<div class="container">
    <h1>Security update for SUSE Manager Client Tools</h1>

    <table class="table table-striped table-bordered">
        <tbody>
        <tr>
            <th>Announcement ID:</th>
            <td>SUSE-SU-2023:2579-1</td>
        </tr>
        
        <tr>
            <th>Rating:</th>
            <td>moderate</td>
        </tr>
        <tr>
            <th>References:</th>
            <td>
                <ul>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1047218">#1047218</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1192154">#1192154</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1192696">#1192696</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1200480">#1200480</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1201535">#1201535</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1201539">#1201539</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1203185">#1203185</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1203596">#1203596</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1203597">#1203597</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1203599">#1203599</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1204501">#1204501</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1207830">#1207830</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1208719">#1208719</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1208965">#1208965</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1209645">#1209645</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1210458">#1210458</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1210907">#1210907</a>
                        </li>
                    
                </ul>
            </td>
        </tr>
        
            <tr>
                <th>
                    Cross-References:
                </th>
                <td>
                    <ul>
                    
                        <li style="display: inline;">
                            <a href="https://www.suse.com/security/cve/CVE-2020-7753.html">CVE-2020-7753</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://www.suse.com/security/cve/CVE-2021-3807.html">CVE-2021-3807</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://www.suse.com/security/cve/CVE-2021-3918.html">CVE-2021-3918</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://www.suse.com/security/cve/CVE-2021-43138.html">CVE-2021-43138</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://www.suse.com/security/cve/CVE-2022-0155.html">CVE-2022-0155</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://www.suse.com/security/cve/CVE-2022-27191.html">CVE-2022-27191</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://www.suse.com/security/cve/CVE-2022-27664.html">CVE-2022-27664</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://www.suse.com/security/cve/CVE-2022-31097.html">CVE-2022-31097</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://www.suse.com/security/cve/CVE-2022-31107.html">CVE-2022-31107</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://www.suse.com/security/cve/CVE-2022-32149.html">CVE-2022-32149</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://www.suse.com/security/cve/CVE-2022-35957.html">CVE-2022-35957</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://www.suse.com/security/cve/CVE-2022-36062.html">CVE-2022-36062</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://www.suse.com/security/cve/CVE-2022-41715.html">CVE-2022-41715</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://www.suse.com/security/cve/CVE-2022-46146.html">CVE-2022-46146</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://www.suse.com/security/cve/CVE-2023-1387.html">CVE-2023-1387</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://www.suse.com/security/cve/CVE-2023-1410.html">CVE-2023-1410</a>
                        </li>
                    
                    </ul>
                </td>
            </tr>
            <tr>
                <th>CVSS scores:</th>
                <td>
                    <ul class="list-group">
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2020-7753</span>
                                <span class="cvss-source">
                                    (
                                    
                                        NVD
                                    
                                    ):
                                </span>
                                <span class="cvss-score">7.5</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2021-3807</span>
                                <span class="cvss-source">
                                    (
                                    
                                        SUSE
                                    
                                    ):
                                </span>
                                <span class="cvss-score">7.5</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2021-3807</span>
                                <span class="cvss-source">
                                    (
                                    
                                        NVD
                                    
                                    ):
                                </span>
                                <span class="cvss-score">7.5</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2021-3918</span>
                                <span class="cvss-source">
                                    (
                                    
                                        SUSE
                                    
                                    ):
                                </span>
                                <span class="cvss-score">8.1</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2021-3918</span>
                                <span class="cvss-source">
                                    (
                                    
                                        NVD
                                    
                                    ):
                                </span>
                                <span class="cvss-score">9.8</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2021-43138</span>
                                <span class="cvss-source">
                                    (
                                    
                                        SUSE
                                    
                                    ):
                                </span>
                                <span class="cvss-score">7.8</span>
                                <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2021-43138</span>
                                <span class="cvss-source">
                                    (
                                    
                                        NVD
                                    
                                    ):
                                </span>
                                <span class="cvss-score">7.8</span>
                                <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2022-0155</span>
                                <span class="cvss-source">
                                    (
                                    
                                        NVD
                                    
                                    ):
                                </span>
                                <span class="cvss-score">6.5</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2022-27191</span>
                                <span class="cvss-source">
                                    (
                                    
                                        SUSE
                                    
                                    ):
                                </span>
                                <span class="cvss-score">7.5</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2022-27191</span>
                                <span class="cvss-source">
                                    (
                                    
                                        NVD
                                    
                                    ):
                                </span>
                                <span class="cvss-score">7.5</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2022-27664</span>
                                <span class="cvss-source">
                                    (
                                    
                                        SUSE
                                    
                                    ):
                                </span>
                                <span class="cvss-score">7.5</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2022-27664</span>
                                <span class="cvss-source">
                                    (
                                    
                                        NVD
                                    
                                    ):
                                </span>
                                <span class="cvss-score">7.5</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2022-31097</span>
                                <span class="cvss-source">
                                    (
                                    
                                        SUSE
                                    
                                    ):
                                </span>
                                <span class="cvss-score">7.3</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2022-31097</span>
                                <span class="cvss-source">
                                    (
                                    
                                        NVD
                                    
                                    ):
                                </span>
                                <span class="cvss-score">8.7</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2022-31107</span>
                                <span class="cvss-source">
                                    (
                                    
                                        SUSE
                                    
                                    ):
                                </span>
                                <span class="cvss-score">7.1</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2022-31107</span>
                                <span class="cvss-source">
                                    (
                                    
                                        NVD
                                    
                                    ):
                                </span>
                                <span class="cvss-score">7.5</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2022-32149</span>
                                <span class="cvss-source">
                                    (
                                    
                                        SUSE
                                    
                                    ):
                                </span>
                                <span class="cvss-score">7.5</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2022-32149</span>
                                <span class="cvss-source">
                                    (
                                    
                                        NVD
                                    
                                    ):
                                </span>
                                <span class="cvss-score">7.5</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2022-35957</span>
                                <span class="cvss-source">
                                    (
                                    
                                        SUSE
                                    
                                    ):
                                </span>
                                <span class="cvss-score">6.6</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2022-35957</span>
                                <span class="cvss-source">
                                    (
                                    
                                        NVD
                                    
                                    ):
                                </span>
                                <span class="cvss-score">6.6</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2022-36062</span>
                                <span class="cvss-source">
                                    (
                                    
                                        SUSE
                                    
                                    ):
                                </span>
                                <span class="cvss-score">6.4</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2022-36062</span>
                                <span class="cvss-source">
                                    (
                                    
                                        NVD
                                    
                                    ):
                                </span>
                                <span class="cvss-score">7.6</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2022-41715</span>
                                <span class="cvss-source">
                                    (
                                    
                                        SUSE
                                    
                                    ):
                                </span>
                                <span class="cvss-score">6.2</span>
                                <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2022-41715</span>
                                <span class="cvss-source">
                                    (
                                    
                                        NVD
                                    
                                    ):
                                </span>
                                <span class="cvss-score">7.5</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2022-46146</span>
                                <span class="cvss-source">
                                    (
                                    
                                        SUSE
                                    
                                    ):
                                </span>
                                <span class="cvss-score">8.8</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2022-46146</span>
                                <span class="cvss-source">
                                    (
                                    
                                        NVD
                                    
                                    ):
                                </span>
                                <span class="cvss-score">8.8</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2023-1387</span>
                                <span class="cvss-source">
                                    (
                                    
                                        SUSE
                                    
                                    ):
                                </span>
                                <span class="cvss-score">4.2</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2023-1387</span>
                                <span class="cvss-source">
                                    (
                                    
                                        NVD
                                    
                                    ):
                                </span>
                                <span class="cvss-score">4.2</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2023-1410</span>
                                <span class="cvss-source">
                                    (
                                    
                                        SUSE
                                    
                                    ):
                                </span>
                                <span class="cvss-score">5.7</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2023-1410</span>
                                <span class="cvss-source">
                                    (
                                    
                                        NVD
                                    
                                    ):
                                </span>
                                <span class="cvss-score">6.2</span>
                                <span class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:L/A:N</span>
                            </li>
                        
                    </ul>
                </td>
            </tr>
        
        <tr>
            <th>Affected Products:</th>
            <td>
                <ul class="list-group">
                    
                        <li class="list-group-item">SUSE Linux Enterprise Desktop 12</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise Desktop 12 SP1</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise Desktop 12 SP2</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise Desktop 12 SP3</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise Desktop 12 SP4</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise High Performance Computing 12 SP2</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise High Performance Computing 12 SP3</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise High Performance Computing 12 SP4</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise High Performance Computing 12 SP5</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise Server 12</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise Server 12 SP1</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise Server 12 SP2</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise Server 12 SP3</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise Server 12 SP4</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise Server 12 SP5</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise Server for SAP Applications 12</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise Server for SAP Applications 12 SP1</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise Server for SAP Applications 12 SP2</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise Server for SAP Applications 12 SP3</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise Server for SAP Applications 12 SP4</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise Server for SAP Applications 12 SP5</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2</li>
                    
                        <li class="list-group-item">SUSE Manager Client Tools for SLE 12</li>
                    
                </ul>
            </td>
        </tr>
        </tbody>
    </table>

    <p>An update that solves 16 vulnerabilities, contains four features and has one fix can now be installed.</p>

    <h2>Description:</h2>
    <p>This update fixes the following issues:</p>
<p>grafana:</p>
<ul>
<li>Version update from 8.5.22 to 9.5.1 (jsc#PED-3694):</li>
<li>Security fixes:<ul>
<li>CVE-2023-1410: grafana: Stored XSS in Graphite FunctionDescription tooltip (bsc#1209645)</li>
<li>CVE-2023-1387: grafana: JWT URL-login flow leaks token to data sources through request parameter in proxy requests
  (bnc#1210907)</li>
<li>CVE-2022-36062: grafana: Fix RBAC folders/dashboards privilege escalation (bsc#1203596)</li>
<li>CVE-2022-35957: grafana: Escalation from admin to server admin when auth proxy is used (bsc#1203597)</li>
<li>CVE-2022-32149: Upgrade x/text to version unaffected by CVE-2022-32149 (bsc#1204501)</li>
<li>CVE-2022-31107: grafana: OAuth account takeover (bsc#1201539)</li>
<li>CVE-2022-31097: grafana: stored XSS vulnerability (bsc#1201535)</li>
<li>CVE-2022-27664: go1.18,go1.19: net/http: handle server errors after sending GOAWAY (bsc#1203185)</li>
<li>CVE-2022-0155: follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor</li>
<li>CVE-2021-43138: spacewalk-web: a malicious user can obtain privileges via the mapValues() method(bsc#1200480)</li>
<li>CVE-2021-3918: json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes
  (&#x27;Prototype Pollution&#x27;) (bsc#1192696)</li>
<li>CVE-2021-3807: node-ansi-regex: Inefficient Regular Expression Complexity in chalk/ansi-regex (bsc#1192154)</li>
<li>CVE-2020-7753: nodejs-trim: Regular Expression Denial of Service (ReDoS) in trim function </li>
</ul>
</li>
<li>Important changes:<ul>
<li>Default named retention policies won&#x27;t be used to query.
  Users who have a default named retention policy in their influxdb database, have to rename it to something else.
  To change the hardcoded retention policy in the dashboard.json, users must then select the right retention policy
  from dropdown and save the panel/dashboard.</li>
<li>Grafana Alerting rules with NoDataState configuration set to Alerting will now respect "For" duration.</li>
<li>Users who use LDAP role sync to only sync Viewer, Editor and Admin roles, but grant Grafana Server Admin role
  manually will not be able to do that anymore. After this change, LDAP role sync will override any manual changes
  to Grafana Server Admin role assignments. If grafana_admin is left unset in LDAP role mapping configuration, it
  will default to false.</li>
<li>The InfluxDB backend migration feature toggle (influxdbBackendMigration) has been reintroduced in this version
  as issues were discovered with backend processing of InfluxDB data. Unless this feature toggle is enabled, all
  InfluxDB data will be parsed in the frontend. This frontend processing is the default behavior. 
  In Grafana 9.4.4, InfluxDB data parsing started to be handled in the backend. If you have upgraded to 9.4.4
  and then added new transformations on InfluxDB data, those panels will fail to render. To resolve this either:
  Remove the affected panel and re-create it or edit the <code>time</code> field as <code>Time</code> in <code>panel.json</code> 
  or <code>dashboard.json</code></li>
<li>The <code>@grafana/ui</code> package helper function <code>selectOptionInTest</code> used in frontend tests has been removed as it
  caused testing libraries to be bundled in the production code of Grafana. If you were using this helper function
  in your tests please update your code accordingly.</li>
<li>Removed deprecated <code>checkHealth</code> prop from the <code>@grafana/e2e</code> <code>addDataSource</code> configuration. Previously this
  value defaulted to <code>false</code>, and has not been used in end-to-end tests since Grafana 8.0.3.</li>
<li>Removed the deprecated <code>LegacyBaseMap</code>, <code>LegacyValueMapping</code>, <code>LegacyValueMap</code>, and <code>LegacyRangeMap</code> types, and
  <code>getMappedValue</code> function from grafana-data. See the documentation for the migration.
  This change fixes a bug in Grafana where intermittent failure of database, network between Grafana and the
  database, or error in querying the database would cause all alert rules to be unscheduled in Grafana. 
  Following this change scheduled alert rules are not updated unless the query is successful.</li>
<li>The <code>get_alert_rules_duration_seconds</code> metric has been renamed to <code>schedule_query_alert_rules_duration_seconds</code></li>
<li>Any secret (data sources credential, alert manager credential, etc, etc) created or modified with Grafana v9.0
  won&#x27;t be decryptable from any previous version (by default) because the way encrypted secrets are stored into the
  database has changed. Although secrets created or modified with previous versions will still be decryptable by
  Grafana v9.0.</li>
<li>If required, although generally discouraged, the <code>disableEnvelopeEncryption</code> feature toggle can be enabled to
  keep envelope encryption disabled once updating to Grafana</li>
<li>In case of need to rollback to an earlier version of Grafana (i.e. Grafana v8.x) for any reason, after being
  created or modified any secret with Grafana v9.0, the <code>envelopeEncryption</code> feature toggle will need to be enabled
  to keep backwards compatibility (only from <code>v8.3.x</code> a bit unstable, from <code>8.5.x</code> stable).</li>
<li>As a final attempt to deal with issues related with the aforementioned situations, the 
  <code>grafana-cli admin secrets-migration rollback</code> command has been designed to move back all the Grafana secrets
  encrypted with envelope encryption to legacy encryption. So, after running that command it should be safe to
  disable envelope encryption and/or roll back to a previous version of Grafana.
  Alternatively or complementarily to all the points above, backing up the Grafana database before updating could
  be a good idea to prevent disasters (although the risk of getting some secrets corrupted only applies to those 
  updates/created with after updating to Grafana v9.0).</li>
<li>In Elasticsearch, browser access mode was deprecated in grafana 7.4.0 and removed in 9.0.0. If you used this mode
  please switch to server access mode on the datasource configuration page.</li>
<li>Environment variables passed from Grafana to external Azure plugins have been renamed:
  <code>AZURE_CLOUD</code> renamed to <code>GFAZPL_AZURE_CLOUD</code>,
  <code>AZURE_MANAGED_IDENTITY_ENABLED</code> renamed to <code>GFAZPL_MANAGED_IDENTITY_ENABLED</code>,
  <code>AZURE_MANAGED_IDENTITY_CLIENT_ID</code> renamed to <code>GFAZPL_MANAGED_IDENTITY_CLIENT_ID</code>.
  There are no known plugins which were relying on these variables. Moving forward plugins should read Azure
  settings only via Grafana Azure SDK which properly handles old and new environment variables.</li>
<li>Removes support for for ElasticSearch versions after their end-of-life, currently versions < 7.10.0.
  To continue to use ElasticSearch data source, upgrade ElasticSearch to version 7.10.0+.</li>
<li>Application Insights and Insight Analytics queries in Azure Monitor were deprecated in Grafana 8.0 and finally
  removed in 9.0. Deprecated queries will no longer be executed.</li>
<li>grafana/ui: Button now specifies a default type="button".
  The <code>Button</code> component provided by @grafana/ui now specifies a default <code>type=&quot;button&quot;</code> when no type is provided.
  In previous versions, if the attribute was not specified for buttons associated with a <code>&lt;form&gt;</code> the
  default value was <code>submit</code> per the specification. You can preserve the old behavior by explicitly setting the
  type attribute: <code>&lt;Button type=&quot;submit&quot; /&gt;</code></li>
<li>The <code>Rename by regex</code> transformation has been improved to allow global patterns of the form 
  <code>/&lt;stringToReplace&gt;/g</code>.
  Depending on the regex match used, this may cause some transformations to behave slightly differently. You can
  guarantee the same behaviour as before by wrapping the <code>match</code> string in forward slashes (<code>/</code>), e.g. <code>(.*)</code> would
  become <code>/(.*)/</code></li>
<li><code>&lt;Select /&gt;</code> menus will now portal to the document body by default. This is to give more consistent
  behaviour when positioning and overlaying. If you were setting<code>menuShouldPortal={true}</code> before you can safely 
  remove that prop and behaviour will be the same. If you weren&#x27;t explicitly setting that prop, there should be no
  visible changes in behaviour but your tests may need updating. If you were setting <code>menuShouldPortal={false}</code>
  this will continue to prevent the menu from portalling.</li>
<li>Grafana alerting endpoint prefixed with <code>api/v1/rule/test</code> that tests a rule against a Corte/Loki data source now
  expects the data source UID as a path parameter instead of the data source numeric identifier.</li>
<li>Grafana alerting endpoints prefixed with <code>api/prometheus/</code> that proxy requests to a Cortex/Loki data source now
  expect the data source UID as a path parameter instead of the data source numeric identifier.</li>
<li>Grafana alerting endpoints prefixed with <code>api/ruler/</code> that proxy requests to a Cortex/Loki data source now expect
  the data source UID as a path parameter instead of the data</li>
<li>Grafana alerting endpoints prefixed with <code>api/alertmanager/</code> that proxy requests to an Alertmanager now expect
  the data source UID as a path parameter instead of the data source numeric identifier.</li>
<li>The format of log messages have been updated, <code>lvl</code> is now <code>level</code> and <code>eror</code>and <code>dbug</code> has been replaced with
  <code>error</code> and <code>debug</code>. The precision of timestamps has been increased.
  To smooth the transition, it is possible to opt-out of the new log format by enabling the feature toggle
  <code>oldlog</code>.
  This option will be removed in a future minor release.</li>
<li>In the Loki data source, the dataframe format used to represent Loki logs-data has been changed to a more
  efficient format. The query-result is represented by a single dataframe with a "labels" column, instead of the
  separate dataframes for every labels-value. When displaying such data in explore, or in a logs-panel in the
  dashboard will continue to work without changes, but if the data was loaded into a different dashboard-panel, or
  Transforms were used, adjustments may be necessary. For example, if you used the "labels to fields" 
  transformation with the logs data, please switch to the "extract fields" transformation.</li>
</ul>
</li>
<li>Deprecations:<ul>
<li>The <code>grafana_database_conn_*</code> metrics are deprecated, and will be removed in a future version of Grafana. Use 
  the <code>go_sql_stats_*</code> metrics instead.</li>
<li>Support for compact Explore URLs is deprecated and will be removed in a future release. Until then, when
  navigating to Explore using the deprecated format the URLs are automatically converted. If you have
  existing links pointing to Explore update them using the format generated by Explore upon navigation.
  You can identify a compact URL by its format. Compact URLs have the left (and optionally right) url parameter as
  an array of strings, for example <code>&amp;left=[&quot;now-1h&quot;,&quot;now&quot;...]</code>. The standard explore URLs follow a key/value
  pattern, for example <code>&amp;left={&quot;datasource&quot;:&quot;test&quot;...}</code>. Please be sure to check your dashboards for any
  hardcoded links to Explore and update them to the standard URL pattern.</li>
<li>Chore: Remove deprecated DataSourceAPI methods.</li>
<li>Data: Remove deprecated types and functions from valueMappings.</li>
<li>Elasticsearch: Remove browser access mode.</li>
<li>Elasticsearch: Remove support for versions after their end of the life (<7.10.0).</li>
<li>Explore: Remove support for legacy, compact format URLs.</li>
<li>Graph: Deprecate Graph (old) and make it no longer a visualization option for new panels.</li>
<li><code>setExploreQueryField</code>, <code>setExploreMetricsQueryField</code> and <code>setExploreLogsQueryField</code> are now deprecated and will
  be removed in a future release. If you need to set a different query editor for Explore, conditionally render
  based on <code>props.app</code> in your regular query editor.</li>
</ul>
</li>
<li>Changes:<ul>
<li>User: Fix externalUserId not being populated.
  If you used any of these components please use them from grafana/experimental from now on:</li>
<li>AccessoryButton</li>
<li>EditorFieldGroup</li>
<li>EditorHeader</li>
<li>EditorField</li>
<li>EditorRow</li>
<li>EditorList</li>
<li>EditorRows</li>
<li>EditorSwitch</li>
<li>FlexItem</li>
<li>Stack</li>
<li>InlineSelect</li>
<li>InputGroup</li>
<li>Space</li>
<li>Starting with 9.1.0, existing heatmap panels will start using a new implementation. This can be disabled by
  setting the <code>useLegacyHeatmapPanel</code> feature flag to true. It can be tested on a single dashbobard by adding
  <code>?__feature.useLegacyHeatmapPanel=true</code> to any dashboard URL.</li>
<li>Logger: Enable new logging format by default.</li>
<li>Loki: Enable new visual query builder by default.</li>
<li>Plugins: Remove plugin list panel.</li>
<li>Install wrapper scripts under /usr/sbin</li>
<li>Install actual binaries under /usr/libexec/grafana (or /usr/lib under older distributions) and create a simlink 
  for wrapper scripts and the service (which expect the binary to be under /usr/share/grafana/bin)</li>
<li>Chore: Upgrade typescript to 4.6.4.</li>
</ul>
</li>
</ul>
<p>mgr-daemon:</p>
<ul>
<li>Version 4.3.7-1</li>
<li>Update translation strings</li>
</ul>
<p>spacecmd:</p>
<ul>
<li>Version 4.3.21-1</li>
<li>fix argument parsing of distribution_update (bsc#1210458)</li>
<li>Version 4.3.20-1</li>
<li>Display activation key details after executing the corresponding command (bsc#1208719)</li>
<li>Show targetted packages before actually removing them (bsc#1207830)</li>
</ul>
<p>uyuni-common-libs:</p>
<ul>
<li>Version 4.3.8-1</li>
<li>Allow default component for context manager</li>
</ul>
<p>zypp-plugin-spacewalk:</p>
<ul>
<li>1.0.14</li>
<li>SPEC file cleanup</li>
</ul>

    

    <h2>Patch Instructions:</h2>
    <p>
        To install this SUSE Moderate update use the SUSE recommended
        installation methods like YaST online_update or "zypper patch".<br/>

        Alternatively you can run the command listed for your product:
    </p>
    <ul class="list-group">
        
            <li class="list-group-item">
                SUSE Manager Client Tools for SLE 12
                
                    
                        <br/>
                        <code>zypper in -t patch SUSE-SLE-Manager-Tools-12-2023-2579=1</code>
                    
                    
                
            </li>
        
    </ul>

    <h2>Package List:</h2>
    <ul>
        
            
                <li>
                    SUSE Manager Client Tools for SLE 12 (aarch64 ppc64le s390x x86_64)
                    <ul>
                        
                            <li>grafana-9.5.1-1.48.1</li>
                        
                            <li>python2-uyuni-common-libs-4.3.8-1.33.1</li>
                        
                    </ul>
                </li>
            
                <li>
                    SUSE Manager Client Tools for SLE 12 (noarch)
                    <ul>
                        
                            <li>spacecmd-4.3.21-38.121.1</li>
                        
                            <li>mgr-daemon-4.3.7-1.41.1</li>
                        
                            <li>zypp-plugin-spacewalk-1.0.14-30.42.1</li>
                        
                            <li>python2-zypp-plugin-spacewalk-1.0.14-30.42.1</li>
                        
                    </ul>
                </li>
            
        
    </ul>

    
        <h2>References:</h2>
        <ul>
            
                
                    <li>
                        <a href="https://www.suse.com/security/cve/CVE-2020-7753.html">https://www.suse.com/security/cve/CVE-2020-7753.html</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://www.suse.com/security/cve/CVE-2021-3807.html">https://www.suse.com/security/cve/CVE-2021-3807.html</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://www.suse.com/security/cve/CVE-2021-3918.html">https://www.suse.com/security/cve/CVE-2021-3918.html</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://www.suse.com/security/cve/CVE-2021-43138.html">https://www.suse.com/security/cve/CVE-2021-43138.html</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://www.suse.com/security/cve/CVE-2022-0155.html">https://www.suse.com/security/cve/CVE-2022-0155.html</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://www.suse.com/security/cve/CVE-2022-27191.html">https://www.suse.com/security/cve/CVE-2022-27191.html</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://www.suse.com/security/cve/CVE-2022-27664.html">https://www.suse.com/security/cve/CVE-2022-27664.html</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://www.suse.com/security/cve/CVE-2022-31097.html">https://www.suse.com/security/cve/CVE-2022-31097.html</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://www.suse.com/security/cve/CVE-2022-31107.html">https://www.suse.com/security/cve/CVE-2022-31107.html</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://www.suse.com/security/cve/CVE-2022-32149.html">https://www.suse.com/security/cve/CVE-2022-32149.html</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://www.suse.com/security/cve/CVE-2022-35957.html">https://www.suse.com/security/cve/CVE-2022-35957.html</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://www.suse.com/security/cve/CVE-2022-36062.html">https://www.suse.com/security/cve/CVE-2022-36062.html</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://www.suse.com/security/cve/CVE-2022-41715.html">https://www.suse.com/security/cve/CVE-2022-41715.html</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://www.suse.com/security/cve/CVE-2022-46146.html">https://www.suse.com/security/cve/CVE-2022-46146.html</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://www.suse.com/security/cve/CVE-2023-1387.html">https://www.suse.com/security/cve/CVE-2023-1387.html</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://www.suse.com/security/cve/CVE-2023-1410.html">https://www.suse.com/security/cve/CVE-2023-1410.html</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1047218">https://bugzilla.suse.com/show_bug.cgi?id=1047218</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1192154">https://bugzilla.suse.com/show_bug.cgi?id=1192154</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1192696">https://bugzilla.suse.com/show_bug.cgi?id=1192696</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1200480">https://bugzilla.suse.com/show_bug.cgi?id=1200480</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1201535">https://bugzilla.suse.com/show_bug.cgi?id=1201535</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1201539">https://bugzilla.suse.com/show_bug.cgi?id=1201539</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1203185">https://bugzilla.suse.com/show_bug.cgi?id=1203185</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1203596">https://bugzilla.suse.com/show_bug.cgi?id=1203596</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1203597">https://bugzilla.suse.com/show_bug.cgi?id=1203597</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1203599">https://bugzilla.suse.com/show_bug.cgi?id=1203599</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1204501">https://bugzilla.suse.com/show_bug.cgi?id=1204501</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1207830">https://bugzilla.suse.com/show_bug.cgi?id=1207830</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1208719">https://bugzilla.suse.com/show_bug.cgi?id=1208719</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1208965">https://bugzilla.suse.com/show_bug.cgi?id=1208965</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1209645">https://bugzilla.suse.com/show_bug.cgi?id=1209645</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1210458">https://bugzilla.suse.com/show_bug.cgi?id=1210458</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1210907">https://bugzilla.suse.com/show_bug.cgi?id=1210907</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://jira.suse.com/browse/MSQA-666">https://jira.suse.com/browse/MSQA-666</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://jira.suse.com/browse/PED-3576">https://jira.suse.com/browse/PED-3576</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://jira.suse.com/browse/PED-3578">https://jira.suse.com/browse/PED-3578</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://jira.suse.com/browse/PED-3694">https://jira.suse.com/browse/PED-3694</a>
                    </li>
                
            
        </ul>
    
</div>