direct Object Reference vulnerability in Teams API
         (bsc#1195728, CVE-2022-21713)
   - Update to Go 1.17.
   - Add build-time dependency on `wire`.
   - Update license to GNU Affero General Public License v3.0.
   - Update to version 8.3.4
       * GetUserInfo: return an error if no user was found (bsc#1194873,
         CVE-2022-21673)
     + Features and enhancements:
       * Alerting: Allow configuration of non-ready alertmanagers.
       * Alerting: Allow customization of Google chat message.
       * AppPlugins: Support app plugins with only default nav.
       * InfluxDB: query editor: skip fields in metadata queries.
       * Postgres/MySQL/MSSQL: Cancel in-flight SQL query if user cancels
         query in grafana.
       * Prometheus: Forward oauth tokens after prometheus datasource
         migration.
     + Bug fixes:
       * Azure Monitor: Bug fix for variable interpolations in metrics
         dropdowns.
       * Azure Monitor: Improved error messages for variable queries.
       * CloudMonitoring: Fixes broken variable queries that use group bys.
       * Configuration: You can now see your expired API keys if you have no
         active ones.
       * Elasticsearch: Fix handling multiple datalinks for a single field.
       * Export: Fix error being thrown when exporting dashboards using query
         variables that reference the default datasource.
       * ImportDashboard: Fixes issue with importing dashboard and name
         ending up in uid.
       * Login: Page no longer overflows on mobile.
       * Plugins: Set backend metadata property for core plugins.
       * Prometheus: Fill missing steps with null values.
       * Prometheus: Fix interpolation of $__rate_interval variable.
       * Prometheus: Interpolate variables with curly brackets syntax.
       * Prometheus: Respect the http-method data source setting.
       * Table: Fixes issue with field config applied to wrong fields when
         hiding columns.
       * Toolkit: Fix bug with rootUrls not being properly parsed when
         signing a private plugin.
       * Variables: Fix so data source variables are added to adhoc
         configuration.
     + Plugin development fixes & changes:
       * Toolkit: Revert build config so tslib is bundled with plugins to
         prevent plugins from crashing.
   - Update to version 8.3.3:
       * BarChart: Use new data error view component to show actions in panel
         edit.
       * CloudMonitor: Iterate over pageToken for resources.
       * Macaron: Prevent WriteHeader invalid HTTP status code panic.
       * AnnoListPanel: Fix interpolation of variables in tags.
       * CloudWatch: Allow queries to have no dimensions specified.
       * CloudWatch: Fix broken queries for users migrating from 8.2.4/8.2.5
         to 8.3.0.
       * CloudWatch: Make sure MatchExact flag gets the right value.
       * Dashboards: Fix so that empty folders can be deleted from the manage
         dashboards/folders page.
       * InfluxDB: Improve handling of metadata query errors in InfluxQL.
       * Loki: Fix adding of ad hoc filters for queries with parser and
         line_format expressions.
       * Prometheus: Fix running of exemplar queries for non-histogram
         metrics.
       * Prometheus: Interpolate template variables in interval.
       * StateTimeline: Fix toolitp not showing when for frames with multiple
         fields.
       * TraceView: Fix virtualized scrolling when trace view is
         opened in right pane in Explore.
       * Variables: Fix repeating panels for on time range changed variables.
       * Variables: Fix so queryparam option works for scoped
   - Update to version 8.3.2
     + Security: Fixes CVE-2021-43813 and CVE-2021-43815.
   - Update to version 8.3.1
     + Security: Fixes CVE-2021-43798.
   - Update to version 8.3.0
       * Alerting: Prevent folders from being deleted when they contain
         alerts.
       * Alerting: Show full preview value in tooltip.
       * BarGauge: Limit title width when name is really long.
       * CloudMonitoring: Avoid to escape regexps in filters.
       * CloudWatch: Add support for AWS Metric Insights.
       * TooltipPlugin: Remove other panels' shared tooltip in edit panel.
       * Visualizations: Limit y label width to 40% of visualization width.
       * Alerting: Clear alerting rule evaluation errors after intermittent
         failures.
       * Alerting: Fix refresh on legacy Alert List panel.
       * Dashboard: Fix queries for panels with non-integer widths.
       * Explore: Fix url update inconsistency.
       * Prometheus: Fix range variables interpolation for time ranges
         smaller than 1 second.
       * ValueMappings: Fixes issue with regex value mapping that only sets
         color.
   - Update to version 8.3.0-beta2
     + Breaking changes:
       * Grafana 8 Alerting enabled by default for installations that do not
         use legacy alerting.
       * Keep Last State for "If execution error or timeout" when upgrading
         to Grafana 8 alerting.
       * Alerting: Create DatasourceError alert if evaluation returns error.
       * Alerting: Make Unified Alerting enabled by default for those who do
         not use legacy alerting.
       * Alerting: Support mute timings configuration through the api for the
         embedded alert manager.
       * CloudWatch: Add missing AWS/Events metrics.
       * Docs: Add easier to find deprecation notices to certain data sources
         and to the changelog.
       * Plugins Catalog: Enable install controls based on the
         pluginAdminEnabled flag.
       * Table: Add space between values for the DefaultCell and JSONViewCell.
       * Tracing: Make query editors available in dashboard for Tempo and
         Zipkin.
       * AccessControl: Renamed orgs roles, removed fixed:orgs:reader
         introduced in beta1.
       * Azure Monitor: Add trap focus for modals in grafana/ui and
         other small a11y fixes for Azure Monitor.
       * CodeEditor: Prevent suggestions from being clipped.
       * Dashboard: Fix cache timeout persistence.
       * Datasource: Fix stable sort order of query responses.
       * Explore: Fix error in query history when removing last item.
       * Logs: Fix requesting of older logs when flipped order.
       * Prometheus: Fix running of health check query based on access mode.
       * TextPanel: Fix suggestions for existing panels.
       * Tracing: Fix incorrect indentations due to reoccurring spanIDs.
       * Tracing: Show start time of trace with milliseconds precision.
       * Variables: Make renamed or missing variable section expandable.
       * Select: Select menus now properly scroll during keyboard navigation.
   - Update to version 8.3.0-beta1
       * Alerting: Add UI for contact point testing with custom annotations
         and labels.
       * Alerting: Make alert state indicator in panel header work with
         Grafana 8 alerts.
       * Alerting: Option for Discord notifier to use webhook name.
       * Annotations: Deprecate AnnotationsSrv.
       * Auth: Omit all base64 paddings in JWT tokens for the JWT auth.
       * Azure Monitor: Clean up fields when editing Metrics.
       * AzureMonitor: Add new starter dashboards.
       * AzureMonitor: Add starter dashboard for app monitoring with
         Application Insights.
       * Barchart/Time series: Allow x axis label.
       * CLI: Improve error handling for installing plugins.
       * CloudMonitoring: Migrate to use backend plugin SDK contracts.
       * CloudWatch Logs: Add retry strategy for hitting max concurrent
         queries.
       * CloudWatch: Add AWS RoboMaker metrics and dimension.
       * CloudWatch: Add AWS Transfer metrics and dimension.
       * Dashboard: replace datasource name with a reference object.
       * Dashboards: Show logs on time series when hovering.
       * Elasticsearch: Add support for Elasticsearch 8.0 (Beta).
       * Elasticsearch: Add time zone setting to Date Histogram aggregation.
       * Elasticsearch: Enable full range log volume histogram.
       * Elasticsearch: Full range logs volume.
       * Explore: Allow changing the graph type.
       * Explore: Show ANSI colors when highlighting matched words in the
         logs panel.
       * Graph(old) panel: Listen to events from Time series panel.
       * Import: Load gcom dashboards from URL.
       * LibraryPanels: Improves export and import of library panels between
         orgs.
       * OAuth: Support PKCE.
       * Panel edit: Overrides now highlight correctly when searching.
       * PanelEdit: Display drag indicators on draggable sections.
       * Plugins: Refactor Plugin Management.
       * Prometheus: Add custom query parameters when creating PromLink url.
       * Prometheus: Remove limits on metrics, labels, and values in Metrics
         Browser.
       * StateTimeline: Share cursor with rest of the panels.
       * Tempo: Add error details when json upload fails.
       * Tempo: Add filtering for service graph query.
       * Tempo: Add links to nodes in Service Graph pointing to Prometheus
         metrics.
       * Time series/Bar chart panel: Add ability to sort series via legend.
       * TimeSeries: Allow multiple axes for the same unit.
       * TraceView: Allow span links defined on dataFrame.
       * Transformations: Support a rows mode in labels to fields.
       * ValueMappings: Don't apply field config defaults to time fields.
       * Variables: Only update panels that are impacted by variable change.
       * API: Fix dashboard quota limit for imports.
       * Alerting: Fix rule editor issues with Azure Monitor data source.
       * Azure monitor: Make sure alert rule editor is not enabled when
         template variables are being used.
       * CloudMonitoring: Fix annotation queries.
       * CodeEditor: Trigger the latest getSuggestions() passed to CodeEditor.
       * Dashboard: Remove the current panel from the list of options in the
         Dashboard datasource.
       * Encryption: Fix decrypting secrets in alerting migration.
       * InfluxDB: Fix corner case where index is too large in ALIAS
       * NavBar: Order App plugins alphabetically.
       * NodeGraph: Fix zooming sensitivity on touchpads.
       * Plugins: Add OAuth pass-through logic to api/ds/query endpoint.
       * Snapshots: Fix panel inspector for snapshot data.
       * Tempo: Fix basic auth password reset on adding tag.
       * ValueMapping: Fixes issue with regex mappings.
       * grafana/ui: Enable slider marks display.
   - Update to version 8.2.7
   - Update to version 8.2.6
       * Security: Upgrade Docker base image to Alpine 3.14.3.
       * Security: Upgrade Go to 1.17.2.
       * TimeSeries: Fix fillBelowTo wrongly affecting fills of unrelated
         series.
   - Update to version 8.2.5
       * Fix No Data behaviour in Legacy Alerting.
       * Alerting: Fix a bug where the metric in the evaluation string was
         not correctly populated.
       * Alerting: Fix no data behaviour in Legacy Alerting for alert rules
         using the AND operator.
       * CloudMonitoring: Ignore min and max aggregation in MQL queries.
       * Dashboards: 'Copy' is no longer added to new dashboard titles.
       * DataProxy: Fix overriding response body when response is a WebSocket
         upgrade.
       * Elasticsearch: Use field configured in query editor as field for
         date_histogram aggregations.
       * Explore: Fix running queries without a datasource property set.
       * InfluxDB: Fix numeric aliases in queries.
       * Plugins: Ensure consistent plugin settings list response.
       * Tempo: Fix validation of float durations.
       * Tracing: Correct tags for each span are shown.
   - Update to version 8.2.4
     + Security: Fixes CVE-2021-41244.
   - Update to version 8.2.3
     + Security: Fixes CVE-2021-41174.
   - Update to version 8.2.2
       * Annotations: We have improved tag search performance.
       * Application: You can now configure an error-template title.
       * AzureMonitor: We removed a restriction from the resource filter
         query.
       * Packaging: We removed the ProcSubset option in systemd. This
         option prevented Grafana from starting in LXC environments.
       * Prometheus: We removed the autocomplete limit for metrics.
       * Table: We improved the styling of the type icons to make them more
         distinct from column / field name.
       * ValueMappings: You can now use value mapping in stat, gauge, bar
         gauge, and pie chart visualizations.
       * Alerting: Fix panic when Slack's API sends unexpected response.
       * Alerting: The Create Alert button now appears on the dashboard panel
         when you are working with a default datasource.
       * Explore: We fixed the problem where the Explore log panel disappears
         when an Elasticsearch logs query returns no results.
       * Graph: You can now see annotation descriptions on hover.
       * Logs: The system now uses the JSON parser only if the line is parsed
         to an object.
       * Prometheus: We fixed the issue where the system did not reuse TCP
         connections when querying from Grafana alerting.
       * Prometheus: We fixed the problem that resulted in an error when a
         user created a query with a $__interval min step.
       * RowsToFields: We fixed the issue where the system was not properly
         interpreting number values.
       * Scale: We fixed how the system handles NaN percent when data min =
         data max.
       * Table panel: You can now create a filter that includes special
         characters.
   - Update to version 8.2.1
       * Dashboard: Fix rendering of repeating panels.
       * Datasources: Fix deletion of data source if plugin is not found.
       * Packaging: Remove systemcallfilters sections from systemd unit files.
       * Prometheus: Add Headers to HTTP client options.
   - Update to version 8.2.0
       * AWS: Updated AWS authentication documentation.
       * Alerting: Added support Alertmanager data source for upstream
         Prometheus AM implementation.
       * Alerting: Allows more characters in label names so notifications are
         sent.
       * Alerting: Get alert rules for a dashboard or a panel using
         /api/v1/rules endpoints.
       * Annotations: Improved rendering performance of event markers.
       * CloudWatch Logs: Skip caching for log queries.
       * Explore: Added an opt-in configuration for Node Graph in Jaeger,
         Zipkin, and Tempo.
       * Packaging: Add stricter systemd unit options.
       * Prometheus: Metrics browser can now handle label values with
       * CodeEditor: Ensure that we trigger the latest onSave callback
         provided to the component.
       * DashboardList/AlertList: Fix for missing All folder value.
       * Plugins: Create a mock icon component to prevent console errors.
   - Update to version 8.2.0-beta2
       * AccessControl: Document new permissions restricting data source
         access.
       * TimePicker: Add fiscal years and search to time picker.
       * Alerting: Added support for Unified Alerting with Grafana HA.
       * Alerting: Added support for tune rule evaluation using configuration
         options.
       * Alerting: Cleanups alertmanager namespace from key-value store when
         disabling Grafana 8 alerts.
       * Alerting: Remove ngalert feature toggle and introduce two new
         settings for enabling Grafana 8 alerts and disabling them for
         specific organisations.
       * CloudWatch: Introduced new math expression where it is necessary to
         specify the period field.
       * InfluxDB: Added support for $__interval and $__interval_ms in Flux
         queries for alerting.
       * InfluxDB: Flux queries can use more precise start and end timestamps
         with nanosecond-precision.
       * Plugins Catalog: Make the catalog the default way to interact with
         plugins.
       * Prometheus: Removed autocomplete limit for metrics.
       * Alerting: Fixed an issue where the edit page crashes if you tried to
         preview an alert without a condition set.
       * Alerting: Fixed rules migration to keep existing Grafana 8 alert
         rules.
       * Alerting: Fixed the silence file content generated during
       * Analytics: Fixed an issue related to interaction event propagation
         in Azure Application Insights.
       * BarGauge: Fixed an issue where the cell color was lit even though
         there was no data.
       * BarGauge: Improved handling of streaming data.
       * CloudMonitoring: Fixed INT64 label unmarshal error.
       * ConfirmModal: Fixes confirm button focus on modal open.
       * Dashboard: Add option to generate short URL for variables with
         values containing spaces.
       * Explore: No longer hides errors containing refId property.
       * Fixed an issue that produced State timeline panel tooltip error when
         data was not in sync.
       * InfluxDB: InfluxQL query editor is set to always use resultFormat.
       * Loki: Fixed creating context query for logs with parsed labels.
       * PageToolbar: Fixed alignment of titles.
       * Plugins Catalog: Update to the list of available panels after an
         install, update or uninstall.
       * TimeSeries: Fixed an issue where the shared cursor was not showing
         when hovering over in old Graph panel.
       * Variables: Fixed issues related to change of focus or refresh pages
         when pressing enter in a text box variable input.
       * Variables: Panel no longer crash when using the adhoc variable in
         data links.
   - Update to version 8.2.0-beta1
       * AccessControl: Introduce new permissions to restrict access for
         reloading provisioning configuration.
       * Alerting: Add UI to edit Cortex/Loki namespace, group names, and
         group evaluation interval.
       * Alerting: Add a Test button to test contact point.
       * Alerting: Allow creating/editing recording rules for Loki and Cortex.
       * Alerting: Metrics should have the label org instead of user.
       * Alerting: Sort notification channels by name to make them easier to
         locate.
       * Alerting: Support org level isolation of notification
       * AzureMonitor: Add data links to deep link to Azure Portal Azure
         Resource Graph.
       * AzureMonitor: Add support for annotations from Azure Monitor Metrics
         and Azure Resource Graph services.
       * AzureMonitor: Show error message when subscriptions request fails in
         ConfigEditor.
       * Chore: Update to Golang 1.16.7.
       * CloudWatch Logs: Add link to X-Ray data source for trace IDs in logs.
       * CloudWatch Logs: Disable query path using websockets (Live) feature.
       * CloudWatch/Logs: Don't group dataframes for non time series
       * Cloudwatch: Migrate queries that use multiple stats to one query per
         stat.
       * Dashboard: Keep live timeseries moving left (v2).
       * Datasources: Introduce response_limit for datasource responses.
       * Explore: Add filter by trace or span ID to trace to logs
       * Explore: Download traces as JSON in Explore Inspector.
       * Explore: Reuse Dashboard's QueryRows component.
       * Explore: Support custom display label for derived fields buttons for
         Loki datasource.
       * Grafana UI: Update monaco-related dependencies.
       * Graphite: Deprecate browser access mode.
       * InfluxDB: Improve handling of intervals in alerting.
       * InfluxDB: InfluxQL query editor: Handle unusual characters in tag
         values better.
       * Jaeger: Add ability to upload JSON file for trace data.
       * LibraryElements: Enable specifying UID for new and existing library
         elements.
       * LibraryPanels: Remove library panel icon from the panel header so
         you can no longer tell that a panel is a library panel from the
         dashboard view.
       * Logs panel: Scroll to the bottom on page refresh when sorting in
         ascending order.
       * Loki: Add fuzzy search to label browser.
       * Navigation: Implement active state for items in the Sidemenu.
       * Packaging: Update PID file location from /var/run to /run.
       * Plugins: Add Hide OAuth Forward config option.
       * Postgres/MySQL/MSSQL: Add setting to limit the maximum number
         of rows processed.
       * Prometheus: Add browser access mode deprecation warning.
       * Prometheus: Add interpolation for built-in-time variables to backend.
       * Tempo: Add ability to upload trace data in JSON format.
       * TimeSeries/XYChart: Allow grid lines visibility control in XYChart
         and TimeSeries panels.
       * Transformations: Convert field types to time string number or
         boolean.
       * Value mappings: Add regular-expression based value mapping.
       * Zipkin: Add ability to upload trace JSON.
       * Admin: Prevent user from deleting user's current/active
         organization.
       * LibraryPanels: Fix library panel getting saved in the dashboard's
         folder.
       * OAuth: Make generic teams URL and JMES path configurable.
       * QueryEditor: Fix broken copy-paste for mouse middle-click
       * Thresholds: Fix undefined color in "Add threshold".
       * Timeseries: Add wide-to-long, and fix multi-frame output.
       * TooltipPlugin: Fix behavior of Shared Crosshair when Tooltip is set
         to All.
       * Grafana UI: Fix TS error property css is missing in type.
   - Update to version 8.1.8
   - Update to version 8.1.7
       * Alerting: Fix alerts with evaluation interval more than 30 seconds
         resolving before notification.
       * Elasticsearch/Prometheus: Fix usage of proper SigV4 service
         namespace.
   - Update to version 8.1.6
     + Security: Fixes CVE-2021-39226.
   - Update to version 8.1.5
       * BarChart: Fixes panel error that happens on second refresh.
   - Update to version 8.1.4
     + Features and enhancements
       * Explore: Ensure logs volume bar colors match legend colors.
       * LDAP: Search all DNs for users.
       * Alerting: Fix notification channel migration.
       * Annotations: Fix blank panels for queries with unknown data sources.
       * BarChart: Fix stale values and x axis labels.
       * Graph: Make old graph panel thresholds work even if ngalert is
         enabled.
       * InfluxDB: Fix regex to identify / as separator.
       * LibraryPanels: Fix update issues related to library panels in rows.
       * Variables: Fix variables not updating inside a Panel when the
         preceding Row uses "Repeat For".
   - Update to version 8.1.3
     + Bug fixes
       * Alerting: Fix alert flapping in the internal alertmanager.
       * Alerting: Fix request handler failed to convert dataframe "results"
         to plugins.DataTimeSeriesSlice: input frame is not recognized as a
         time series.
       * Dashboard: Fix UIDs are not preserved when importing/creating
         dashboards thru importing .json file.
       * Dashboard: Forces panel re-render when exiting panel edit.
       * Dashboard: Prevent folder from changing when navigating to general
         settings.
       * Docker: Force use of libcrypto1.1 and libssl1.1 versions to fix
         CVE-2021-3711.
       * Elasticsearch: Fix metric names for alert queries.
       * Elasticsearch: Limit Histogram field parameter to numeric values.
       * Elasticsearch: Prevent pipeline aggregations to show up in terms
         order by options.
       * LibraryPanels: Prevent duplicate repeated panels from being created.
       * Loki: Fix ad-hoc filter in dashboard when used with parser.
       * Plugins: Track signed files + add warn log for plugin assets which
         are not signed.
       * Postgres/MySQL/MSSQL: Fix region annotations not displayed correctly.
       * Prometheus: Fix validate selector in metrics browser.
       * Security: Fix stylesheet injection vulnerability.
       * Security: Fix short URL vulnerability.
   - Update to version 8.1.2
       * AzureMonitor: Add support for PostgreSQL and MySQL Flexible Servers.
       * Datasource: Change HTTP status code for failed datasource health
         check to 400.
       * Explore: Add span duration to left panel in trace viewer.
       * Plugins: Use file extension allowlist when serving plugin assets
         instead of checking for UNIX executable.
       * Profiling: Add support for binding pprof server to custom network
         interfaces.
       * Search: Make search icon keyboard navigable.
       * Template variables: Keyboard navigation improvements.
       * Tooltip: Display ms within minute time range.
       * Alerting: Fix saving LINE contact point.
       * Annotations: Fix alerting annotation coloring.
       * Annotations: Alert annotations are now visible in the correct Panel.
       * Auth: Hide SigV4 config UI and disable middleware when its config
         flag is disabled.
       * Dashboard: Prevent incorrect panel layout by comparing window width
         against theme breakpoints.
       * Explore: Fix showing of full log context.
       * PanelEdit: Fix 'Actual' size by passing the correct panel size to
         Dashboard.
       * Plugins: Fix TLS datasource settings.
       * Variables: Fix issue with empty drop downs on navigation.
       * Variables: Fix URL util converting false into true.
       * Toolkit: Fix matchMedia not found error.
   - Update to version 8.1.1
       * CloudWatch Logs: Fix crash when no region is selected.
   - Update to version 8.1.0
       * Alerting: Deduplicate receivers during migration.
       * ColorPicker: Display colors as RGBA.
       * Select: Make portalling the menu opt-in, but opt-in everywhere.
       * TimeRangePicker: Improve accessibility.
       * Annotations: Correct annotations that are displayed upon page
         refresh.
       * Annotations: Fix Enabled button that disappeared from Grafana v8.0.6.
       * Annotations: Fix data source template variable that was not
         available for annotations.
       * AzureMonitor: Fix annotations query editor that does not load.
       * Geomap: Fix scale calculations.
       * GraphNG: Fix y-axis autosizing.
       * Live: Display stream rate and fix duplicate channels in list
       * Loki: Update labels in log browser when time range changes in
         dashboard.
       * NGAlert: Send resolve signal to alertmanager on alerting -> Normal.
       * PasswordField: Prevent a password from being displayed when you
         click the Enter button.
       * Renderer: Remove debug.log file when Grafana is stopped.
       * Security: Update dependencies to fix CVE-2021-36222.
   - Update to version 8.1.0-beta3
       * Alerting: Support label matcher syntax in alert rule list filter.
       * IconButton: Put tooltip text as aria-label.
       * Live: Experimental HA with Redis.
       * UI: FileDropzone component.
       * CloudWatch: Add AWS LookoutMetrics.
       * Docker: Fix builds by delaying go mod verify until all required
         files are copied over.
       * Exemplars: Fix disable exemplars only on the query that failed.
       * SQL: Fix SQL dataframe resampling (fill mode + time intervals).
   - Update to version 8.1.0-beta2
       * Alerting: Expand the value string in alert annotations and
       * Auth: Add Azure HTTP authentication middleware.
       * Auth: Auth: Pass user role when using the authentication proxy.
       * Gazetteer: Update countries.json file to allow for linking to
         3-letter country codes.
       * Config: Fix Docker builds by correcting formatting in sample.ini.
       * Explore: Fix encoding of internal URLs.
   - Update to version 8.1.0-beta1
       * Alerting: Add Alertmanager notifications tab.
       * Alerting: Add button to deactivate current Alertmanager
       * Alerting: Add toggle in Loki/Prometheus data source configuration to
         opt out of alerting UI.
       * Alerting: Allow any "evaluate for" value >=0 in the alert rule form.
       * Alerting: Load default configuration from status endpoint, if Cortex
         Alertmanager returns empty user configuration.
       * Alerting: view to display alert rule and its underlying data.
       * Annotation panel: Release the annotation panel.
       * Annotations: Add typeahead support for tags in built-in annotations.
       * AzureMonitor: Add curated dashboards for Azure services.
       * AzureMonitor: Add support for deep links to Microsoft Azure portal
         for Metrics.
       * AzureMonitor: Remove support for different credentials for Azure
         Monitor Logs.
       * AzureMonitor: Support querying any Resource for Logs queries.
       * Elasticsearch: Add frozen indices search support.
       * Elasticsearch: Name fields after template variables values instead
         of their name.
       * Elasticsearch: add rate aggregation.
       * Email: Allow configuration of content types for email notifications.
       * Explore: Add more meta information when line limit is hit.
       * Explore: UI improvements to trace view.
       * FieldOverrides: Added support to change display name in an
         override field and have it be matched by a later rule.
       * HTTP Client: Introduce dataproxy_max_idle_connections config
         variable.
       * InfluxDB: InfluxQL: adds tags to timeseries data.
       * InfluxDB: InfluxQL: make measurement search case insensitive. Legacy
         Alerting: Replace simplejson with a struct in webhook notification
         channel.
       * Legend: Updates display name for Last (not null) to just Last*.
       * Logs panel: Add option to show common labels.
       * Loki: Add $__range variable.
       * Loki: Add support for "label_values(log stream selector, label)" in
         templating.
       * Loki: Add support for ad-hoc filtering in dashboard.
       * MySQL Datasource: Add timezone parameter.
       * NodeGraph: Show gradient fields in legend.
       * PanelOptions: Don't mutate panel options/field config object when
         updating.
       * PieChart: Make pie gradient more subtle to match other charts.
       * Prometheus: Update PromQL typeahead and highlighting.
       * Prometheus: interpolate variable for step field.
       * Provisioning: Improve validation by validating across all dashboard
         providers.
       * SQL Datasources: Allow multiple string/labels columns with time
         series.
       * Select: Portal select menu to document.body.
       * Team Sync: Add group mapping to support team sync in the Generic
         OAuth provider.
       * Tooltip: Make active series more noticeable.
       * Tracing: Add support to configure trace to logs start and end time.
       * Transformations: Skip merge when there is only a single data frame.
       * ValueMapping: Added support for mapping text to color, boolean
         values, NaN and Null. Improved UI for value mapping.
       * Visualizations: Dynamically set any config (min, max, unit, color,
         thresholds) from query results.
       * live: Add support to handle origin without a value for the port when
         matching with root_url.
       * Alerting: Handle marshaling Inf values.
       * AzureMonitor: Fix macro resolution for template variables.
       * AzureMonitor: Fix queries with Microsoft.NetApp/../../volumes
         resources.
       * AzureMonitor: Request and concat subsequent resource pages.
       * Bug: Fix parse duration for day.
       * Datasources: Improve error handling for error messages.
       * Explore: Correct the functionality of shift-enter shortcut across
         all uses.
       * Explore: Show all dataFrames in data tab in Inspector.
       * GraphNG: Fix Tooltip mode 'All' for XYChart.
       * Loki: Fix highlight of logs when using filter expressions with
         backticks.
       * Modal: Force modal content to overflow with scroll.
       * Plugins: Ignore symlinked folders when verifying plugin signature.
       * Toolkit: Improve error messages when tasks fail.
   - Update to version 8.0.7
   - Update to version 8.0.6
       * Alerting: Add annotation upon alert state change.
       * Alerting: Allow space in label and annotation names.
       * InfluxDB: Improve legend labels for InfluxDB query results.
       * Alerting: Fix improper alert by changing the handling of empty
         labels.
       * CloudWatch/Logs: Reestablish Cloud Watch alert behavior.
       * Dashboard: Avoid migration breaking on fieldConfig without defaults
         field in folded panel.
       * DashboardList: Fix issue not re-fetching dashboard list after
         variable change.
       * Database: Fix incorrect format of isolation level configuration
         parameter for MySQL.
       * InfluxDB: Correct tag filtering on InfluxDB data.
       * Links: Fix links that caused a full page reload.
       * Live: Fix HTTP error when InfluxDB metrics have an incomplete
         or asymmetrical field set.
       * Postgres/MySQL/MSSQL: Change time field to "Time" for time series
         queries.
       * Postgres: Fix the handling of a null return value in query
       * Tempo: Show hex strings instead of uints for IDs.
       * TimeSeries: Improve tooltip positioning when tooltip
         overflows.
       * Transformations: Add 'prepare time series' transformer.
   - Update to version 8.0.5
       * Cloudwatch Logs: Send error down to client.
       * Folders: Return 409 Conflict status when folder already exists.
       * TimeSeries: Do not show series in tooltip if it's hidden in the viz.
       * AzureMonitor: Fix issue where resource group name is missing
         on the resource picker button.
       * Chore: Fix AWS auth assuming role with workspace IAM.
       * DashboardQueryRunner: Fixes unrestrained subscriptions being
       * DateFormats: Fix reading correct setting key for use_browser_locale.
       * Links: Fix links to other apps outside Grafana when under sub path.
       * Snapshots: Fix snapshot absolute time range issue.
       * Table: Fix data link color.
       * Time Series: Fix X-axis time format when tick increment is larger
         than a year.
       * Tooltip Plugin: Prevent tooltip render if field is undefined.
   - Update to version 8.0.4
       * Live: Rely on app url for origin check.
       * PieChart: Sort legend descending, update placeholder.
       * TimeSeries panel: Do not reinitialize plot when thresholds mode
         change.
       * Elasticsearch: Allow case sensitive custom options in date_histogram
         interval.
       * Elasticsearch: Restore previous field naming strategy when using
         variables.
       * Explore: Fix import of queries between SQL data sources.
       * InfluxDB: InfluxQL query editor: fix retention policy handling.
       * Loki: Send correct time range in template variable queries.
       * TimeSeries: Preserve RegExp series overrides when migrating from old
         graph panel.
   - Update to version 8.0.3
       * Alerting: Increase alertmanager_conf column if MySQL.
       * Time series/Bar chart panel: Handle infinite numbers as nulls when
         converting to plot array.
       * TimeSeries: Ensure series overrides that contain color are migrated,
         and migrate the previous fieldConfig when changing the panel type.
       * ValueMappings: Improve singlestat value mappings migration.
       * Annotations: Fix annotation line and marker colors.
       * AzureMonitor: Fix KQL template variable queries without default
         workspace.
       * CloudWatch/Logs: Fix missing response data for log queries.
       * LibraryPanels: Fix crash in library panels list when panel plugin is
         not found.
       * LogsPanel: Fix performance drop when moving logs panel in
       * Loki: Parse log levels when ANSI coloring is enabled.
       * MSSQL: Fix issue with hidden queries still being executed.
       * PanelEdit: Display the VisualizationPicker that was not displayed if
         a panel has an unknown panel plugin.
       * Plugins: Fix loading symbolically linked plugins.
       * Prometheus: Fix issue where legend name was replaced with name Value
         in stat and gauge panels.
       * State Timeline: Fix crash when hovering over panel.
   - Update to version 8.0.2
       * Datasource: Add support for max_conns_per_host in dataproxy settings.
       * Configuration: Fix changing org preferences in FireFox.
       * PieChart: Fix legend dimension limits.
       * Postgres/MySQL/MSSQL: Fix panic in concurrent map writes.
       * Variables: Hide default data source if missing from regex.
   - Update to version 8.0.1
       * Alerting/SSE: Fix "count_non_null" reducer validation.
       * Cloudwatch: Fix duplicated time series.
       * Cloudwatch: Fix missing defaultRegion.
       * Dashboard: Fix Dashboard init failed error on dashboards with
         old singlestat panels in collapsed rows.
       * Datasource: Fix storing timeout option as numeric.
       * Postgres/MySQL/MSSQL: Fix annotation parsing for empty
       * Postgres/MySQL/MSSQL: Numeric/non-string values are now returned
         from query variables.
       * Postgres: Fix an error that was thrown when the annotation query did
         not return any results.
       * StatPanel: Fix an issue with the appearance of the graph when
         switching color mode.
       * Visualizations: Fix an issue in the Stat/BarGauge/Gauge/PieChart
         panels where all values mode were showing the same name if they had
         the same value.
       * Toolkit: Resolve external fonts when Grafana is served from a sub
         path.
   - Update to version 8.0.0
       * The following endpoints were deprecated for Grafana v5.0 and support
         for them has now been removed: GET /dashboards/db/:slug GET
         /dashboard-solo/db/:slug GET /api/dashboard/db/:slug DELETE
         /api/dashboards/db/:slug
       * AzureMonitor: Require default subscription for workspaces() template
         variable query.
       * AzureMonitor: Use resource type display names in the UI.
       * Dashboard: Remove support for loading and deleting dashboard by slug.
       * InfluxDB: Deprecate direct browser access in data source.
       * VizLegend: Add a read-only property.
       * AzureMonitor: Fix Azure Resource Graph queries in Azure China.
       * Checkbox: Fix vertical layout issue with checkboxes due to fixed
         height.
       * Dashboard: Fix Table view when editing causes the panel data to not
         update.
       * Dashboard: Fix issues where unsaved-changes warning is not displayed.
       * Login: Fixes Unauthorized message showing when on login page
         or snapshot page.
       * NodeGraph: Fix sorting markers in grid view.
       * Short URL: Include orgId in generated short URLs.
       * Variables: Support raw values of boolean type.
   - Update to version 8.0.0-beta3
       * The default HTTP method for Prometheus data source is now POST.
       * API: Support folder UID in dashboards API.
       * Alerting: Add support for configuring avatar URL for the Discord
         notifier.
       * Alerting: Clarify that Threema Gateway Alerts support only Basic IDs.
       * Azure: Expose Azure settings to external plugins.
       * AzureMonitor: Deprecate using separate credentials for Azure Monitor
         Logs.
       * AzureMonitor: Display variables in resource picker for Azure
       * AzureMonitor: Hide application insights for data sources not using
         it.
       * AzureMonitor: Support querying subscriptions and resource groups in
         Azure Monitor Logs.
       * AzureMonitor: remove requirement for default subscription.
       * CloudWatch: Add Lambda at Edge Amazon CloudFront metrics.
       * CloudWatch: Add missing AWS AppSync metrics.
       * ConfirmModal: Auto focus delete button.
       * Explore: Add caching for queries that are run from logs
       * Loki: Add formatting for annotations.
       * Loki: Bring back processed bytes as meta information.
       * NodeGraph: Display node graph collapsed by default with trace view.
       * Overrides: Include a manual override option to hide something from
         visualization.
       * PieChart: Support row data in pie charts.
       * Prometheus: Update default HTTP method to POST for existing data
         sources.
       * Time series panel: Position tooltip correctly when window is
         scrolled or resized.
       * Admin: Fix infinite loading edit on the profile page.
       * Color: Fix issues with random colors in string and date
       * Dashboard: Fix issue with title or folder change has no effect after
         exiting settings view.
       * DataLinks: Fix an issue __series.name is not working in data link.
       * Datasource: Fix dataproxy timeout should always be applied for
         outgoing data source HTTP requests.
       * Elasticsearch: Fix NewClient not passing httpClientProvider to
         client impl.
       * Explore: Fix Browser title not updated on Navigation to Explore.
       * GraphNG: Remove fieldName and hideInLegend properties from
         UPlotSeriesBuilder.
       * OAuth: Fix fallback to auto_assign_org_role setting for Azure AD
         OAuth when no role claims exists.
       * PanelChrome: Fix issue with empty panel after adding a non data
         panel and coming back from panel edit.
       * StatPanel: Fix data link tooltip not showing for single value.
       * Table: Fix sorting for number fields.
       * Table: Have text underline for datalink, and add support for image
         datalink.
       * Transformations: Prevent FilterByValue transform from crashing panel
         edit.
   - Update to version 8.0.0-beta2
       * AppPlugins: Expose react-router to apps.
       * AzureMonitor: Add Azure Resource Graph.
       * AzureMonitor: Managed Identity configuration UI.
       * AzureMonitor: Token provider with support for Managed Identities.
       * AzureMonitor: Update Logs workspace() template variable query to
         return resource URIs.
       * BarChart: Value label sizing.
       * CloudMonitoring: Add support for preprocessing.
       * CloudWatch: Add AWS/EFS StorageBytes metric.
       * CloudWatch: Allow use of missing AWS namespaces using custom
       * Datasource: Shared HTTP client provider for core backend data
         sources and any data source using the data source proxy.
       * InfluxDB: InfluxQL: allow empty tag values in the query editor.
       * Instrumentation: Instrument incoming HTTP request with histograms by
         default.
       * Library Panels: Add name endpoint & unique name validation to
         AddLibraryPanelModal.
       * Logs panel: Support details view.
       * PieChart: Always show the calculation options dropdown in the
       * PieChart: Remove beta flag.
       * Plugins: Enforce signing for all plugins.
       * Plugins: Remove support for deprecated backend plugin protocol
         version.
       * Tempo/Jaeger: Add better display name to legend.
       * Timeline: Add time range zoom.
       * Timeline: Adds opacity & line width option.
       * Timeline: Value text alignment option.
       * ValueMappings: Add duplicate action, and disable dismiss on backdrop
         click.
       * Zipkin: Add node graph view to trace response.
       * Annotations panel: Remove subpath from dashboard links.
       * Content Security Policy: Allow all image sources by default.
       * Content Security Policy: Relax default template wrt. loading
         of scripts, due to nonces not working.
       * Datasource: Fix tracing propagation for alert execution by
         introducing HTTP client outgoing tracing middleware.
       * InfluxDB: InfluxQL always apply time interval end.
       * Library Panels: Fixes "error while loading library panels".
       * NewsPanel: Fixes rendering issue in Safari.
       * PanelChrome: Fix queries being issued again when scrolling in and
         out of view.
       * Plugins: Fix Azure token provider cache panic and auth param nil
         value.
       * Snapshots: Fix key and deleteKey being ignored when creating an
         external snapshot.
       * Table: Fix issue with cell border not showing with colored
         background cells.
       * Table: Makes tooltip scrollable for long JSON values.
       * TimeSeries: Fix for Connected null values threshold toggle during
         panel editing.
       * Variables: Fixes inconsistent selected states on dashboard
       * Variables: Refreshes all panels even if panel is full screen.
       * QueryField: Remove carriage return character from pasted text.
   - Update to version 8.0.0-beta1
     + License update:
       * AGPL License: Update license from Apache 2.0 to the GNU Affero
         General Public License (AGPL).
       * Removes the never refresh option for Query variables.
       * Removes the experimental Tags feature for Variables.
     + Deprecations:
       * The InfoBox & FeatureInfoBox are now deprecated please use the Alert
         component instead with severity info.
       * API: Add org users with pagination.
       * API: Return 404 when deleting nonexistent API key.
       * API: Return query results as JSON rather than base64 encoded Arrow.
       * Alerting: Allow sending notification tags to Opsgenie as extra
         properties.
       * Alerts: Replaces all uses of InfoBox & FeatureInfoBox with Alert.
       * Auth: Add support for JWT Authentication.
       * AzureMonitor: Add support for Microsoft.SignalRService/SignalR
         metrics.
       * AzureMonitor: Azure settings in Grafana server config.
       * AzureMonitor: Migrate Metrics query editor to React.
       * BarChart panel: enable series toggling via legend.
       * BarChart panel: Adds support for Tooltip in BarChartPanel.
       * PieChart panel: Change look of highlighted pie slices.
       * CloudMonitoring: Migrate config editor from angular to react.
       * CloudWatch: Add Amplify Console metrics and dimensions.
       * CloudWatch: Add missing Redshift metrics to CloudWatch data
       * CloudWatch: Add metrics for managed RabbitMQ service.
       * DashboardList: Enable templating on search tag input.
       * Datasource config: correctly remove single custom http header.
       * Elasticsearch: Add generic support for template variables.
       * Elasticsearch: Allow omitting field when metric supports inline
         script.
       * Elasticsearch: Allow setting a custom limit for log queries.
       * Elasticsearch: Guess field type from first non-empty value.
       * Elasticsearch: Use application/x-ndjson content type for multisearch
         requests.
       * Elasticsearch: Use semver strings to identify ES version.
       * Explore: Add logs navigation to request more logs.
       * Explore: Map Graphite queries to Loki.
       * Explore: Scroll split panes in Explore independently.
       * Explore: Wrap each panel in separate error boundary.
       * FieldDisplay: Smarter naming of stat values when visualising row
         values (all values) in stat panels.
       * Graphite: Expand metric names for variables.
       * Graphite: Handle unknown Graphite functions without breaking the
         visual editor.
       * Graphite: Show graphite functions descriptions.
       * Graphite: Support request cancellation properly (Uses new
         backendSrv.fetch Observable request API).
       * InfluxDB: Flux: Improve handling of complex response-structures.
       * InfluxDB: Support region annotations.
       * Inspector: Download logs for manual processing.
       * Jaeger: Add node graph view for trace.
       * Jaeger: Search traces.
       * Loki: Use data source settings for alerting queries.
       * NodeGraph: Exploration mode.
       * OAuth: Add support for empty scopes.
       * PanelChrome: New logic-less emotion based component with no
         dependency on PanelModel or DashboardModel.
       * PanelEdit: Adds a table view toggle to quickly view data in table
         form.
       * PanelEdit: Highlight matched words when searching options.
       * PanelEdit: UX improvements.
       * Plugins: PanelRenderer and simplified QueryRunner to be used from
         plugins.
       * Plugins: AuthType in route configuration and params interpolation.
       * Plugins: Enable plugin runtime install/uninstall capabilities.
       * Plugins: Support set body content in plugin routes.
       * Plugins: Introduce marketplace app.
       * Plugins: Moving the DataSourcePicker to grafana/runtime so it can be
         reused in plugins.
       * Prometheus: Add custom query params for alert and exemplars
       * Prometheus: Use fuzzy string matching to autocomplete metric names
         and label.
       * Routing: Replace Angular routing with react-router.
       * Slack: Use chat.postMessage API by default.
       * Tempo: Search for Traces by querying Loki directly from Tempo.
       * Tempo: Show graph view of the trace.
       * Themes: Switch theme without reload using global shortcut.
       * TimeSeries panel: Add support for shared cursor.
       * TimeSeries panel: Do not crash the panel if there is no time series
         data in the response.
       * Variables: Do not save repeated panels, rows and scopedVars.
       * Variables: Removes experimental Tags feature.
       * Variables: Removes the never refresh option.
       * Visualizations: Unify tooltip options across visualizations.
       * Visualizations: Refactor and unify option creation between new
         visualizations.
       * Visualizations: Remove singlestat panel.
       * APIKeys: Fixes issue with adding first api key.
       * Alerting: Add checks for non supported units - disable defaulting to
         seconds.
       * Alerting: Fix issue where Slack notifications won't link to user IDs.
       * Alerting: Omit empty message in PagerDuty notifier.
       * AzureMonitor: Fix migration error from older versions of App
         Insights queries.
       * CloudWatch: Fix AWS/Connect dimensions.
       * CloudWatch: Fix broken AWS/MediaTailor dimension name.
       * Dashboards: Allow string manipulation as advanced variable format
         option.
       * DataLinks: Includes harmless extended characters like Cyrillic
         characters.
       * Drawer: Fixes title overflowing its container.
       * Explore: Fix issue when some query errors were not shown.
       * Generic OAuth: Prevent adding duplicated users.
       * Graphite: Handle invalid annotations.
       * Graphite: Fix autocomplete when tags are not available.
       * InfluxDB: Fix Cannot read property 'length' of undefined in when
         parsing response.
       * Instrumentation: Enable tracing when Jaeger host and port are
       * Instrumentation: Prefix metrics with grafana.
       * MSSQL: By default let driver choose port.
       * OAuth: Add optional strict parsing of role_attribute_path.
       * Panel: Fixes description markdown with inline code being rendered on
         newlines and full width.
       * PanelChrome: Ignore data updates & errors for non data panels.
       * Permissions: Fix inherited folder permissions can prevent new
         permissions being added to a dashboard.
       * Plugins: Remove pre-existing plugin installs when installing with
         grafana-cli.
       * Plugins: Support installing to folders with whitespace and fix
         pluginUrl trailing and leading whitespace failures.
       * Postgres/MySQL/MSSQL: Don't return connection failure details to the
         client.
       * Postgres: Fix ms precision of interval in time group macro when
         TimescaleDB is enabled.
       * Provisioning: Use dashboard checksum field as change indicator.
       * SQL: Fix so that all captured errors are returned from sql engine.
       * Shortcuts: Fixes panel shortcuts so they always work.
       * Table: Fixes so border is visible for cells with links.
       * Variables: Clear query when data source type changes.
       * Variables: Filters out builtin variables from unknown list.
       * Button: Introduce buttonStyle prop.
       * DataQueryRequest: Remove deprecated props showingGraph and
         showingTabel and exploreMode.
       * grafana/ui: Update React Hook Form to v7.
       * IconButton: Introduce variant for red and blue icon buttons.
       * Plugins: Expose the getTimeZone function to be able to get the
         current selected timeZone.
       * TagsInput: Add className to TagsInput.
       * VizLegend: Move onSeriesColorChanged to PanelContext (breaking
         change).
   - Update to version 7.5.13
       * Alerting: Fix NoDataFound for alert rules using AND operator.

   mgr-cfg:

   - Version 4.3.6-1
     * Corrected source URL in spec file
     * Fix installation problem for SLE15SP4 due missing python-selinux
     * Fix python selinux package name depending on build target (bsc#1193600)
     * Do not build python 2 package for SLE15SP4 and higher
     * Remove unused legacy code

   mgr-custom-info:

   - Version 4.3.3-1
     * Remove unused legacy code

   mgr-daemon:

   - Version 4.3.4-1
     * Corrected source URLs in spec file
     * Update translation strings

   mgr-osad:

   - Version 4.3.6-1
     * Corrected source URL in spec file.
     * Do not build python 2 package for SLE15SP4 and higher
     * Removed spacewalk-selinux dependencies.
     * Updated source url.

   mgr-push:

   - Version 4.3.4-1
     * Corrected source URLs in spec file

   mgr-virtualization:

   - Version 4.3.5-1
     * Corrected source URLs in spec file.
     * Do not build python 2 package for SLE15SP4 and higher

   prometheus-blackbox_exporter:

   - Enhanced to build on Enterprise Linux 8

   prometheus-postgres_exporter:

   - Updated for RHEL8.

   python-hwdata:

   - Require python macros for building

   rhnlib:

   - Version 4.3.4-1
     * Reorganize python files

   spacecmd:

   - Version 4.3.11-1
     * on full system update call schedulePackageUpdate API (bsc#1197507)
     * parse boolean paramaters correctly (bsc#1197689)
     * Add parameter to set containerized proxy SSH port
     * Add proxy config generation subcommand
     * Option 'org_createfirst' added to perform initial organization and
       user creation
     * Added gettext build requirement for RHEL.
     * Removed RHEL 5 references.
     * Include group formulas configuration in spacecmd group_backup and
       spacecmd group_restore. This changes backup format to json, previously
       used plain text is still supported for reading (bsc#1190462)
     * Update translation strings
     * Improved event history listing and added new system_eventdetails
       command to retrieve the details of an event
     * Make schedule_deletearchived to get all actions without display limit
     * Allow passing a date limit for schedule_deletearchived on spacecmd
       (bsc#1181223)

   spacewalk-client-tools:

   - Version 4.3.9-1
     * Corrected source URLs in spec file.
     * do not build python 2 package for SLE15
     * Remove unused legacy code
     * Update translation strings

   spacewalk-koan:

   - Version 4.3.5-1
     * Corrected source URLs in spec file.

   spacewalk-oscap:

   - Version 4.3.5-1
     * Corrected source URLs in spec file.
     * Do not build python 2 package for SLE15SP4 and higher

   spacewalk-remote-utils:

   - Version 4.3.3-1
     * Adapt the package for changes in rhnlib

   supportutils-plugin-susemanager-client:

   - Version 4.3.2-1
     * Add proxy containers config and logs

   suseRegisterInfo:

   - Version 4.3.3-1
     * Bump version to 4.3.0

   supportutils-plugin-salt:

   - Add support for Salt Bundle

   uyuni-common-libs:

   - Version 4.3.4-1
     * implement more decompression algorithms for reposync (bsc#1196704)
     * Reorganize python files
     * Add decompression of zck files to fileutils


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE OpenStack Cloud Crowbar 9:

      zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2022-2134=1

   - SUSE OpenStack Cloud Crowbar 8:

      zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2022-2134=1

   - SUSE OpenStack Cloud 9:

      zypper in -t patch SUSE-OpenStack-Cloud-9-2022-2134=1

   - SUSE OpenStack Cloud 8:

      zypper in -t patch SUSE-OpenStack-Cloud-8-2022-2134=1

   - SUSE Manager Tools 12:

      zypper in -t patch SUSE-SLE-Manager-Tools-12-2022-2134=1

   - SUSE Linux Enterprise Server for SAP 12-SP4:

      zypper in -t patch SUSE-SLE-SAP-12-SP4-2022-2134=1

   - SUSE Linux Enterprise Server for SAP 12-SP3:

      zypper in -t patch SUSE-SLE-SAP-12-SP3-2022-2134=1

   - SUSE Linux Enterprise Server 12-SP5:

      zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-2134=1

   - SUSE Linux Enterprise Server 12-SP4-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-SP4-LTSS-2022-2134=1

   - SUSE Linux Enterprise Server 12-SP3-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-SP3-2022-2134=1

   - SUSE Linux Enterprise Server 12-SP3-BCL:

      zypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2022-2134=1

   - HPE Helion Openstack 8:

      zypper in -t patch HPE-Helion-OpenStack-8-2022-2134=1



Package List:

   - SUSE OpenStack Cloud Crowbar 9 (x86_64):

      golang-github-prometheus-node_exporter-1.3.0-1.15.3

   - SUSE OpenStack Cloud Crowbar 8 (x86_64):

      golang-github-prometheus-node_exporter-1.3.0-1.15.3

   - SUSE OpenStack Cloud 9 (x86_64):

      golang-github-prometheus-node_exporter-1.3.0-1.15.3

   - SUSE OpenStack Cloud 8 (x86_64):

      golang-github-prometheus-node_exporter-1.3.0-1.15.3

   - SUSE Manager Tools 12 (aarch64 ppc64le s390x x86_64):

      golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1
      golang-github-prometheus-alertmanager-0.23.0-1.12.3
      golang-github-prometheus-node_exporter-1.3.0-1.15.3
      grafana-8.3.5-1.30.3
      prometheus-blackbox_exporter-0.19.0-1.8.2
      prometheus-blackbox_exporter-debuginfo-0.19.0-1.8.2
      prometheus-postgres_exporter-0.10.0-1.8.2
      python2-uyuni-common-libs-4.3.4-1.21.3

   - SUSE Manager Tools 12 (noarch):

      mgr-cfg-4.3.6-1.27.4
      mgr-cfg-actions-4.3.6-1.27.4
      mgr-cfg-client-4.3.6-1.27.4
      mgr-cfg-management-4.3.6-1.27.4
      mgr-custom-info-4.3.3-1.18.1
      mgr-daemon-4.3.4-1.32.3
      mgr-osad-4.3.6-1.39.4
      mgr-push-4.3.4-1.21.4
      mgr-virtualization-host-4.3.5-1.29.3
      python2-hwdata-2.3.5-12.9.1
      python2-mgr-cfg-4.3.6-1.27.4
      python2-mgr-cfg-actions-4.3.6-1.27.4
      python2-mgr-cfg-client-4.3.6-1.27.4
      python2-mgr-cfg-management-4.3.6-1.27.4
      python2-mgr-osa-common-4.3.6-1.39.4
      python2-mgr-osad-4.3.6-1.39.4
      python2-mgr-push-4.3.4-1.21.4
      python2-mgr-virtualization-common-4.3.5-1.29.3
      python2-mgr-virtualization-host-4.3.5-1.29.3
      python2-rhnlib-4.3.4-21.43.3
      python2-spacewalk-check-4.3.9-52.71.3
      python2-spacewalk-client-setup-4.3.9-52.71.3
      python2-spacewalk-client-tools-4.3.9-52.71.3
      python2-spacewalk-koan-4.3.5-24.33.3
      python2-spacewalk-oscap-4.3.5-19.27.1
      python2-suseRegisterInfo-4.3.3-25.27.3
      spacecmd-4.3.11-38.103.3
      spacewalk-check-4.3.9-52.71.3
      spacewalk-client-setup-4.3.9-52.71.3
      spacewalk-client-tools-4.3.9-52.71.3
      spacewalk-koan-4.3.5-24.33.3
      spacewalk-oscap-4.3.5-19.27.1
      spacewalk-remote-utils-4.3.3-24.24.3
      supportutils-plugin-salt-1.2.0-6.16.1
      supportutils-plugin-susemanager-client-4.3.2-6.24.1
      suseRegisterInfo-4.3.3-25.27.3

   - SUSE Linux Enterprise Server for SAP 12-SP4 (ppc64le x86_64):

      golang-github-prometheus-node_exporter-1.3.0-1.15.3

   - SUSE Linux Enterprise Server for SAP 12-SP3 (ppc64le x86_64):

      golang-github-prometheus-node_exporter-1.3.0-1.15.3

   - SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64):

      golang-github-prometheus-node_exporter-1.3.0-1.15.3

   - SUSE Linux Enterprise Server 12-SP4-LTSS (aarch64 ppc64le s390x x86_64):

      golang-github-prometheus-node_exporter-1.3.0-1.15.3

   - SUSE Linux Enterprise Server 12-SP3-LTSS (aarch64 ppc64le s390x x86_64):

      golang-github-prometheus-node_exporter-1.3.0-1.15.3

   - SUSE Linux Enterprise Server 12-SP3-BCL (x86_64):

      golang-github-prometheus-node_exporter-1.3.0-1.15.3

   - HPE Helion Openstack 8 (x86_64):

      golang-github-prometheus-node_exporter-1.3.0-1.15.3


References:

   https://www.suse.com/security/cve/CVE-2021-36222.html
   https://www.suse.com/security/cve/CVE-2021-3711.html
   https://www.suse.com/security/cve/CVE-2021-39226.html
   https://www.suse.com/security/cve/CVE-2021-41174.html
   https://www.suse.com/security/cve/CVE-2021-41244.html
   https://www.suse.com/security/cve/CVE-2021-43798.html
   https://www.suse.com/security/cve/CVE-2021-43813.html
   https://www.suse.com/security/cve/CVE-2021-43815.html
   https://www.suse.com/security/cve/CVE-2022-21673.html
   https://www.suse.com/security/cve/CVE-2022-21698.html
   https://www.suse.com/security/cve/CVE-2022-21702.html
   https://www.suse.com/security/cve/CVE-2022-21703.html
   https://www.suse.com/security/cve/CVE-2022-21713.html
   https://bugzilla.suse.com/1181223
   https://bugzilla.suse.com/1181400
   https://bugzilla.suse.com/1190462
   https://bugzilla.suse.com/1190535
   https://bugzilla.suse.com/1193600
   https://bugzilla.suse.com/1194873
   https://bugzilla.suse.com/1195726
   https://bugzilla.suse.com/1195727
   https://bugzilla.suse.com/1195728
   https://bugzilla.suse.com/1196338
   https://bugzilla.suse.com/1196704
   https://bugzilla.suse.com/1197507
   https://bugzilla.suse.com/1197689



More information about the sle-security-updates mailing list