Image summary for SUSE:SLE-15-SP3:Update:QR:QU4

SUSE-IU-2000:24-1

This update for go and go1.9 fixes the following issues: The following security issues have been addressed for both packages:

• CVE-2018-7187: Fixed the validation of the import path in the go get command, which allowed for arbitrary command execution via VCS path when the -insecure flag is used (bsc#1081495)

• Fixes to the go command and the crypto/x509 and strings packages, which add minimal support to the go command for the vgo transition.
• Several fixes to the compiler and go command
• Fixed various issues in go trace (bsc#1085785):
• Ensure go binaries are not stripped (eg: go tools trace), this caused some of them to misbehave
• Ensure go trace html template is shipped as part of the installation, otherwise the web UI won't work

This update fixes the following issues:
rhncfg:

• Format the file mode in unified way. (bsc#1093529)

• Fix directory permissions. (bsc#1101152)
• Feature: implement optional signing repository metadata.
• Fix truncated result message of server actions. (bsc#1039043)
• Do not copy 'foreign_entitlement' from virtual host to the registered guest. (bsc#1093381)
• Spacewalk-debug: add Postgres configuration files.
• Initial branding change for Uyuni. (bsc#1094497)

• Fix ordering of channel data. (bsc#1083294)
• Add RHEL 6.10 channel definitions.

• Turn on metadata signature checking if signature is available.

This update for python-python-memcached fixes the following issues:
python-python-memcached was updated to 1.59:

• Various fixes for python 3.7 and 3.6

This update fixes the following issues:
koan:

• Require virt-install only for RHEL6/7. Other distributions accepting Recommends must use it as virt-install is not available sometimes (for example SLED)
• Change virt-install from Reccommends to Require because this fixes RHEL 6 & 7
• Fix regex error in the files section
• Remove Recursion in python_sitelib and remove non relevant parts of the specfile
• Replace python2_sitelib macro with python_sitelib to fix build on older distros.
• Remove duplicate file section entrys
• Adjust Group Tag to Development/Libraries/Python to satisfy linter

• Add the package to the SLE Basesytem module. (fate#327287)

• Add group to python*-rhnlib to fix building at SLE11
• Read SSL decoded buffer completely when no pending bytes on the underlying connection.
• Fix encoding issues after porting to Python 3.
• Sync changes from Spacewalk
• 1652859 - python3 http.client does not contain _set_hostport()
• Use rpm for debian packaging
• Bump version to 4.0.0 (bsc#1104034)
• Fix copyright for the package specfile (bsc#1103696)

• Save SSM list on system delete and update cache (bsc#1130077, bsc#1125744)
• Replace iteritems with items for python2/3 compat (bsc#1129243)
• Fix python 3 bytes issue when handling config channels
• Prevent spacecmd crashing when piping the output in Python 3 (bsc#1125610)
• Fix compatibility with Python 3
• Add function to merge errata and packages through spacecmd (bsc#987798)
• Bump version to 4.0.0 (bsc#1104034)
• Fix copyright for the package specfile (bsc#1103696)

• Use new names in code for client tool packages which were renamed (bsc#1134876)
• Fix password prompt within mgr-sign-metadata
• Fix TypeError for 'errata.getErrataInfo' XMLRPC handler (bsc#1132346)
• Fix typo in syncing product extensions (bsc#1118492)
• Fix mgr-sign-metadata-ctl checking of exported keys.
• Use suseLib.get_proxy to get the HTTP proxy configuration properly on DEB repos (bsc#1133424)
• Add support for mirrorlist and metalink on Zypper reposync.
• Solve situations where synced packages have epoch 0 but reposync does not find them them on the database.
• Fix path to the RPM database used by Zypper at reposync.
• Add makefile for python linter and unit/integration tests
• Fix linking of packages in reposync (bsc#1131677)
• Include arch to distinct latest packages on reposync.
• Migrate missing spacewalk-cfg-get script to Python3
• Improve dependency solving algorithm for spacewalk-repo-sync.
• Remove apache access_compat module and adapt config files
• Add support for getting latest versions from RPM packages when running 'spacewalk-repo-sync' after migration to Zypper.
• Include packages dependencies on 'spacewalk-repo-sync' when using filters for RPM packages.
• Allow package filtering (name matching) on spacewalk-repo-sync after migrating away from yum.
• Fix crash when importing new channel families on 'mgr-inter-sync' (bsc#1129300)
• Make Zypper to use the spacewalk GPG keyring in reposync (bsc#1128529)
• Fix: handle non-standard filenames for comps.xml (bsc#1120242)
• Make reposync use and append token correctly to the URL
• Fix invalid mode error when doing spacewalk-repo-sync on Ubuntu official repos.
• Fix bootstrapping SLE15 traditional client (bsc#1128564)
• Fix reading LOB objects with python3
• Fix 'mgr-inter-sync' problems after Python 3 migration.
• Mgr-sign-metadata can optionally clear-sign metadata files
• Allow errata import from local repositories.
• Fix 'rhnpush' after migration to Python 3.
• Fix package import issues when package encoding is ISO8859-1.
• Fix issues with HTTP proxy and reposync.
• Solve Python 3 problem and allow traditional registration.
• Add 'python-urlgrabber' as a new dependency.
• Fix Python3 issues on satellite_tools scripts
• Use 'Zypper' and 'libsolv' in 'spacewalk-repo-sync'. Replace 'yum'.
• Require the correct dependency for python-rpm to allow the Proxy to work with Python3 only
• Make rhn-ssl-dbstore compatible with python3
• Take only text files from /srv/salt to make spacewalk-debug smaller (bsc#1103388)
• Support mirroring of source packages
• Make spacewalk-backend code compatible with Python 3
• Prepare spacewalk-backend packages to build on Python 3
• Replace PyPAM with python-python-pam
• Bump version to 4.0.0 (bsc#1104034)
• Fix copyright for the package specfile (bsc#1103696)
• Disable Oracle support for openSUSE (bsc#1095804)

• Fix bootstrapping SLE15 traditional client (bsc#1128564)
• Sync with Spacewalk
• Add ability to work behind http proxies
• 1666099 - python3 is picky about bytes and string
• Fix testConfig.py
• Use rpm for debian packaging
• Bump version to 4.0.0 (bsc#1104034)
• Fix copyright for the package specfile (bsc#1103696)
• The rhnsd service was replaced by rhnsd timer, so registration script and systemd presets are now adapted to this (bsc#1138130)

• Fix building on openSUSE 15.0
• Add Uyuni URL to package
• Bump version to 4.0.0 (bsc#1104034)
• Fix copyright for the package specfile (bsc#1103696)

• Fix python2 compilation on openSUSE
• Add Uyuni URL to package
• Bump version to 4.0.0 (bsc#1104034)
• Fix copyright for the package specfile (bsc#1103696)

• Sync changes from Spacewalk
• 1649374 - Update spacewalk-remote-utils with RHEL 7.6 channel definitions
• 1633532 - Use python-gpg instead of python-gpgme where possible
• Add Uyuni URL to package
• Bump version to 4.0.0 (bsc#1104034)
• Fix copyright for the package specfile (bsc#1103696)

• Add compatibility with Python 3
• Use rpm for debian packaging
• Bump version to 4.0.0 (bsc#1104034)
• Fix copyright for the package specfile (bsc#1103696)

• Bump version to 4.0.0 (bsc#1104034)
• Fix copyright for the package specfile (bsc#1103696)

• Make suseRegisterInfo compatible with Python 2 and 3
• Bump version to 4.0.0 (bsc#1104034)
• Fix copyright for the package specfile (bsc#1103696)

• Fix python syntax error in distupgrade (bsc#1136102)

• rhnsd service was replaced by rhnsd timer (bsc#1138130)

This update fixes the following issues:
golang-github-lusitaniae-apache_exporter:

• Handle OS TERM signals
• Add option to override host name

• Patch macros on spec file to support builds on SLE 12
• Remove prometheus.firewall.xml source file
• Remove firewalld files. They are installed in the main firewalld package.
• Update Uyuni/SUSE Manager service discovery patch + Fixes crashes when systems have no FQDN + Adds Parallel calls to Uyuni API, meaningful performance increase + Adds Support for system group labels
• Do not install the firewalld config file on Tumbleweed (on versions newer than Leap 15.1). It's installed in the main firewalld package.
• reorder some %install tasks
• Add network-online (Wants and After) dependency to systemd unit bsc#1143913
• Only package required files (reduces rpm size by 4 MB)
• Add sysconfig file
• Add firewall config file
• Use variables for defining user and group

• Fix auto installing VMs (bsc#1156211)

• Fix malformed XML response when data contains non-ASCII chars (bsc#1154968)

• Enable building and installing for Ubuntu 16.04 and Ubuntu 18.04
• Prevent error when piping stdout in Python 2 (bsc#1153090)

• Fix specfile for systems that do not yet use systemd
• Fix spacewalk-update-signatures for python3 (bsc#1156521)
• Fix problems with Package Hub repos having multiple rpms with same NEVRA but different checksums (bsc#1146683)
• Add systemd service macros for diskcheck.service
• Port diskcheck utility to 4.0.3 branch (bsc#1156397)
• Use active values for diskchecker mails
• Do not require parameters to start on column 1
• Add Requires: systemd for completeness
• Create /usr/lib/systemd/systemd during build
• BuildRequires: systemd for spacewalk-diskcheck
• Add option spacecheck_shutdown; tidy up wording of notifications
• Add disk space checker script
• Fix broken spacewalk-data-fsck utility (bsc#1131556)

• Skip dmidecode data on aarch64 to prevent coredump (bsc#1113160)

• Gfx_type needs to default to 'vnc' (bsc#1156211)

• Prevent possible encoding issues on Python 3 (bsc#1152722)

This update fixes the following issues:
dracut-saltboot:

• Print a list of available disk devices (bsc#1170824)
• Install wipefs to initrd
• Force install crypt modules

• Update change log and spec file + Modified spec file: default to golang 1.14 to avoid 'have choice' build issues in OBS. + Rebase and update patches for version 2.18.0
• Update to 2.18.0 + Features * Tracing: Added experimental Jaeger support #7148 + Changes * Federation: Only use local TSDB for federation (ignore remote read). #7096 * Rules: `rule_evaluations_total` and `rule_evaluation_failures_total` have a `rule_group` label now. #7094 + Enhancements * TSDB: Significantly reduce WAL size kept around after a block cut. #7098 * Discovery: Add `architecture` meta label for EC2. #7000 + Bug fixes * UI: Fixed wrong MinTime reported by /status. #7182 * React UI: Fixed multiselect legend on OSX. #6880 * Remote Write: Fixed blocked resharding edge case. #7122 * Remote Write: Fixed remote write not updating on relabel configs change. #7073
• Changes from 2.17.2 + Bug fixes * Federation: Register federation metrics #7081 * PromQL: Fix panic in parser error handling #7132 * Rules: Fix reloads hanging when deleting a rule group that is being evaluated #7138 * TSDB: Fix a memory leak when prometheus starts with an empty TSDB WAL #7135 * TSDB: Make isolation more robust to panics in web handlers #7129 #7136
• Changes from 2.17.1 + Bug fixes * TSDB: Fix query performance regression that increased memory and CPU usage #7051
• Changes from 2.17.0 + Features * TSDB: Support isolation #6841 * This release implements isolation in TSDB. API queries and recording rules are guaranteed to only see full scrapes and full recording rules. This comes with a certain overhead in resource usage. Depending on the situation, there might be some increase in memory usage, CPU usage, or query latency. + Enhancements * PromQL: Allow more keywords as metric names #6933 * React UI: Add normalization of localhost URLs in targets page #6794 * Remote read: Read from remote storage concurrently #6770 * Rules: Mark deleted rule series as stale after a reload #6745 * Scrape: Log scrape append failures as debug rather than warn #6852 * TSDB: Improve query performance for queries that partially hit the head #6676 * Consul SD: Expose service health as meta label #5313 * EC2 SD: Expose EC2 instance lifecycle as meta label #6914 * Kubernetes SD: Expose service type as meta label for K8s service role #6684 * Kubernetes SD: Expose label_selector and field_selector #6807 * Openstack SD: Expose hypervisor id as meta label #6962 + Bug fixes * PromQL: Do not escape HTML-like chars in query log #6834 #6795 * React UI: Fix data table matrix values #6896 * React UI: Fix new targets page not loading when using non-ASCII characters #6892 * Remote read: Fix duplication of metrics read from remote storage with external labels #6967 #7018 * Remote write: Register WAL watcher and live reader metrics for all remotes, not just the first one #6998 * Scrape: Prevent removal of metric names upon relabeling #6891 * Scrape: Fix 'superfluous response.WriteHeader call' errors when scrape fails under some circonstances #6986 * Scrape: Fix crash when reloads are separated by two scrape intervals #7011
• Changes from 2.16.0 + Features * React UI: Support local timezone on /graph #6692 * PromQL: add absent_over_time query function #6490 * Adding optional logging of queries to their own file #6520 + Enhancements * React UI: Add support for rules page and 'Xs ago' duration displays #6503 * React UI: alerts page, replace filtering togglers tabs with checkboxes #6543 * TSDB: Export metric for WAL write errors #6647 * TSDB: Improve query performance for queries that only touch the most recent 2h of data. #6651 * PromQL: Refactoring in parser errors to improve error messages #6634 * PromQL: Support trailing commas in grouping opts #6480 * Scrape: Reduce memory usage on reloads by reusing scrape cache #6670 * Scrape: Add metrics to track bytes and entries in the metadata cache #6675 * promtool: Add support for line-column numbers for invalid rules output #6533 * Avoid restarting rule groups when it is unnecessary #6450 + Bug fixes * React UI: Send cookies on fetch() on older browsers #6553 * React UI: adopt grafana flot fix for stacked graphs #6603 * React UI: broken graph page browser history so that back button works as expected #6659 * TSDB: ensure compactionsSkipped metric is registered, and log proper error if one is returned from head.Init #6616 * TSDB: return an error on ingesting series with duplicate labels #6664 * PromQL: Fix unary operator precedence #6579 * PromQL: Respect query.timeout even when we reach query.max-concurrency #6712 * PromQL: Fix string and parentheses handling in engine, which affected React UI #6612 * PromQL: Remove output labels returned by absent() if they are produced by multiple identical label matchers #6493 * Scrape: Validate that OpenMetrics input ends with `# EOF` #6505 * Remote read: return the correct error if configs can't be marshal'd to JSON #6622 * Remote write: Make remote client `Store` use passed context, which can affect shutdown timing #6673 * Remote write: Improve sharding calculation in cases where we would always be consistently behind by tracking pendingSamples #6511 * Ensure prometheus_rule_group metrics are deleted when a rule group is removed #6693
• Changes from 2.15.2 + Bug fixes * TSDB: Fixed support for TSDB blocks built with Prometheus before 2.1.0. #6564 * TSDB: Fixed block compaction issues on Windows. #6547
• Changes from 2.15.1 + Bug fixes * TSDB: Fixed race on concurrent queries against same data. #6512
• Changes from 2.15.0 + Features * API: Added new endpoint for exposing per metric metadata `/metadata`. #6420 #6442 + Changes * Discovery: Removed `prometheus_sd_kubernetes_cache_*` metrics. Additionally `prometheus_sd_kubernetes_workqueue_latency_seconds` and `prometheus_sd_kubernetes_workqueue_work_duration_seconds` metrics now show correct values in seconds. #6393 * Remote write: Changed `query` label on `prometheus_remote_storage_*` metrics to `remote_name` and `url`. #6043 + Enhancements * TSDB: Significantly reduced memory footprint of loaded TSDB blocks. #6418 #6461 * TSDB: Significantly optimized what we buffer during compaction which should result in lower memory footprint during compaction. #6422 #6452 #6468 #6475 * TSDB: Improve replay latency. #6230 * TSDB: WAL size is now used for size based retention calculation. #5886 * Remote read: Added query grouping and range hints to the remote read request #6401 * Remote write: Added `prometheus_remote_storage_sent_bytes_total` counter per queue. #6344 * promql: Improved PromQL parser performance. #6356 * React UI: Implemented missing pages like `/targets` #6276, TSDB status page #6281 #6267 and many other fixes and performance improvements. * promql: Prometheus now accepts spaces between time range and square bracket. e.g `[ 5m]` #6065 + Bug fixes * Config: Fixed alertmanager configuration to not miss targets when configurations are similar. #6455 * Remote write: Value of `prometheus_remote_storage_shards_desired` gauge shows raw value of desired shards and it's updated correctly. #6378 * Rules: Prometheus now fails the evaluation of rules and alerts where metric results collide with labels specified in `labels` field. #6469 * API: Targets Metadata API `/targets/metadata` now accepts empty `match_targets` parameter as in the spec. #6303
• Changes from 2.14.0 + Features * API: `/api/v1/status/runtimeinfo` and `/api/v1/status/buildinfo` endpoints added for use by the React UI. #6243 * React UI: implement the new experimental React based UI. #5694 and many more * Can be found by under `/new`. * Not all pages are implemented yet. * Status: Cardinality statistics added to the Runtime & Build Information page. #6125 + Enhancements * Remote write: fix delays in remote write after a compaction. #6021 * UI: Alerts can be filtered by state. #5758 + Bug fixes * Ensure warnings from the API are escaped. #6279 * API: lifecycle endpoints return 403 when not enabled. #6057 * Build: Fix Solaris build. #6149 * Promtool: Remove false duplicate rule warnings when checking rule files with alerts. #6270 * Remote write: restore use of deduplicating logger in remote write. #6113 * Remote write: do not reshard when unable to send samples. #6111 * Service discovery: errors are no longer logged on context cancellation. #6116, #6133 * UI: handle null response from API properly. #6071
• Changes from 2.13.1 + Bug fixes * Fix panic in ARM builds of Prometheus. #6110 * promql: fix potential panic in the query logger. #6094 * Multiple errors of http: superfluous response.WriteHeader call in the logs. #6145
• Changes from 2.13.0 + Enhancements * Metrics: renamed prometheus_sd_configs_failed_total to prometheus_sd_failed_configs and changed to Gauge #5254 * Include the tsdb tool in builds. #6089 * Service discovery: add new node address types for kubernetes. #5902 * UI: show warnings if query have returned some warnings. #5964 * Remote write: reduce memory usage of the series cache. #5849 * Remote read: use remote read streaming to reduce memory usage. #5703 * Metrics: added metrics for remote write max/min/desired shards to queue manager. #5787 * Promtool: show the warnings during label query. #5924 * Promtool: improve error messages when parsing bad rules. #5965 * Promtool: more promlint rules. #5515 + Bug fixes * UI: Fix a Stored DOM XSS vulnerability with query history [CVE-2019-10215](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10215). #6098 * Promtool: fix recording inconsistency due to duplicate labels. #6026 * UI: fixes service-discovery view when accessed from unhealthy targets. #5915 * Metrics format: OpenMetrics parser crashes on short input. #5939 * UI: avoid truncated Y-axis values. #6014
• Changes from 2.12.0 + Features * Track currently active PromQL queries in a log file. #5794 * Enable and provide binaries for `mips64` / `mips64le` architectures. #5792 + Enhancements * Improve responsiveness of targets web UI and API endpoint. #5740 * Improve remote write desired shards calculation. #5763 * Flush TSDB pages more precisely. tsdb#660 * Add `prometheus_tsdb_retention_limit_bytes` metric. tsdb#667 * Add logging during TSDB WAL replay on startup. tsdb#662 * Improve TSDB memory usage. tsdb#653, tsdb#643, tsdb#654, tsdb#642, tsdb#627 + Bug fixes * Check for duplicate label names in remote read. #5829 * Mark deleted rules' series as stale on next evaluation. #5759 * Fix JavaScript error when showing warning about out-of-sync server time. #5833 * Fix `promtool test rules` panic when providing empty `exp_labels`. #5774 * Only check last directory when discovering checkpoint number. #5756 * Fix error propagation in WAL watcher helper functions. #5741 * Correctly handle empty labels from alert templates. #5845
• Update Uyuni/SUSE Manager service discovery patch + Adapt service discovery to the new Uyuni API endpoints + Modified spec file: force golang 1.12 to fix build issues in SLE15SP2
• Update to Prometheus 2.11.2

• Update to version 7.0.3 * Features / Enhancements - Stats: include all fields. #24829, @ryantxu - Variables: change VariableEditorList row action Icon to IconButton. #25217, @hshoff * Bug fixes - Cloudwatch: Fix dimensions of DDoSProtection. #25317, @papagian - Configuration: Fix env var override of sections containing hyphen. #25178, @marefr - Dashboard: Get panels in collapsed rows. #25079, @peterholmberg - Do not show alerts tab when alerting is disabled. #25285, @dprokop - Jaeger: fixes cascader option label duration value. #25129, @Estrax - Transformations: Fixed Transform tab crash & no update after adding first transform. #25152, @torkelo
• Update to version 7.0.2 * Bug fixes - Security: Urgent security patch release to fix CVE-2020-13379
• Update to version 7.0.1 * Features / Enhancements - Datasource/CloudWatch: Makes CloudWatch Logs query history more readable. #24795, @kaydelaney - Download CSV: Add date and time formatting. #24992, @ryantxu - Table: Make last cell value visible when right aligned. #24921, @peterholmberg - TablePanel: Adding sort order persistance. #24705, @torkelo - Transformations: Display correct field name when using reduce transformation. #25068, @peterholmberg - Transformations: Allow custom number input for binary operations. #24752, @ryantxu * Bug fixes - Dashboard/Links: Fixes dashboard links by tags not working. #24773, @KamalGalrani - Dashboard/Links: Fixes open in new window for dashboard link. #24772, @KamalGalrani - Dashboard/Links: Variables are resolved and limits to 100. #25076, @hugohaggmark - DataLinks: Bring back variables interpolation in title. #24970, @dprokop - Datasource/CloudWatch: Field suggestions no longer limited to prefix-only. #24855, @kaydelaney - Explore/Table: Keep existing field types if possible. #24944, @kaydelaney - Explore: Fix wrap lines toggle for results of queries with filter expression. #24915, @ivanahuckova - Explore: fix undo in query editor. #24797, @zoltanbedi - Explore: fix word break in type head info. #25014, @zoltanbedi - Graph: Legend decimals now work as expected. #24931, @torkelo - LoginPage: Fix hover color for service buttons. #25009, @tskarhed - LogsPanel: Fix scrollbar. #24850, @ivanahuckova - MoveDashboard: Fix for moving dashboard caused all variables to be lost. #25005, @torkelo - Organize transformer: Use display name in field order comparer. #24984, @dprokop - Panel: shows correct panel menu items in view mode. #24912, @hugohaggmark - PanelEditor Fix missing labels and description if there is only single option in category. #24905, @dprokop - PanelEditor: Overrides name matcher still show all original field names even after Field default display name is specified. #24933, @torkelo - PanelInspector: Makes sure Data display options are visible. #24902, @hugohaggmark - PanelInspector: Hides unsupported data display options for Panel type. #24918, @hugohaggmark - PanelMenu: Make menu disappear on button press. #25015, @tskarhed - Postgres: Fix add button. #25087, @phemmer - Prometheus: Fix recording rules expansion. #24977, @ivanahuckova - Stackdriver: Fix creating Service Level Objectives (SLO) datasource query variable. #25023, @papagian
• Update to version 7.0.0 * Breaking changes - Removed PhantomJS: PhantomJS was deprecated in Grafana v6.4 and starting from Grafana v7.0.0, all PhantomJS support has been removed. This means that Grafana no longer ships with a built-in image renderer, and we advise you to install the Grafana Image Renderer plugin. - Dashboard: A global minimum dashboard refresh interval is now enforced and defaults to 5 seconds. - Interval calculation: There is now a new option Max data points that controls the auto interval $__interval calculation. Interval was previously calculated by dividing the panel width by the time range. With the new max data points option it is now easy to set $__interval to a dynamic value that is time range agnostic. For example if you set Max data points to 10 Grafana will dynamically set $__interval by dividing the current time range by 10. - Datasource/Loki: Support for deprecated Loki endpoints has been removed. - Backend plugins: Grafana now requires backend plugins to be signed, otherwise Grafana will not load/start them. This is an additional security measure to make sure backend plugin binaries and files haven't been tampered with. Refer to Upgrade Grafana for more information. - @grafana/ui: Forms migration notice, see @grafana/ui changelog - @grafana/ui: Select API change for creating custom values, see @grafana/ui changelog + Deprecation warnings - Scripted dashboards is now deprecated. The feature is not removed but will be in a future release. We hope to address the underlying requirement of dynamic dashboards in a different way. #24059 - The unofficial first version of backend plugins together with usage of grafana/grafana-plugin-model is now deprecated and support for that will be removed in a future release. Please refer to backend plugins documentation for information about the new officially supported backend plugins. * Features / Enhancements - Backend plugins: Log deprecation warning when using the unofficial first version of backend plugins. #24675, @marefr - Editor: New line on Enter, run query on Shift+Enter. #24654, @davkal - Loki: Allow multiple derived fields with the same name. #24437, @aocenas - Orgs: Add future deprecation notice. #24502, @torkelo * Bug Fixes - @grafana/toolkit: Use process.cwd() instead of PWD to get directory. #24677, @zoltanbedi - Admin: Makes long settings values line break in settings page. #24559, @hugohaggmark - Dashboard: Allow editing provisioned dashboard JSON and add confirmation when JSON is copied to dashboard. #24680, @dprokop - Dashboard: Fix for strange 'dashboard not found' errors when opening links in dashboard settings. #24416, @torkelo - Dashboard: Fix so default data source is selected when data source can't be found in panel editor. #24526, @mckn - Dashboard: Fixed issue changing a panel from transparent back to normal in panel editor. #24483, @torkelo - Dashboard: Make header names reflect the field name when exporting to CSV file from the the panel inspector. #24624, @peterholmberg - Dashboard: Make sure side pane is displayed with tabs by default in panel editor. #24636, @dprokop - Data source: Fix query/annotation help content formatting. #24687, @AgnesToulet - Data source: Fixes async mount errors. #24579, @Estrax - Data source: Fixes saving a data source without failure when URL doesn't specify a protocol. #24497, @aknuds1 - Explore/Prometheus: Show results of instant queries only in table. #24508, @ivanahuckova - Explore: Fix rendering of react query editors. #24593, @ivanahuckova - Explore: Fixes loading more logs in logs context view. #24135, @Estrax - Graphite: Fix schema and dedupe strategy in rollup indicators for Metrictank queries. #24685, @torkelo - Graphite: Makes query annotations work again. #24556, @hugohaggmark - Logs: Clicking 'Load more' from context overlay doesn't expand log row. #24299, @kaydelaney - Logs: Fix total bytes process calculation. #24691, @davkal - Org/user/team preferences: Fixes so UI Theme can be set back to Default. #24628, @AgnesToulet - Plugins: Fix manifest validation. #24573, @aknuds1 - Provisioning: Use proxy as default access mode in provisioning. #24669, @bergquist - Search: Fix select item when pressing enter and Grafana is served using a sub path. #24634, @tskarhed - Search: Save folder expanded state. #24496, @Clarity-89 - Security: Tag value sanitization fix in OpenTSDB data source. #24539, @rotemreiss - Table: Do not include angular options in options when switching from angular panel. #24684, @torkelo - Table: Fixed persisting column resize for time series fields. #24505, @torkelo - Table: Fixes Cannot read property subRows of null. #24578, @hugohaggmark - Time picker: Fixed so you can enter a relative range in the time picker without being converted to absolute range. #24534, @mckn - Transformations: Make transform dropdowns not cropped. #24615, @dprokop - Transformations: Sort order should be preserved as entered by user when using the reduce transformation. #24494, @hugohaggmark - Units: Adds scale symbol for currencies with suffixed symbol. #24678, @hugohaggmark - Variables: Fixes filtering options with more than 1000 entries. #24614, @hugohaggmark - Variables: Fixes so Textbox variables read value from url. #24623, @hugohaggmark - Zipkin: Fix error when span contains remoteEndpoint. #24524, @aocenas - SAML: Switch from email to login for user login attribute mapping (Enterprise)
• Update Makefile and spec file * Remove phantomJS patch from Makefile * Fix multiline strings in Makefile * Exclude s390 from SLE12 builds, golang 1.14 is not built for s390
• Add instructions for patching the Grafana javascript frontend.
• BuildRequires golang(API) instead of go metapackage version range * BuildRequires: golang(API) >= 1.14 from BuildRequires: ( go >= 1.14 with go < 1.15 )
• Update to version 6.7.3 - This version fixes bsc#1170557 and its corresponding CVE-2020-12245 - Admin: Fix Synced via LDAP message for non-LDAP external users. #23477, @alexanderzobnin - Alerting: Fixes notifications for alerts with empty message in Google Hangouts notifier. #23559, @hugohaggmark - AuthProxy: Fixes bug where long username could not be cached.. #22926, @jcmcken - Dashboard: Fix saving dashboard when editing raw dashboard JSON model. #23314, @peterholmberg - Dashboard: Try to parse 8 and 15 digit numbers as timestamps if parsing of time range as date fails. #21694, @jessetan - DashboardListPanel: Fixed problem with empty panel after going into edit mode (General folder filter being automatically added) . #23426, @torkelo - Data source: Handle datasource withCredentials option properly. #23380, @hvtuananh - Security: Fix annotation popup XSS vulnerability. #23813, @torkelo - Server: Exit Grafana with status code 0 if no error. #23312, @aknuds1 - TablePanel: Fix XSS issue in header column rename (backport). #23814, @torkelo - Variables: Fixes error when setting adhoc variable values. #23580, @hugohaggmark
• Update to version 6.7.2: (see installed changelog for the full list of changes) - BackendSrv: Adds config to response to fix issue for external plugins that used this property . #23032, @torkelo - Dashboard: Fixed issue with saving new dashboard after changing title . #23104, @dprokop - DataLinks: make sure we use the correct datapoint when dataset contains null value.. #22981, @mckn - Plugins: Fixed issue for plugins that imported dateMath util . #23069, @mckn - Security: Fix for dashboard snapshot original dashboard link could contain XSS vulnerability in url. #23254, @torkelo - Variables: Fixes issue with too many queries being issued for nested template variables after value change. #23220, @torkelo - Plugins: Expose promiseToDigest. #23249, @torkelo - Reporting (Enterprise): Fixes issue updating a report created by someone else
• Update to 6.7.1: (see installed changelog for the full list of changes) Bug Fixes - Azure: Fixed dropdowns not showing current value. #22914, @torkelo - BackendSrv: only add content-type on POST, PUT requests. #22910, @hugohaggmark - Panels: Fixed size issue with panel internal size when exiting panel edit mode. #22912, @torkelo - Reporting: fixes migrations compatibility with mysql (Enterprise) - Reporting: Reduce default concurrency limit to 4 (Enterprise)
• Update to 6.7.0: (see installed changelog for the full list of changes) Bug Fixes - AngularPanels: Fixed inner height calculation for angular panels . #22796, @torkelo - BackendSrv: makes sure provided headers are correctly recognized and set. #22778, @hugohaggmark - Forms: Fix input suffix position (caret-down in Select) . #22780, @torkelo - Graphite: Fixed issue with query editor and next select metric now showing after selecting metric node . #22856, @torkelo - Rich History: UX adjustments and fixes. #22729, @ivanahuckova
• Update to 6.7.0-beta1: Breaking changes - Slack: Removed Mention setting and instead introduce Mention Users, Mention Groups, and Mention Channel. The first two settings require user and group IDs, respectively. This change was necessary because the way of mentioning via the Slack API changed and mentions in Slack notifications no longer worked. - Alerting: Reverts the behavior of diff and percent_diff to not always be absolute. Something we introduced by mistake in 6.1.0. Alerting now support diff(), diff_abs(), percent_diff() and percent_diff_abs(). #21338 - Notice about changes in backendSrv for plugin authors In our mission to migrate away from AngularJS to React we have removed all AngularJS dependencies in the core data retrieval service backendSrv. Removing the AngularJS dependencies in backendSrv has the unfortunate side effect of AngularJS digest no longer being triggered for any request made with backendSrv. Because of this, external plugins using backendSrv directly may suffer from strange behaviour in the UI. To remedy this issue, as a plugin author you need to trigger the digest after a direct call to backendSrv. Bug Fixes API: Fix redirect issues. #22285, @papagian Alerting: Don't include image_url field with Slack message if empty. #22372, @aknuds1 Alerting: Fixed bad background color for default notifications in alert tab . #22660, @krvajal Annotations: In table panel when setting transform to annotation, they will now show up right away without a manual refresh. #22323, @krvajal Azure Monitor: Fix app insights source to allow for new __timeFrom and __timeTo. #21879, @ChadNedzlek BackendSrv: Fixes POST body for form data. #21714, @hugohaggmark CloudWatch: Credentials cache invalidation fix. #22473, @sunker CloudWatch: Expand alias variables when query yields no result. #22695, @sunker Dashboard: Fix bug with NaN in alerting. #22053, @a-melnyk Explore: Fix display of multiline logs in log panel and explore. #22057, @thomasdraebing Heatmap: Legend color range is incorrect when using custom min/max. #21748, @sv5d Security: Fixed XSS issue in dashboard history diff . #22680, @torkelo StatPanel: Fixes base color is being used for null values . #22646, @torkelo
• Update to version 6.6.2: (see installed changelog for the full list of changes)
• Update to version 6.6.1: (see installed changelog for the full list of changes)
• Update to version 6.6.0: (see installed changelog for the full list of changes)
• Update to version 6.5.3: (see installed changelog for the full list of changes)
• Update to version 6.5.2: (see installed changelog for the full list of changes)
• Update to version 6.5.1: (see installed changelog for the full list of changes)
• Update to version 6.5.0 (see installed changelog for the full list of changes)
• Update to version 6.4.5: * Create version 6.4.5 * CloudWatch: Fix high CPU load (#20579)
• Add obs-service-go_modules to download required modules into vendor.tar.gz
• Adjusted spec file to use vendor.tar.gz
• Adjusted Makefile to work with new filenames
• BuildRequire go1.14
• Update to version 6.4.4: * DataLinks: Fix blur issues. #19883, @aocenas * Docker: Makes it possible to parse timezones in the docker image. #20081, @xlson * LDAP: All LDAP servers should be tried even if one of them returns a connection error. #20077, @jongyllen * LDAP: No longer shows incorrectly matching groups based on role in debug page. #20018, @xlson * Singlestat: Fix no data / null value mapping . #19951, @ryantxu
• Revert the spec file and make script
• Remove PhantomJS dependency
• Update to 6.4.3 * Bug Fixes - Alerting: All notification channels should send even if one fails to send. #19807, @jan25 - AzureMonitor: Fix slate interference with dropdowns. #19799, @aocenas - ContextMenu: make ContextMenu positioning aware of the viewport width. #19699, @krvajal - DataLinks: Fix context menu not showing in singlestat-ish visualisations. #19809, @dprokop - DataLinks: Fix url field not releasing focus. #19804, @aocenas - Datasource: Fixes clicking outside of some query editors required 2 clicks. #19822, @aocenas - Panels: Fixes default tab for visualizations without Queries Tab. #19803, @hugohaggmark - Singlestat: Fixed issue with mapping null to text. #19689, @torkelo - @grafana/toolkit: Don't fail plugin creation when git user.name config is not set. #19821, @dprokop - @grafana/toolkit: TSLint line number off by 1. #19782, @fredwangwang
• Update to 6.4.2 * Bug Fixes - CloudWatch: Changes incorrect dimension wmlid to wlmid . #19679, @ATTron - Grafana Image Renderer: Fixes plugin page. #19664, @hugohaggmark - Graph: Fixes auto decimals logic for y axis ticks that results in too many decimals for high values. #19618, @torkelo - Graph: Switching to series mode should re-render graph. #19623, @torkelo - Loki: Fix autocomplete on label values. #19579, @aocenas - Loki: Removes live option for logs panel. #19533, @davkal - Profile: Fix issue with user profile not showing more than sessions sessions in some cases. #19578, @huynhsamha - Prometheus: Fixes so results in Panel always are sorted by query order. #19597, @hugohaggmark - ShareQuery: Fixed issue when using -- Dashboard -- datasource (to share query result) when dashboard had rows. #19610, @torkelo - Show SAML login button if SAML is enabled. #19591, @papagian - SingleStat: Fixes postfix/prefix usage. #19687, @hugohaggmark - Table: Proper handling of json data with dataframes. #19596, @marefr - Units: Fixed wrong id for Terabits/sec. #19611, @andreaslangnevyjel
• Changes from 6.4.1 * Bug Fixes - Provisioning: Fixed issue where empty nested keys in YAML provisioning caused a server crash, #19547 - ImageRendering: Fixed issue with image rendering in enterprise build (Enterprise) - Reporting: Fixed issue with reporting service when STMP was disabled (Enterprise).
• Changes from 6.4.0 * Features / Enhancements - Build: Upgrade go to 1.12.10. #19499, @marefr - DataLinks: Suggestions menu improvements. #19396, @dprokop - Explore: Take root_url setting into account when redirecting from dashboard to explore. #19447, @ivanahuckova - Explore: Update broken link to logql docs. #19510, @ivanahuckova - Logs: Adds Logs Panel as a visualization. #19504, @davkal * Bug Fixes - CLI: Fix version selection for plugin install. #19498, @aocenas - Graph: Fixes minor issue with series override color picker and custom color . #19516, @torkelo
• Changes from 6.4.0 Beta 2 * Features / Enhancements - Azure Monitor: Remove support for cross resource queries (#19115)'. #19346, @sunker - Docker: Upgrade packages to resolve reported vulnerabilities. #19188, @marefr - Graphite: Time range expansion reduced from 1 minute to 1 second. #19246, @torkelo - grafana/toolkit: Add plugin creation task. #19207, @dprokop * Bug Fixes - Alerting: Prevents creating alerts from unsupported queries. #19250, @hugohaggmark - Alerting: Truncate PagerDuty summary when greater than 1024 characters. #18730, @nvllsvm - Cloudwatch: Fix autocomplete for Gamelift dimensions. #19146, @kevinpz - Dashboard: Fix export for sharing when panels use default data source. #19315, @torkelo - Database: Rewrite system statistics query to perform better. #19178, @papagian - Gauge/BarGauge: Fix issue with [object Object] in titles . #19217, @ryantxu - MSSQL: Revert usage of new connectionstring format introduced by #18384. #19203, @marefr - Multi-LDAP: Do not fail-fast on invalid credentials. #19261, @gotjosh - MySQL, Postgres, MSSQL: Fix validating query with template variables in alert . #19237, @marefr - MySQL, Postgres: Update raw sql when query builder updates. #19209, @marefr - MySQL: Limit datasource error details returned from the backend. #19373, @marefr
• Changes from 6.4.0 Beta 1 * Features / Enhancements - API: Readonly datasources should not be created via the API. #19006, @papagian - Alerting: Include configured AlertRuleTags in Webhooks notifier. #18233, @dominic-miglar - Annotations: Add annotations support to Loki. #18949, @aocenas - Annotations: Use a single row to represent a region. #17673, @ryantxu - Auth: Allow inviting existing users when login form is disabled. #19048, @548017 - Azure Monitor: Add support for cross resource queries. #19115, @sunker - CLI: Allow installing custom binary plugins. #17551, @aocenas - Dashboard: Adds Logs Panel (alpha) as visualization option for Dashboards. #18641, @hugohaggmark - Dashboard: Reuse query results between panels . #16660, @ryantxu - Dashboard: Set time to to 23:59:59 when setting To time using calendar. #18595, @simPod - DataLinks: Add DataLinks support to Gauge, BarGauge and SingleStat2 panel. #18605, @ryantxu - DataLinks: Enable access to labels & field names. #18918, @torkelo - DataLinks: Enable multiple data links per panel. #18434, @dprokop - Docker: switch docker image to alpine base with phantomjs support. #18468, @DanCech - Elasticsearch: allow templating queries to order by doc_count. #18870, @hackery - Explore: Add throttling when doing live queries. #19085, @aocenas - Explore: Adds ability to go back to dashboard, optionally with query changes. #17982, @kaydelaney - Explore: Reduce default time range to last hour. #18212, @davkal - Gauge/BarGauge: Support decimals for min/max. #18368, @ryantxu - Graph: New series override transform constant that renders a single point as a line across the whole graph. #19102, @davkal - Image rendering: Add deprecation warning when PhantomJS is used for rendering images. #18933, @papagian - InfluxDB: Enable interpolation within ad-hoc filter values. #18077, @kvc-code - LDAP: Allow an user to be synchronized against LDAP. #18976, @gotjosh - Ldap: Add ldap debug page. #18759, @peterholmberg - Loki: Remove prefetching of default label values. #18213, @davkal - Metrics: Add failed alert notifications metric. #18089, @koorgoo - OAuth: Support JMES path lookup when retrieving user email. #14683, @bobmshannon - OAuth: return GitLab groups as a part of user info (enable team sync). #18388, @alexanderzobnin - Panels: Add unit for electrical charge - ampere-hour. #18950, @anirudh-ramesh - Plugin: AzureMonitor - Reapply MetricNamespace support. #17282, @raphaelquati - Plugins: better warning when plugins fail to load. #18671, @ryantxu - Postgres: Add support for scram sha 256 authentication. #18397, @nonamef - RemoteCache: Support SSL with Redis. #18511, @kylebrandt - SingleStat: The gauge option in now disabled/hidden (unless it's an old panel with it already enabled) . #18610, @ryantxu - Stackdriver: Add extra alignment period options. #18909, @sunker - Units: Add South African Rand (ZAR) to currencies. #18893, @jeteon - Units: Adding T,P,E,Z,and Y bytes. #18706, @chiqomar * Bug Fixes - Alerting: Notification is sent when state changes from no_data to ok. #18920, @papagian - Alerting: fix duplicate alert states when the alert fails to save to the database. #18216, @kylebrandt - Alerting: fix response popover prompt when add notification channels. #18967, @lzdw - CloudWatch: Fix alerting for queries with Id (using GetMetricData). #17899, @alex-berger - Explore: Fix auto completion on label values for Loki. #18988, @aocenas - Explore: Fixes crash using back button with a zoomed in graph. #19122, @hugohaggmark - Explore: Fixes so queries in Explore are only run if Graph/Table is shown. #19000, @hugohaggmark - MSSQL: Change connectionstring to URL format to fix using passwords with semicolon. #18384, @Russiancold - MSSQL: Fix memory leak when debug enabled. #19049, @briangann - Provisioning: Allow escaping literal '$' with '$$' in configs to avoid interpolation. #18045, @kylebrandt - TimePicker: Fixes hiding time picker dropdown in FireFox. #19154, @hugohaggmark * Breaking changes + Annotations There are some breaking changes in the annotations HTTP API for region annotations. Region annotations are now represented using a single event instead of two seperate events. Check breaking changes in HTTP API below and HTTP API documentation for more details. + Docker Grafana is now using Alpine 3.10 as docker base image. + HTTP API - GET /api/alert-notifications now requires at least editor access. New /api/alert-notifications/lookup returns less information than /api/alert-notifications and can be access by any authenticated user. - GET /api/alert-notifiers now requires at least editor access - GET /api/org/users now requires org admin role. New /api/org/users/lookup returns less information than /api/org/users and can be access by users that are org admins, admin in any folder or admin of any team. - GET /api/annotations no longer returns regionId property. - POST /api/annotations no longer supports isRegion property. - PUT /api/annotations/:id no longer supports isRegion property. - PATCH /api/annotations/:id no longer supports isRegion property. - DELETE /api/annotations/region/:id has been removed. * Deprecation notes + PhantomJS - PhantomJS, which is used for rendering images of dashboards and panels, is deprecated and will be removed in a future Grafana release. A deprecation warning will from now on be logged when Grafana starts up if PhantomJS is in use. Please consider migrating from PhantomJS to the Grafana Image Renderer plugin.
• Changes from 6.3.6 * Features / Enhancements - Metrics: Adds setting for turning off total stats metrics. #19142, @marefr * Bug Fixes - Database: Rewrite system statistics query to perform better. #19178, @papagian - Explore: Fixes error when switching from prometheus to loki data sources. #18599, @kaydelaney
• Rebase package spec. Use mostly from fedora, fix suse specified things and fix some errors.
• Add missing directories provisioning/datasources and provisioning/notifiers and sample.yaml as described in packaging/rpm/control from upstream. Missing directories are shown in logfiles.
• Version 6.3.5 * Upgrades + Build: Upgrade to go 1.12.9. * Bug Fixes + Dashboard: Fixes dashboards init failed loading error for dashboards with panel links that had missing properties. + Editor: Fixes issue where only entire lines were being copied. + Explore: Fixes query field layout in splitted view for Safari browsers. + LDAP: multildap + ldap integration. + Profile/UserAdmin: Fix for user agent parser crashes grafana-server on 32-bit builds. + Prometheus: Prevents panel editor crash when switching to Prometheus datasource. + Prometheus: Changes brace-insertion behavior to be less annoying.
• Version 6.3.4 * Security: CVE-2019-15043 - Parts of the HTTP API allow unauthenticated use.
• Version 6.3.3 * Bug Fixes + Annotations: Fix failing annotation query when time series query is cancelled. #18532 1, @dprokop 1 + Auth: Do not set SameSite cookie attribute if cookie_samesite is none. #18462 1, @papagian 3 + DataLinks: Apply scoped variables to data links correctly. #18454 1, @dprokop 1 + DataLinks: Respect timezone when displaying datapoint’s timestamp in graph context menu. #18461 2, @dprokop 1 + DataLinks: Use datapoint timestamp correctly when interpolating variables. #18459 1, @dprokop 1 + Explore: Fix loading error for empty queries. #18488 1, @davkal + Graph: Fixes legend issue clicking on series line icon and issue with horizontal scrollbar being visible on windows. #18563 1, @torkelo 2 + Graphite: Avoid glob of single-value array variables . #18420, @gotjosh + Prometheus: Fix queries with label_replace remove the $1 match when loading query editor. #18480 5, @hugohaggmark 3 + Prometheus: More consistently allows for multi-line queries in editor. #18362 2, @kaydelaney 2 + TimeSeries: Assume values are all numbers. #18540 4, @ryantxu
• Version 6.3.2 * Bug Fixes + Gauge/BarGauge: Fixes issue with losts thresholds and issue loading Gauge with avg stat. #18375 12
• Version 6.3.1 * Bug Fixes + PanelLinks: Fix crash issue Gauge & Bar Gauge for panels with panel links (drill down links). #18430 2
• Version 6.3.0 * Features / Enhancements + OAuth: Do not set SameSite OAuth cookie if cookie_samesite is None. #18392 4, @papagian 3 + Auth Proxy: Include additional headers as part of the cache key. #18298 6, @gotjosh + Build grafana images consistently. #18224 12, @hassanfarid + Docs: SAML. #18069 11, @gotjosh + Permissions: Show plugins in nav for non admin users but hide plugin configuration. #18234 1, @aocenas + TimePicker: Increase max height of quick range dropdown. #18247 2, @torkelo 2 + Alerting: Add tags to alert rules. #10989 13, @Thib17 1 + Alerting: Attempt to send email notifications to all given email addresses. #16881 1, @zhulongcheng + Alerting: Improve alert rule testing. #16286 2, @marefr + Alerting: Support for configuring content field for Discord alert notifier. #17017 2, @jan25 + Alertmanager: Replace illegal chars with underscore in label names. #17002 5, @bergquist 1 + Auth: Allow expiration of API keys. #17678, @papagian 3 + Auth: Return device, os and browser when listing user auth tokens in HTTP API. #17504, @shavonn 1 + Auth: Support list and revoke of user auth tokens in UI. #17434 2, @shavonn 1 + AzureMonitor: change clashing built-in Grafana variables/macro names for Azure Logs. #17140, @shavonn 1 + CloudWatch: Made region visible for AWS Cloudwatch Expressions. #17243 2, @utkarshcmu + Cloudwatch: Add AWS DocDB metrics. #17241, @utkarshcmu + Dashboard: Use timezone dashboard setting when exporting to CSV. #18002 1, @dehrax + Data links. #17267 11, @torkelo 2 + Docker: Switch base image to ubuntu:latest from debian:stretch to avoid security issues… #17066 5, @bergquist 1 + Elasticsearch: Support for visualizing logs in Explore . #17605 7, @marefr + Explore: Adds Live option for supported datasources. #17062 1, @hugohaggmark 3 + Explore: Adds orgId to URL for sharing purposes. #17895 1, @kaydelaney 2 + Explore: Adds support for new loki ‘start’ and ‘end’ params for labels endpoint. #17512, @kaydelaney 2 + Explore: Adds support for toggling raw query mode in explore. #17870, @kaydelaney 2 + Explore: Allow switching between metrics and logs . #16959 2, @marefr + Explore: Combines the timestamp and local time columns into one. #17775, @hugohaggmark 3 + Explore: Display log lines context . #17097, @dprokop 1 + Explore: Don’t parse log levels if provided by field or label. #17180 1, @marefr + Explore: Improves performance of Logs element by limiting re-rendering. #17685, @kaydelaney 2 + Explore: Support for new LogQL filtering syntax. #16674 4, @davkal + Explore: Use new TimePicker from Grafana/UI. #17793, @hugohaggmark 3 + Explore: handle newlines in LogRow Highlighter. #17425, @rrfeng 1 + Graph: Added new fill gradient option. #17528 3, @torkelo 2 + GraphPanel: Don’t sort series when legend table & sort column is not visible . #17095, @shavonn 1 + InfluxDB: Support for visualizing logs in Explore. #17450 9, @hugohaggmark 3 + Logging: Login and Logout actions (#17760). #17883 1, @ATTron + Logging: Move log package to pkg/infra. #17023, @zhulongcheng + Metrics: Expose stats about roles as metrics. #17469 2, @bergquist 1 + MySQL/Postgres/MSSQL: Add parsing for day, weeks and year intervals in macros. #13086 6, @bernardd + MySQL: Add support for periodically reloading client certs. #14892, @tpetr + Plugins: replace dataFormats list with skipDataQuery flag in plugin.json. #16984, @ryantxu + Prometheus: Take timezone into account for step alignment. #17477, @fxmiii + Prometheus: Use overridden panel range for $__range instead of dashboard range. #17352, @patrick246 + Prometheus: added time range filter to series labels query. #16851 3, @FUSAKLA + Provisioning: Support folder that doesn’t exist yet in dashboard provisioning. #17407 1, @Nexucis + Refresh picker: Handle empty intervals. #17585 1, @dehrax + Singlestat: Add y min/max config to singlestat sparklines. #17527 4, @pitr + Snapshot: use given key and deleteKey. #16876, @zhulongcheng + Templating: Correctly display __text in multi-value variable after page reload. #17840 1, @EduardSergeev + Templating: Support selecting all filtered values of a multi-value variable. #16873 2, @r66ad + Tracing: allow propagation with Zipkin headers. #17009 4, @jrockway + Users: Disable users removed from LDAP. #16820 2, @alexanderzobnin * Bug Fixes + PanelLinks: Fix render issue when there is no panel description. #18408 3, @dehrax + OAuth: Fix “missing saved state” OAuth login failure due to SameSite cookie policy. #18332 1, @papagian 3 + cli: fix for recognizing when in dev mode… #18334, @xlson + DataLinks: Fixes incorrect interpolation of ${__series_name} . #18251 1, @torkelo 2 + Loki: Display live tailed logs in correct order in Explore. #18031 3, @kaydelaney 2 + PhantomJS: Fixes rendering on Debian Buster. #18162 2, @xlson + TimePicker: Fixed style issue for custom range popover. #18244, @torkelo 2 + Timerange: Fixes a bug where custom time ranges didn’t respect UTC. #18248 1, @kaydelaney 2 + remote_cache: Fix redis connstr parsing. #18204 1, @mblaschke + AddPanel: Fix issue when removing moved add panel widget . #17659 2, @dehrax + CLI: Fix encrypt-datasource-passwords fails with sql error. #18014, @marefr + Elasticsearch: Fix default max concurrent shard requests. #17770 4, @marefr + Explore: Fix browsing back to dashboard panel. #17061, @jschill + Explore: Fix filter by series level in logs graph. #17798, @marefr + Explore: Fix issues when loading and both graph/table are collapsed. #17113, @marefr + Explore: Fix selection/copy of log lines. #17121, @marefr + Fix: Wrap value of multi variable in array when coming from URL. #16992 1, @aocenas + Frontend: Fix for Json tree component not working. #17608, @srid12 + Graphite: Fix for issue with alias function being moved last. #17791, @torkelo 2 + Graphite: Fixes issue with seriesByTag & function with variable param. #17795, @torkelo 2 + Graphite: use POST for /metrics/find requests. #17814 2, @papagian 3 + HTTP Server: Serve Grafana with a custom URL path prefix. #17048 6, @jan25 + InfluxDB: Fixes single quotes are not escaped in label value filters. #17398 1, @Panzki + Prometheus: Correctly escape ‘|’ literals in interpolated PromQL variables. #16932, @Limess + Prometheus: Fix when adding label for metrics which contains colons in Explore. #16760, @tolwi + SinglestatPanel: Remove background color when value turns null. #17552 1, @druggieri
• Make phantomjs dependency configurable
• Create plugin directory and clean up (create in %install, add to %files) handling of /var/lib/grafana/* and

• Calculate relative path for kernel and inited when generating grub entry (bsc#1170231)
• Fix os-release version detection for SUSE

• Remove commented code in test files
• Replace spacewalk-usix with uyuni-common-libs
• Bump version to 4.1.0 (bsc#1154940)
• Add mgr manpage links

• Bump version to 4.1.0 (bsc#1154940)

• Bump version to 4.1.0 (bsc#1154940)
• Fix systemd timer configuration on SLE12 (bsc#1142038)

• Separate osa-dispatcher and jabberd so it can be disabled independently
• Replace spacewalk-usix with uyuni-common-libs
• Bump version to 4.1.0 (bsc#1154940)
• Move /usr/share/rhn/config-defaults to uyuni-base-common
• Require uyuni-base-common for /etc/rhn (for osa-dispatcher)
• Ensure bytes type when using hashlib to avoid traceback (bsc#1138822)

• Replace spacewalk-usix and spacewalk-backend-libs with uyuni-common-libs
• Bump version to 4.1.0 (bsc#1154940)

• Replace spacewalk-usix with uyuni-common-libs
• Bump version to 4.1.0 (bsc#1154940)
• Fix mgr-virtualization timer

• Fix building
• Fix malformed XML response when data contains non-ASCII chars (bsc#1154968)
• Bump version to 4.1.0 (bsc#1154940)
• Fix bootstrapping SLE11SP4 trad client with SSL enabled (bsc#1148177)

• Only report real error, not result (bsc#1171687)
• Use defined return values for spacecmd methods so scripts can check for failure (bsc#1171687)
• Disable globbing for api subcommand to allow wildcards in filter settings (bsc#1163871)
• Bugfix: attempt to purge SSM when it is empty (bsc#1155372)
• Bump version to 4.1.0 (bsc#1154940)
• Prevent error when piping stdout in Python 2 (bsc#1153090)
• Java api expects content as encoded string instead of encoded bytes like before (bsc#1153277)
• Enable building and installing for Ubuntu 16.04 and Ubuntu 18.04
• Add unit test for schedule, errata, user, utils, misc, configchannel and kickstart modules
• Multiple minor bugfixes alongside the unit tests
• Bugfix: referenced variable before assignment.
• Add unit test for report, package, org, repo and group

• Add workaround for uptime overflow to spacewalk-update-status as well (bsc#1165921)
• Spell correctly 'successful' and 'successfully'
• Skip dmidecode data on aarch64 to prevent coredump (bsc#1113160)
• Replace spacewalk-usix with uyuni-common-libs
• Return a non-zero exit status on errors in rhn_check
• Bump version to 4.1.0 (bsc#1154940)
• Make a explicit requirement to systemd for spacewalk-client-tools when rhnsd timer is installed

• Bump version to 4.1.0 (bsc#1154940)
• Require commands we use in merge-rd.sh

• Bump version to 4.1.0 (bsc#1154940)

• Update spacewalk-create-channel with RHEL 7.7 channel definitions
• Bump version to 4.1.0 (bsc#1154940)

• Bump version to 4.1.0 (bsc#1154940)

• SuseRegisterInfo only needs perl-base, not full perl (bsc#1168310)
• Bump version to 4.1.0 (bsc#1154940)

• 1.0.7
• Prevent issue with non-ASCII characters in Python 2 systems (bsc#1172462)

This update fixes the following issues:
POS_Image-Graphical7:

• Add plymouth-plugin-label-ft package to all *7 templates and set them to be of SLE15SP2 version
• Add optional dracut-wireless comment section and move wpa_suplicant there

• Add plymouth-plugin-label-ft package to all *7 templates and set them to be of SLE15SP2 version
• Add optional dracut-wireless comment section and move wpa_suplicant there

• Use automatic RAID assembly only in the first phase before start of salt

• Make sure ifup is scheduled (bsc#1173149)

• Add support for Prometheus exporters proxy

• Move uyuni-base-common dependency from mgr-osad to mgr-osa-dispatcher (bsc#1174405)

• Fix softwarechannel update for vendor channels (bsc#1172709)
• Fix escaping of package names (bsc#1171281)

• Use the 4.1 image to fix tests

• Enhance RedHat product detection for CentOS and OracleLinux (bsc#1173584)

• Fix issues importing RPM packages with long RPM headers (bsc#1174965)

This Maintenance update for SUSE Manager fixes the following issue:

• Add requires for fillup, groupadd, useradd, systemd (bsc#1175946)

This update for golang-github-prometheus-prometheus to version 2.18.0 fixes the following issues:

• Fixed some building issues (bsc#1175478)
• prometheus components systemd units should depend on network target (bsc#1143913).

• Changes from 2.17.2 + Bug fixes * Federation: Register federation metrics #7081 * PromQL: Fix panic in parser error handling #7132 * Rules: Fix reloads hanging when deleting a rule group that is being evaluated #7138 * TSDB: Fix a memory leak when prometheus starts with an empty TSDB WAL #7135 * TSDB: Make isolation more robust to panics in web handlers #7129 #7136
• Changes from 2.17.1 + Bug fixes * TSDB: Fix query performance regression that increased memory and CPU usage #7051
• Changes from 2.17.0 + Features * TSDB: Support isolation #6841 * This release implements isolation in TSDB. API queries and recording rules are guaranteed to only see full scrapes and full recording rules. This comes with a certain overhead in resource usage. Depending on the situation, there might be some increase in memory usage, CPU usage, or query latency. + Enhancements * PromQL: Allow more keywords as metric names #6933 * React UI: Add normalization of localhost URLs in targets page #6794 * Remote read: Read from remote storage concurrently #6770 * Rules: Mark deleted rule series as stale after a reload #6745 * Scrape: Log scrape append failures as debug rather than warn #6852 * TSDB: Improve query performance for queries that partially hit the head #6676 * Consul SD: Expose service health as meta label #5313 * EC2 SD: Expose EC2 instance lifecycle as meta label #6914 * Kubernetes SD: Expose service type as meta label for K8s service role #6684 * Kubernetes SD: Expose label_selector and field_selector #6807 * Openstack SD: Expose hypervisor id as meta label #6962 + Bug fixes * PromQL: Do not escape HTML-like chars in query log #6834 #6795 * React UI: Fix data table matrix values #6896 * React UI: Fix new targets page not loading when using non-ASCII characters #6892 * Remote read: Fix duplication of metrics read from remote storage with external labels #6967 #7018 * Remote write: Register WAL watcher and live reader metrics for all remotes, not just the first one #6998 * Scrape: Prevent removal of metric names upon relabeling #6891 * Scrape: Fix 'superfluous response.WriteHeader call' errors when scrape fails under some circonstances #6986 * Scrape: Fix crash when reloads are separated by two scrape intervals #7011
• Changes from 2.16.0 + Features * React UI: Support local timezone on /graph #6692 * PromQL: add absent_over_time query function #6490 * Adding optional logging of queries to their own file #6520 + Enhancements * React UI: Add support for rules page and 'Xs ago' duration displays #6503 * React UI: alerts page, replace filtering togglers tabs with checkboxes #6543 * TSDB: Export metric for WAL write errors #6647 * TSDB: Improve query performance for queries that only touch the most recent 2h of data. #6651 * PromQL: Refactoring in parser errors to improve error messages #6634 * PromQL: Support trailing commas in grouping opts #6480 * Scrape: Reduce memory usage on reloads by reusing scrape cache #6670 * Scrape: Add metrics to track bytes and entries in the metadata cache #6675 * promtool: Add support for line-column numbers for invalid rules output #6533 * Avoid restarting rule groups when it is unnecessary #6450 + Bug fixes * React UI: Send cookies on fetch() on older browsers #6553 * React UI: adopt grafana flot fix for stacked graphs #6603 * React UI: broken graph page browser history so that back button works as expected #6659 * TSDB: ensure compactionsSkipped metric is registered, and log proper error if one is returned from head.Init #6616 * TSDB: return an error on ingesting series with duplicate labels #6664 * PromQL: Fix unary operator precedence #6579 * PromQL: Respect query.timeout even when we reach query.max-concurrency #6712 * PromQL: Fix string and parentheses handling in engine, which affected React UI #6612 * PromQL: Remove output labels returned by absent() if they are produced by multiple identical label matchers #6493 * Scrape: Validate that OpenMetrics input ends with `# EOF` #6505 * Remote read: return the correct error if configs can't be marshal'd to JSON #6622 * Remote write: Make remote client `Store` use passed context, which can affect shutdown timing #6673 * Remote write: Improve sharding calculation in cases where we would always be consistently behind by tracking pendingSamples #6511 * Ensure prometheus_rule_group metrics are deleted when a rule group is removed #6693
• Changes from 2.15.2 + Bug fixes * TSDB: Fixed support for TSDB blocks built with Prometheus before 2.1.0. #6564 * TSDB: Fixed block compaction issues on Windows. #6547
• Changes from 2.15.1 + Bug fixes * TSDB: Fixed race on concurrent queries against same data. #6512
• Changes from 2.15.0 + Features * API: Added new endpoint for exposing per metric metadata `/metadata`. #6420 #6442 + Changes * Discovery: Removed `prometheus_sd_kubernetes_cache_*` metrics. Additionally `prometheus_sd_kubernetes_workqueue_latency_seconds` and `prometheus_sd_kubernetes_workqueue_work_duration_seconds` metrics now show correct values in seconds. #6393 * Remote write: Changed `query` label on `prometheus_remote_storage_*` metrics to `remote_name` and `url`. #6043 + Enhancements * TSDB: Significantly reduced memory footprint of loaded TSDB blocks. #6418 #6461 * TSDB: Significantly optimized what we buffer during compaction which should result in lower memory footprint during compaction. #6422 #6452 #6468 #6475 * TSDB: Improve replay latency. #6230 * TSDB: WAL size is now used for size based retention calculation. #5886 * Remote read: Added query grouping and range hints to the remote read request #6401 * Remote write: Added `prometheus_remote_storage_sent_bytes_total` counter per queue. #6344 * promql: Improved PromQL parser performance. #6356 * React UI: Implemented missing pages like `/targets` #6276, TSDB status page #6281 #6267 and many other fixes and performance improvements. * promql: Prometheus now accepts spaces between time range and square bracket. e.g `[ 5m]` #6065 + Bug fixes * Config: Fixed alertmanager configuration to not miss targets when configurations are similar. #6455 * Remote write: Value of `prometheus_remote_storage_shards_desired` gauge shows raw value of desired shards and it's updated correctly. #6378 * Rules: Prometheus now fails the evaluation of rules and alerts where metric results collide with labels specified in `labels` field. #6469 * API: Targets Metadata API `/targets/metadata` now accepts empty `match_targets` parameter as in the spec. #6303
• Changes from 2.14.0 + Features * API: `/api/v1/status/runtimeinfo` and `/api/v1/status/buildinfo` endpoints added for use by the React UI. #6243 * React UI: implement the new experimental React based UI. #5694 and many more * Can be found by under `/new`. * Not all pages are implemented yet. * Status: Cardinality statistics added to the Runtime & Build Information page. #6125 + Enhancements * Remote write: fix delays in remote write after a compaction. #6021 * UI: Alerts can be filtered by state. #5758 + Bug fixes * Ensure warnings from the API are escaped. #6279 * API: lifecycle endpoints return 403 when not enabled. #6057 * Build: Fix Solaris build. #6149 * Promtool: Remove false duplicate rule warnings when checking rule files with alerts. #6270 * Remote write: restore use of deduplicating logger in remote write. #6113 * Remote write: do not reshard when unable to send samples. #6111 * Service discovery: errors are no longer logged on context cancellation. #6116, #6133 * UI: handle null response from API properly. #6071
• Changes from 2.13.1 + Bug fixes * Fix panic in ARM builds of Prometheus. #6110 * promql: fix potential panic in the query logger. #6094 * Multiple errors of http: superfluous response.WriteHeader call in the logs. #6145
• Changes from 2.13.0 + Enhancements * Metrics: renamed prometheus_sd_configs_failed_total to prometheus_sd_failed_configs and changed to Gauge #5254 * Include the tsdb tool in builds. #6089 * Service discovery: add new node address types for kubernetes. #5902 * UI: show warnings if query have returned some warnings. #5964 * Remote write: reduce memory usage of the series cache. #5849 * Remote read: use remote read streaming to reduce memory usage. #5703 * Metrics: added metrics for remote write max/min/desired shards to queue manager. #5787 * Promtool: show the warnings during label query. #5924 * Promtool: improve error messages when parsing bad rules. #5965 * Promtool: more promlint rules. #5515 + Bug fixes * UI: Fix a Stored DOM XSS vulnerability with query history [CVE-2019-10215](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10215). #6098 * Promtool: fix recording inconsistency due to duplicate labels. #6026 * UI: fixes service-discovery view when accessed from unhealthy targets. #5915 * Metrics format: OpenMetrics parser crashes on short input. #5939 * UI: avoid truncated Y-axis values. #6014
• Changes from 2.12.0 + Features * Track currently active PromQL queries in a log file. #5794 * Enable and provide binaries for `mips64` / `mips64le` architectures. #5792 + Enhancements * Improve responsiveness of targets web UI and API endpoint. #5740 * Improve remote write desired shards calculation. #5763 * Flush TSDB pages more precisely. tsdb#660 * Add `prometheus_tsdb_retention_limit_bytes` metric. tsdb#667 * Add logging during TSDB WAL replay on startup. tsdb#662 * Improve TSDB memory usage. tsdb#653, tsdb#643, tsdb#654, tsdb#642, tsdb#627 + Bug fixes * Check for duplicate label names in remote read. #5829 * Mark deleted rules' series as stale on next evaluation. #5759 * Fix JavaScript error when showing warning about out-of-sync server time. #5833 * Fix `promtool test rules` panic when providing empty `exp_labels`. #5774 * Only check last directory when discovering checkpoint number. #5756 * Fix error propagation in WAL watcher helper functions. #5741 * Correctly handle empty labels from alert templates. #5845

• Update to Prometheus 2.11.2

• Build with PIE

• Only package required files (reduces rpm size by 4 MB)
• Add sysconfig file
• Add firewall config file
• Use variables for defining user and group

• Add support for Uyuni/SUSE Manager service discovery

• readded _service file removed in error.
• Update to 2.11.1 + Bug Fix: * Fix potential panic when prometheus is watching multiple zookeeper paths.
• Update to 2.11.0 + Bug Fix: * resolve race condition in maxGauge. * Fix ZooKeeper connection leak. * Improved atomicity of .tmp block replacement during compaction for usual case. * Fix 'unknown series references' after clean shutdown. * Re-calculate block size when calling block.Delete. * Fix unsafe snapshots with head block. * prometheus_tsdb_compactions_failed_total is now incremented on any compaction failure. + Changes: * Remove max_retries from queue_config (it has been unused since rewriting remote-write to utilize the write-ahead-log) * The meta file BlockStats no longer holds size information. This is now dynamically calculated and kept in memory. It also includes the meta file size which was not included before * Renamed metric from prometheus_tsdb_wal_reader_corruption_errors to prometheus_tsdb_wal_reader_corruption_errors_total + Features: * Add option to use Alertmanager API v2. * Added humanizePercentage function for templates. * Include InitContainers in Kubernetes Service Discovery. * Provide option to compress WAL records using Snappy. + Enhancements: * Create new clean segment when starting the WAL. * Reduce allocations in PromQL aggregations. * Add storage warnings to LabelValues and LabelNames API results. * Add prometheus_http_requests_total metric. * Enable openbsd/arm build. * Remote-write allocation improvements. * Query performance improvement: Efficient iteration and search in HashForLabels and HashWithoutLabels. * Allow injection of arbitrary headers in promtool. * Allow passing external_labels in alert unit tests groups. * Allows globs for rules when unit testing. * Improved postings intersection matching. * Reduced disk usage for WAL for small setups. * Optimize queries using regexp for set lookups.

• Update to 2.10.0: + Bug Fixes: * TSDB: Don't panic when running out of disk space and recover nicely from the condition * TSDB: Correctly handle empty labels. * TSDB: Don't crash on an unknown tombstone reference. * Storage/remote: Remove queue-manager specific metrics if queue no longer exists. * PromQL: Correctly display {__name__='a'}. * Discovery/kubernetes: Use service rather than ingress as the name for the service workqueue. * Discovery/azure: Don't panic on a VM with a public IP. * Web: Fixed Content-Type for js and css instead of using /etc/mime.types. * API: Encode alert values as string to correctly represent Inf/NaN. + Features: * Template expansion: Make external labels available as $externalLabels in alert and console template expansion. * TSDB: Add prometheus_tsdb_wal_segment_current metric for the WAL segment index that TSDB is currently writing to. tsdb * Scrape: Add scrape_series_added per-scrape metric. #5546 + Enhancements * Discovery/kubernetes: Add labels __meta_kubernetes_endpoint_node_name and __meta_kubernetes_endpoint_hostname. * Discovery/azure: Add label __meta_azure_machine_public_ip. * TSDB: Simplify mergedPostings.Seek, resulting in better performance if there are many posting lists. tsdb * Log filesystem type on startup. * Cmd/promtool: Use POST requests for Query and QueryRange. client_golang * Web: Sort alerts by group name. * Console templates: Add convenience variables $rawParams, $params, $path.
• Upadte to 2.9.2 + Bug Fixes: * Make sure subquery range is taken into account for selection * Exhaust every request body before closing it * Cmd/promtool: return errors from rule evaluations * Remote Storage: string interner should not panic in release * Fix memory allocation regression in mergedPostings.Seek tsdb
• Update to 2.9.1 + Bug Fixes: * Discovery/kubernetes: fix missing label sanitization * Remote_write: Prevent reshard concurrent with calling stop
• Update to 2.9.0 + Feature: * Add honor_timestamps scrape option. + Enhancements: * Update Consul to support catalog.ServiceMultipleTags. * Discovery/kubernetes: add present labels for labels/annotations. * OpenStack SD: Add ProjectID and UserID meta labels. * Add GODEBUG and retention to the runtime page. * Add support for POSTing to /series endpoint. * Support PUT methods for Lifecycle and Admin APIs. * Scrape: Add global jitter for HA server. * Check for cancellation on every step of a range evaluation. * String interning for labels & values in the remote_write path. * Don't lose the scrape cache on a failed scrape. * Reload cert files from disk automatically. common * Use fixed length millisecond timestamp format for logs. common * Performance improvements for postings. Bug Fixes: * Remote Write: fix checkpoint reading. * Check if label value is valid when unmarshaling external labels from YAML. * Promparse: sort all labels when parsing. * Reload rules: copy state on both name and labels. * Exponentation operator to drop metric name in result of operation. * Config: resolve more file paths. * Promtool: resolve relative paths in alert test files. * Set TLSHandshakeTimeout in HTTP transport. common * Use fsync to be more resilient to machine crashes. * Keep series that are still in WAL in checkpoints.
• Update to 2.8.1 + Bug Fixes * Display the job labels in /targets which was removed accidentally
• Update to 2.8.0 + Change: * This release uses Write-Ahead Logging (WAL) for the remote_write API. This currently causes a slight increase in memory usage, which will be addressed in future releases. * Default time retention is used only when no size based retention is specified. These are flags where time retention is specified by the flag --storage.tsdb.retention and size retention by --storage.tsdb.retention.size. * prometheus_tsdb_storage_blocks_bytes_total is now prometheus_tsdb_storage_blocks_bytes. + Feature: * (EXPERIMENTAL) Time overlapping blocks are now allowed; vertical compaction and vertical query merge. It is an optional feature which is controlled by the --storage.tsdb.allow-overlapping-blocks flag, disabled by default. + Enhancements:

This update fixes the following issues:
POS_Image-Graphical7:

• Set wicked to use plain mac address for computing DHCP DUID (bsc#1173268)

• Set wicked to use plain mac address for computing DHCP DUID (bsc#1173268)

• Set wicked to use plain mac address for computing DHCP DUID
• Copy wicked lease xml file to prevent query for second IP address (bsc#1173268)

• Pin Golang version to 1.14

• Remove duplicate languages and update translation strings

• Fix softwarechannel_listlatestpackages throwing error on empty channels (bsc#1175889)

• Remove duplicated languages and update translation strings

This update for apache-commons-el fixes the following issues:

• Provide missing update dependencies for apache-commons-el. (bsc#1179637)

This update fixes the following issues:
golang-github-prometheus-alertmanager:

• Fix building amtool (bsc#1176943)
• Fix permissions for /var/lib/prometheus to match golang-github-prometheus-prometheus package. Otherwise the install check will fail.
• Update to 0.21.0 + Changes: * [HipChat] Remove HipChat integration as it is end-of-life. #2282 * [amtool] Remove default assignment of environment variables. #2161 * [PagerDuty] Enforce 512KB event size limit. #2225 + Enhancements: * [amtool] Add cluster command to show cluster and peer statuses. #2256 * Add redirection from / to the routes prefix when it isn't empty. #2235 * [Webhook] Add max_alerts option to limit the number of alerts included in the payload. #2274 * Improve logs for API v2, notifications and clustering. #2177 #2188 #2260 #2261 #2273 + Bugfixes: * Fix child routes not inheriting their parent route's grouping when group_by: [...]. * [UI] Fix the receiver selector in the Alerts page when the receiver name contains regular expression metacharacters such as +. * Fix error message about start and end time validation. #2173 * Fix a potential race condition in dispatcher. #2208 * [API v2] Return an empty array of peers when the clustering is disabled. #2203 * Fix the registration of alertmanager_dispatcher_aggregation_groups and alertmanager_dispatcher_alert_processing_duration_seconds metrics. * Always retry notifications with back-off. #2290
• Remove rpm group
• Update to build with go1.14 for Factory (Tumbleweed)
• Refresh example config from upstream
• Add network-online (Wants and After) dependency to systemd unit bsc#1143913

• Fix removal of mgr-deamon with selinux enabled (bsc#1177928)

• Fix: make spacecmd build on Debian

• Update translations

• Adjust ownership of some tests files to fix them

• Remove checks for obsolete packages
• Gather new configfiles
• Add more important informations

• Support 'allow vendor change' for dist upgrades

This update fixes the following issues:
golang-github-prometheus-alertmanager:

• Exclude s390 architecture
• Update packaging * Remove systemd and shadow hard requirements * use the system user provided by the system-user-prometheus subpackge * add 'prometheus-alertmanager' package alias

• Update to upstream version 2.22.1
• Update packaging * Remove systemd and shadow hard requirements * use systemd-sysusers to configure the user in a dedicated 'system-user-prometheus' subpackage * add 'prometheus' package alias

• Update packaging * avoid systemd and shadow hard requirements * Require the user from a new dedicated 'system-user-grafana' sibling package * avoid pinning to a specific Go version in the spec file
• Update to version 7.3.1: * Breaking changes - CloudWatch: The AWS CloudWatch data source's authentication scheme has changed. See the upgrade notes for details and how this may affect you. - Units: The date time units `YYYY-MM-DD HH:mm:ss` and `MM/DD/YYYY h:mm:ss a` have been renamed to `Datetime ISO` and `Datetime US` respectively. * Features / Enhancements - AzureMonitor: Support decimal (as float64) type in analytics/logs. - Add monitoring mixing for Grafana. - CloudWatch: Missing Namespace AWS/EC2CapacityReservations. - CloudWatch: Add support for AWS DirectConnect virtual interface metrics and add missing dimensions. - CloudWatch: Adding support for Amazon ElastiCache Redis metrics. - CloudWatch: Adding support for additional Amazon CloudFront metrics. - CloudWatch: Re-implement authentication. - Elasticsearch: Support multiple pipeline aggregations for a query. - Prometheus: Add time range parameters to labels API. - Loki: Visually distinguish error logs for LogQL2. - Api: Add /healthz endpoint for health checks. - API: Enrich add user to org endpoints with user ID in the response. - API: Enrich responses and improve error handling for alerting API endpoints. - Elasticsearch: Add support for date_nanos type. - Elasticsearch: Allow fields starting with underscore. - Elasticsearch: Increase maximum geohash aggregation precision to 12. - Postgres: Support request cancellation properly (Uses new backendSrv.fetch Observable request API). - Provisioning: Remove provisioned dashboards without parental reader. - API: Return ID of the deleted resource for dashboard, datasource and folder DELETE endpoints. - API: Support paging in the admin orgs list API. - API: return resource ID for auth key creation, folder permissions update and user invite complete endpoints. - BackendSrv: Uses credentials, deprecates withCredentials & defaults to same-origin. - CloudWatch: Update list of AmazonMQ metrics and dimensions. - Cloudwatch: Add Support for external ID in assume role. - Cloudwatch: Add af-south-1 region. - DateFormats: Default ISO & US formats never omit date part even if date is today (breaking change). - Explore: Transform prometheus query to elasticsearch query. - InfluxDB/Flux: Increase series limit for Flux datasource. - InfluxDB: exclude result and table column from Flux table results. - InfluxDB: return a table rather than an error when timeseries is missing time. - Loki: Add scopedVars support in legend formatting for repeated variables. - Loki: Re-introduce running of instant queries. - Loki: Support request cancellation properly (Uses new backendSrv.fetch Observable request API). - MixedDatasource: Shows retrieved data even if a data source fails. - Postgres: Support Unix socket for host. - Prometheus: Add scopedVars support in legend formatting for repeated variables. - Prometheus: Support request cancellation properly (Uses new backendSrv.fetch Observable request API). - Prometheus: add $__rate_interval variable. - Table: Adds column filtering. - grafana-cli: Add ability to read password from stdin to reset admin password. - Variables: enables cancel for slow query variables queries. - AzureMonitor: fix panic introduced in 7.1.4 when unit was unspecified and alias was used. - TextPanel: Fix content overflowing panel boundaries. - Fix golang version = 1.14 to avoid dependency conflicts on some OBS projects
• Update to version 7.0.0 * Remove phantomJS patch from Makefile

• Change the log file permissions as expected by logrotate (bsc#1177884)

• Fix spacecmd with no parameters produces traceback on SLE 11 SP4 (bsc#1176823)
• Added '-r REVISION' option to the 'configchannel_updateinitsls' command (bsc#1179566)
• Fix: internal: workaround for future tee of logs translation

• Section in Debian packages in now treated as optional (bsc#1179555)

This update for go fixes the following issues:
Update to current stable go1.15 (bsc#1175132)

• Ensure 'Provides: golang(API) = %{api_version}' is consistent to improve package resolution for common go dependency expressions 'BuildRequires: golang(API) >= 1.x' and BuildRequires: go >= 1.x OBS projects that contain go code often have prjconf entries 'Prefer: go' which selects go metapackage over go1.x packages. When go metapackage Provides: version is lower than go1.x versions, 'Prefer: go' is not effective and build failures occur with errors unresolvable: have choice for golang(API) >= 1.13: go1.13 go1.14 Edits and changelog Jeff Kowalczyk (bsc#1172608)

• Unify '{version'} and '{short_version}' as '{api_version}' for 'Provides: golang(API) = %{api_version}'
• Use both 'BuildRequires: go%{api_version}' and 'Requires: go%{api_version}' to trigger build errors if go1.x is unavailable
• Add aarch64 to supported systems for go-race via %define tsan_arch x86_64 aarch64
• Add tsan_arch x86_64 aarch64 for suse_version >= 1500 and sle_version >= 150000, formerly conditional on suse_version >= 1315
• Ensure %ifarch %{tsan_arch} always evaluates (nil does not work) via dummy tsan_arch on systems where go-race is not supported

• Remove redundant Provides: go-doc=%{version} per rpmlint warning

• Change suse_version >= 1315 (was 1550) defines short_version 1.12 go1.12 packages are available for SLE-12.

This update fixes the following issues:
spacecmd:

• Deprecated 'Software Crashes' feature
• Document advanced package search on '--help' (bsc#1180583)
• Fixed advanced search on 'package_listinstalledsystems'
• Fixed duplicate results when using multiple search criteria (bsc#1180585)

This update for go fixes the following issues:

• Update to current stable go1.16 (bsc#1182345)

This update for spacewalk-java fixes the following issue:

• Use the correct product tag.

This update for golang-github-prometheus-prometheus fixes the following issues:

• Provide and reload firewalld configuration only for: + openSUSE Leap 15.0, 15.1, 15.2 + SUSE SLE15, SLE15 SP1, SLE15 SP2
• Upgrade to upstream version 2.27.1 (jsc#SLE-18254) + Bugfix: * SECURITY: Fix arbitrary redirects under the /new endpoint (CVE-2021-29622, bsc#1186242) + Features: * Promtool: Retroactive rule evaluation functionality. #7675 * Configuration: Environment variable expansion for external labels. Behind --enable-feature=expand-external-labels flag. #8649 * TSDB: Add a flag(--storage.tsdb.max-block-chunk-segment-size) to control the max chunks file size of the blocks for small Prometheus instances. * UI: Add a dark theme. #8604 * AWS Lightsail Discovery: Add AWS Lightsail Discovery. #8693 * Docker Discovery: Add Docker Service Discovery. #8629 * OAuth: Allow OAuth 2.0 to be used anywhere an HTTP client is used. #8761 * Remote Write: Send exemplars via remote write. Experimental and disabled by default. #8296 + Enhancements: * Digital Ocean Discovery: Add __meta_digitalocean_vpc label. #8642 * Scaleway Discovery: Read Scaleway secret from a file. #8643 * Scrape: Add configurable limits for label size and count. #8777 * UI: Add 16w and 26w time range steps. #8656 * Templating: Enable parsing strings in humanize functions. #8682 + Bugfixes: * UI: Provide errors instead of blank page on TSDB Status Page. #8654 #8659 * TSDB: Do not panic when writing very large records to the WAL. #8790 * TSDB: Avoid panic when mmaped memory is referenced after the file is closed. #8723 * Scaleway Discovery: Fix nil pointer dereference. #8737 * Consul Discovery: Restart no longer required after config update with no targets. #8766
• Add tarball with vendor modules and web assets
• Uyuni: Read formula data from exporters map
• Uyuni: Add support for TLS targets
• Upgrade to upstream version 2.26.0 + Changes * Alerting: Using Alertmanager v2 API by default. #8626 * Prometheus/Promtool: Binaries are now printing help and usage to stdout instead of stderr. #8542 + Features * Remote: Add support for AWS SigV4 auth method for remote_write. #8509 * PromQL: Allow negative offsets. Behind --enable-feature=promql-negative-offset flag. #8487 * UI: Add advanced auto-completion, syntax highlighting and linting to graph page query input. #8634 + Enhancements * PromQL: Add last_over_time, sgn, clamp functions. #8457 * Scrape: Add support for specifying type of Authorization header credentials with Bearer by default. #8512 * Scrape: Add follow_redirects option to scrape configuration. #8546 * Remote: Allow retries on HTTP 429 response code for remote_write. #8237 #8477 * Remote: Allow configuring custom headers for remote_read. #8516 * UI: Hitting Enter now triggers new query. #8581 * UI: Better handling of long rule and names on the /rules and /targets pages. #8608 #8609 * UI: Add collapse/expand all button on the /targets page. #8486
• Upgrade to upstream version 2.25.0 + Features * Include a new `--enable-feature=` flag that enables experimental features. + Enhancements * Add optional name property to testgroup for better test failure output. #8440 * Add warnings into React Panel on the Graph page. #8427 * TSDB: Increase the number of buckets for the compaction duration metric. #8342 * Remote: Allow passing along custom remote_write HTTP headers. #8416 * Mixins: Scope grafana configuration. #8332 * Kubernetes SD: Add endpoint labels metadata. #8273 * UI: Expose total number of label pairs in head in TSDB stats page. #8343 * TSDB: Reload blocks every minute, to detect new blocks and enforce retention more often. #8343 + Bug fixes * API: Fix global URL when external address has no port. #8359 * Deprecate unused flag --alertmanager.timeout. #8407
• Upgrade to upstream version 2.24.1 + Enhancements * Cache basic authentication results to significantly improve performance of HTTP endpoints.
• Upgrade to upstream version 2.24.0 + Features * Add TLS and basic authentication to HTTP endpoints. #8316 * promtool: Add check web-config subcommand to check web config files. #8319 * promtool: Add tsdb create-blocks-from openmetrics subcommand to backfill metrics data from an OpenMetrics file. + Enhancements * HTTP API: Fast-fail queries with only empty matchers. #8288 * HTTP API: Support matchers for labels API. #8301 * promtool: Improve checking of URLs passed on the command line. #7956 * SD: Expose IPv6 as a label in EC2 SD. #7086 * SD: Reuse EC2 client, reducing frequency of requesting credentials. #8311 * TSDB: Add logging when compaction takes more than the block time range. #8151 * TSDB: Avoid unnecessary GC runs after compaction. #8276
• Upgrade to upstream version 2.23.0 + Changes * UI: Make the React UI default. #8142 * Remote write: The following metrics were removed/renamed in remote write. #6815 > prometheus_remote_storage_succeeded_samples_total was removed and prometheus_remote_storage_samples_total was introduced for all the samples attempted to send. > prometheus_remote_storage_sent_bytes_total was removed and replaced with prometheus_remote_storage_samples_bytes_total and prometheus_remote_storage_metadata_bytes_total. > prometheus_remote_storage_failed_samples_total -> prometheus_remote_storage_samples_failed_total . > prometheus_remote_storage_retried_samples_total -> prometheus_remote_storage_samples_retried_total. > prometheus_remote_storage_dropped_samples_total -> prometheus_remote_storage_samples_dropped_total. > prometheus_remote_storage_pending_samples -> prometheus_remote_storage_samples_pending. * Remote: Do not collect non-initialized timestamp metrics. #8060 + Enhancements * Remote write: Added a metric prometheus_remote_storage_max_samples_per_send for remote write. #8102 * TSDB: Make the snapshot directory name always the same length. #8138 * TSDB: Create a checkpoint only once at the end of all head compactions. #8067 * TSDB: Avoid Series API from hitting the chunks. #8050 * TSDB: Cache label name and last value when adding series during compactions making compactions faster. #8192 * PromQL: Improved performance of Hash method making queries a bit faster. #8025 * promtool: tsdb list now prints block sizes. #7993 * promtool: Calculate mint and maxt per test avoiding unnecessary calculations. #8096 * SD: Add filtering of services to Docker Swarm SD. #8074
• Uyuni: `hostname` label is now set to FQDN instead of IP
• Update to upstream version 2.22.1
• Update packaging * Remove systemd and shadow hard requirements * use systemd-sysusers to configure the user in a dedicated 'system-user-prometheus' subpackage * add 'prometheus' package alias + Add support for Prometheus exporters proxy
• Remove prometheus.firewall.xml source file
• Remove firewalld files. They are installed in the main firewalld package.

This recommended update for system-user-prometheus provides the following fixes:

• Provide the user and group 'prometheus' to SUSE Enterprise Storage 6 needed by 'golang-github-prometheus-prometheus' (jsc#SLE-18254)

This update fixes the following issues:
ansible:

• The support level for ansible is l2, not l3

• Force installation of libexpat.so.1 (bsc#1188846)
• Use kernel parameters from PXE formula also for local boot

• Provide and reload firewalld configuration only for: + openSUSE Leap 15.0, 15.1, 15.2 + SUSE Linux Enterprise 15, 15 SP1, 15 SP2
• Upgrade to upstream version 2.27.1 (jsc#SLE-18254) + Bugfix: * SECURITY: Fix arbitrary redirects under the /new endpoint (CVE-2021-29622, bsc#1186242) * UI: Provide errors instead of blank page on TSDB Status Page. #8654 #8659 * TSDB: Do not panic when writing very large records to the WAL. #8790 * TSDB: Avoid panic when mmaped memory is referenced after the file is closed. #8723 * Scaleway Discovery: Fix nil pointer dereference. #8737 * Consul Discovery: Restart no longer required after config update with no targets. #8766 + Features: * Promtool: Retroactive rule evaluation functionality. * Configuration: Environment variable expansion for external labels. Behind '--enable-feature=expand-external-labels' flag. * Add a flag '--storage.tsdb.max-block-chunk-segment-size' to control the max chunks file size of the blocks for small Prometheus instances. * UI: Add a dark theme. * AWS Lightsail Discovery: Add AWS Lightsail Discovery. * Docker Discovery: Add Docker Service Discovery. * OAuth: Allow OAuth 2.0 to be used anywhere an HTTP client is used. * Remote Write: Send exemplars via remote write. Experimental and disabled by default. + Enhancements: * Digital Ocean Discovery: Add '__meta_digitalocean_vpc' label. * Scaleway Discovery: Read Scaleway secret from a file. * Scrape: Add configurable limits for label size and count. * UI: Add 16w and 26w time range steps. * Templating: Enable parsing strings in humanize functions.
• Update package with changes from `server:monitoring` (bsc#1175478) Left out removal of 'firewalld' related configuration files as SUSE Linux Enterprise 15-SP1's `firewalld` package does not contain 'prometheus' configuration yet.

• No visible impact for the user

• No visible impact for the user

• No visible impact for the user

• No visible impact for the user

• No visible impact for the user

• No visible impact for the user

• Make spacecmd aware of retracted patches/packages
• Enhance help for installation types when creating distributions (bsc#1186581)
• Parse empty argument when nothing in between the separator

• Update translation strings

• Fix for spacewalk-koan tests after switching to the new Docker images

• No visible impact for the user

• No visible impact for the user

• Handle broken RPM packages to prevent exceptions causing fails on repository synchronization (bsc#1186650)
• Maintainer field in debian packages are only recommended (bsc#1186508)

Maintenance update for SUSE Manager 4.2: Server and Proxy
This is a codestream only update.

This update provides the following package to SUSE Manager 4.2.2 Proxy
golang-github-prometheus-prometheus:

• golang-github-prometheus-prometheus is added to SUSE Manager Proxy as L3 supported.

This update provides the following package to SUSE Manager 4.2.2 Proxy
python-pyvmomi:

• python-pyvmomi is added to SUSE Manager Proxy as L3 supported.

This update provides the following packages to SUSE Manager 4.2.2 Proxy and Server:
ansible:

• ansible and ansible-doc are added to SUSE Manager Proxy as L2 supported

• golang-github-prometheus-alertmanager is added to SUSE Manager Proxy as L3 supported

• python-python-memcached is added to SUSE Manager Proxy as L3 supported

• python-redis is added to SUSE Manager Proxy as L3 supported

• system-user-prometheus is added to SUSE Manager Proxy as L3 supported

Security maintenance update for SUSE Manager 4.2: Server and Proxy

• This is a codestreamonly update

This update provides the following packages to SUSE Manager 4.1.11 Proxy
golang-github-prometheus-prometheus:

• golang-github-prometheus-prometheus is added to SUSE Manager Proxy as L3 supported

This update provides the following packages to SUSE Manager 4.1.11 Proxy
golang-github-prometheus-alertmanager:

• golang-github-prometheus-alertmanager is added to SUSE Manager Proxy as L3 supported

• system-user-prometheus is added to SUSE Manager Proxy as L3 supported

Maintenance update for SUSE Manager 4.2: Server and Proxy
This is a codestream only release.

This feature update for golang-github-prometheus-alertmanager fixes the following issue:
Provide version 0.21.0 of golang-github-prometheus-alertmanager (jsc#SLE-21859)

• Exclude s390 architecture
• Remove systemd and shadow hard requirements
• Use the system user provided by the 'system-user-prometheus' subpackge
• Add 'prometheus-alertmanager' package alias
• Fix building amtool (bsc#1176943)
• Fix permissions for '/var/lib/prometheus' to match 'golang-github-prometheus-prometheus' package and avoid installation checks failures
• Remove HipChat integration as it is end-of-life.
• Remove default assignment of environment variables.
• Enforce 512KB event size limit.
• Add cluster command to show cluster and peer statuses.
• Add redirection from '/' to the routes prefix when it isn't empty.
• Add 'max_alerts' option to limit the number of alerts included in the payload.
• Improve logs for API v2, notifications and clustering.
• Fix child routes not inheriting their parent route's grouping when 'group_by: [...]'.
• Fix the receiver selector in the Alerts page when the receiver name contains regular expression metacharacters such as '+'.
• Fix error message about start and end time validation.
• Fix a potential race condition in dispatcher.
• Return an empty array of peers when the clustering is disabled.
• Fix the registration of 'alertmanager_dispatcher_aggregation_groups' and 'alertmanager_dispatcher_alert_processing_duration_seconds' metrics.
• Always retry notifications with back-off.
• Update to build with go1.14
• Refresh example config from upstream
• Add 'network-online' (Wants and After) dependency to systemd unit (bsc#1143913)

This update fixes the following issues:
prometheus-blackbox_exporter:

• Provide 'prometheus-blackbox_exporter' version 0.19.0 (jsc#SLE-22351)
• Use '%set_permissions' and '%verify_permissions' for SUSE Linux Enterprise 12 (bsc#1191194)
• Set 'CAP_NET_RAW' capability to allow ICMP requests

• Add URL to package source code in the login page footer

• Update translation strings

• Update translation strings

• Use proxy configured in 'up2date' config when it is defined
• Added RHEL8 build.

Maintenance update for SUSE Manager 4.2: Server and Proxy
This is a codestream only update

This update for go fixes the following issues:

• Update the go wrapper package to switch to the current stable go1.17 (bsc#1190649)
• Add golang Provides for RH/Fedora compatibility

This update for cobbler fixes the following issues:

• CVE-2021-45083: Fixed unsafe permissions on sensitive files (bsc#1193671).
• CVE-2021-45082: Fixed incomplete template sanitation (bsc#1193678).

• Fix issues with installation module logging and validation (bsc#1195918)
• Move configuration files ownership to apache (bsc#1195906)
• Remove hardcoded test credentials (bsc#1193673)
• Prevent log pollution (bsc#1193675)
• Missing sanity check on MongoDB configuration file (bsc#1193676)

Maintenance update for SUSE Manager 4.2: Server and Proxy
This is a codestream only update.

This update fixes the following issues:
ansible:

• Require python macros for building

• Version 4.2.6-1 * Do not build python 2 package for SLE15SP4 and higher
• Version 4.2.5-1 * do not build python 2 package for SLE15
• Version 4.2.4-1 * Fix python selinux package name depending on build target (bsc#1193600)

• Version 4.2.3-1 * require python macros for building

• Version 4.2.7-1 * Do not build python 2 package for SLE15SP4 and higher * require python macros for building

• Version 4.2.4-1 * Do not build python 2 package for SLE15SP4 and higher

• Version 4.2.3-1 * Do not build python 2 package for SLE15SP4 and higher * require python macros for building

• Version 4.2.5-1 * do not build python 2 package for SLE15

• Version 4.2.15-1 * require python macros for building

• Version 4.2.16-1 * do not build python 2 package for SLE15 * require python macros for building

• Version 4.2.5-1 * Do not build python 2 package for SLE15SP4 and higher

• Version 4.2.3-1 * Do not build python 2 package for SLE15SP4 and higher * require python macros for building

• Version 4.2.2-1 * require python macros for building

• Version 4.2.5-1 * require python macros for building * Do not build python 2 package for SLE15 and higher

• Version 4.2.6-1 * Read modularity data from DISTTAG tag as fallback (bsc#1192487) * require python macros for building

• 1.0.11 * require python macros for building

This update for prometheus-formula fixes the following issues:
prometheus-formula:

• Version 0.6.1 * Fix checking available package version (bsc#1196489)
• Version 0.6.0 * Add support for new Uyuni SD in Prometheus >= 2.31 * Fix Blackbox exporter configuration for Prometheus >= 2.31

This feature update for golang-github-prometheus-prometheus provides the following changes:
Upgrade `golang-github-prometheus-prometheus` from version 2.27.1 to version 2.32.1: (jsc#SLE-22863)

• Use `obs-service-go_modules`
• Added hardening to systemd service(s). Modified `prometheus.service` (bsc#1181400)
• Bugfixes: * Scrape: Fix reporting metrics when sample limit is reached during the report. * Scrape: Ensure that scrape interval and scrape timeout are always set. * TSDB: Expose and fix bug in iterators' Seek() method. * TSDB: Add more size checks when writing individual sections in the index. * PromQL: Make deriv() return zero values for constant series. * TSDB: Fix panic when checkpoint directory is empty. #9687 * TSDB: Fix panic, out of order chunks, and race warning during WAL replay. * UI: Correctly render links for targets with IPv6 addresses that contain a Zone ID. * Promtool: Fix checking of `authorization.credentials_file` and `bearer_token_file` fields. * Uyuni SD: Fix null pointer exception during initialization. * TSDB: Fix queries after a failed snapshot replay. * SD: Fix a panic when the experimental discovery manager receives targets during a reload. * Backfill: Apply rule labels after query labels. * Scrape: Resolve conflicts between multiple exported label prefixes. * Scrape: Restart scrape loops when __scrape_interval__ is changed. * TSDB: Fix memory leak in samples deletion. * UI: Use consistent margin-bottom for all alert kinds. * TSDB: Fix panic on failed snapshot replay. * TSDB: Don't fail snapshot replay with exemplar storage disabled when the snapshot contains exemplars. * TSDB: Don't error on overlapping m-mapped chunks during WAL replay. * promtool rules backfill: Prevent creation of data before the start time. * promtool rules backfill: Do not query after the end time. * Azure SD: Fix panic when no computername is set. * Exemplars: Fix panic when resizing exemplar storage from 0 to a non-zero size. * TSDB: Correctly decrement `prometheus_tsdb_head_active_appenders` when the append has no samples. * promtool rules backfill: Return 1 if backfill was unsuccessful. * promtool rules backfill: Avoid creation of overlapping blocks. * config: Fix a panic when reloading configuration with a null relabel action. * Fix Kubernetes SD failing to discover Ingress in Kubernetes v1.22. * Fix data race in loading write-ahead-log (WAL). * TSDB: align atomically accessed int64 to prevent panic in 32-bit archs. * Log when total symbol size exceeds 2^32 bytes, causing compaction to fail, and skip compaction. * Fix incorrect target_limit reloading of zero value. * Fix head GC and pending readers race condition. * Fix timestamp handling in OpenMetrics parser. * Fix potential duplicate metrics in /federate endpoint when specifying multiple matchers. * Fix server configuration and validation for authentication via client cert. * Allow start and end again as label names in PromQL queries. They were disallowed since the introduction of @ timestamp feature. * HTTP SD: Allow charset specification in Content-Type header. * HTTP SD: Fix handling of disappeared target groups. * Fix incorrect log-level handling after moving to go-kit/log. * UI: In the experimental PromQL editor, fix autocompletion and parsing for special float values and improve series metadata fetching. * TSDB: When merging chunks, split resulting chunks if they would contain more than the maximum of 120 samples. * SD: Fix the computation of the `prometheus_sd_discovered_targets` metric when using multiple service discoveries.
• Change: * remote-write: Change default max retry time from 100ms to 5 seconds. * UI: Remove standard PromQL editor in favour of the codemirror-based editor. * Promote `--storage.tsdb.allow-overlapping-blocks` flag to stable. * Promote `--storage.tsdb.retention.size` flag to stable. * UI: Make the new experimental PromQL editor the default.
• Features: * Agent: New mode of operation optimized for remote-write only scenarios, without local storage. * Promtool: Add promtool check service-discovery command. * PromQL: Add trigonometric functions and atan2 binary operator. * Remote: Add support for exemplar in the remote write receiver endpoint. * SD: Add PuppetDB service discovery. * SD: Add Uyuni service discovery. * Web: Add support for security-related HTTP headers. * experimental TSDB: Snapshot in-memory chunks on shutdown for faster restarts. * experimental Scrape: Configure scrape interval and scrape timeout via relabeling using `__scrape_interval__` and `__scrape_timeout__` labels respectively. * Scrape: Add scrape_timeout_seconds and scrape_sample_limit metric. * Add Kuma service discovery. * Add present_over_time PromQL function. * Allow configuring exemplar storage via file and make it reloadable. * UI: Allow selecting time range with mouse drag. * promtool: Add feature flags flag `--enable-feature`. * promtool: Add `file_sd` file validation. * Linode SD: Add Linode service discovery. * HTTP SD: Add generic HTTP-based service discovery. * Kubernetes SD: Allow configuring API Server access via a kubeconfig file. * UI: Add exemplar display support to the graphing interface. * Consul SD: Add namespace support for Consul Enterprise.
• Enhancements: * Promtool: Improve test output. * Promtool: Use kahan summation for better numerical stability. * Remote-write: Reuse memory for marshalling. * Scrape: Add scrape_body_size_bytes scrape metric behind the `--enable-feature=extra-scrape-metrics` flag. * TSDB: Add windows arm64 support. * TSDB: Optimize query by skipping unneeded sorting in TSDB. * Templates: Support int and uint as datatypes for template formatting. * UI: Prefer rate over rad, delta over deg, and count over cos in autocomplete. * Azure SD: Add proxy_url, follow_redirects, tls_config. * Backfill: Add `--max-block-duration` in promtool `create-blocks-from` rules. * Config: Print human-readable sizes with unit instead of raw numbers. * HTTP: Re-enable HTTP/2. * Kubernetes SD: Warn user if number of endpoints exceeds limit. * OAuth2: Add TLS configuration to token requests. * PromQL: Several optimizations. * PromQL: Make aggregations deterministic in instant queries. * Rules: Add the ability to limit number of alerts or series. * SD: Experimental discovery manager to avoid restarts upon reload. * UI: Debounce timerange setting changes. * Remote Write: Redact remote write URL when used for metric label. * UI: Redact remote write URL and proxy URL passwords in the /config page. * Scrape: Add --scrape.timestamp-tolerance flag to adjust scrape timestamp tolerance when enabled via `--scrape.adjust-timestamps`. * Remote Write: Improve throughput when sending exemplars. * TSDB: Optimise WAL loading by removing extra map and caching min-time * promtool: Speed up checking for duplicate rules. * Scrape: Reduce allocations when parsing the metrics. * docker_sd: Support host network mode * Reduce blocking of outgoing remote write requests from series garbage collection. * Improve write-ahead-log decoding performance. * Improve append performance in TSDB by reducing mutexes usage. * Allow configuring max_samples_per_send for remote write metadata. * Add `__meta_gce_interface_ipv4_` meta label to GCE discovery. * Add `__meta_ec2_availability_zone_id` meta label to EC2 discovery. * Add `__meta_azure_machine_computer_name` meta label to Azure discovery. * Add `__meta_hetzner_hcloud_labelpresent_` meta label to Hetzner discovery. * promtool: Add compaction efficiency to promtool tsdb analyze reports. * promtool: Allow configuring max block duration for backfilling via `--max-block-duration` flag. * UI: Add sorting and filtering to flags page. * UI: Improve alerts page rendering performance. * Promtool: Allow silencing output when importing / backfilling data. * Consul SD: Support reading tokens from file. * Rules: Add a new .ExternalURL alert field templating variable, containing the external URL of the Prometheus server. * Scrape: Add experimental body_size_limit scrape configuration setting to limit the allowed response body size for target scrapes. * Kubernetes SD: Add ingress class name label for ingress discovery. * UI: Show a startup screen with progress bar when the TSDB is not ready yet. * SD: Add a target creation failure counter `prometheus_target_sync_failed_total` and improve target creation failure handling. * TSDB: Improve validation of exemplar label set length. * TSDB: Add a prometheus_tsdb_clean_start metric that indicates whether a TSDB lockfile from a previous run still existed upon startup.

Maintenance update for SUSE Manager 4.2.5: Server only
This is a codestream only update.

This update for golang-github-prometheus-prometheus fixes the following issues:

• Fix Firewalld configuration file location (bsc#1196300)
• Require Go 1.16+
• Do not build on s390 architecture.

This update for zypp-plugin-spacewalk fixes the following issues:
zypp-plugin-spacewalk:

• Update to version 1.0.12 * use new encoding function if available

This update for helm delivers helm 3.8.0 to the Containers module.

This optional update provides the following changes:

• Provide binaries for non x86_64 architectures directly to SUSE Package Hub.
• There are no visible changes for the final user.
• Affected source packages: gutenprint

This update for tigervnc fixes the following issues:

• Fix rendering on big endian systems (bsc#1177758, bsc#1197119)

This update for openCryptoki fixes the following issues:

• Add a fix to keep support Dilithium mechanism when using an upgraded EP11 library. (bsc#1197396)

This update for e2fsprogs fixes the following issues:

• Add support for 'libreadline7' for Leap. (bsc#1196939)

This update for tomcat fixes the following issues:
Security hardening, related to Spring Framework vulnerabilities:

• Deprecate getResources() and always return null (bsc#1198136).

This update for libinput fixes the following issues:

• CVE-2022-1215: Fixed a format string vulnerability (bsc#1198111).

This update for dnsmasq fixes the following issues:

• CVE-2022-0934: Fixed an invalid memory access that could lead to remote denial of service via crafted packet (bsc#1197872).

This update for dvd+rw-tools fixes the following issues:

• There are no visible changes for the final user: * Make the source building on 15 SP4. (bsc#1197713) * Refresh of exisiting patches.

This update for rpmlint fixes the following issues:

• fix kpmcore, nm-priv and tukitd whitelistings that contained absolute paths instead of only the basenames (bsc#1198521)
• Backport of deepin-api whitelists (bsc#1196681 bsc#1070943)

This update for openldap2 fixes the following issues:

• allow specification of max/min TLS version with TLS1.3 (bsc#1191157)
• libldap was able to be out of step with openldap in some cases which could cause incorrect installations and symbol resolution failures. openldap2 and libldap now are locked to their related release versions. (bsc#1197004)
• restore CLDAP functionality in CLI tools (jsc#PM-3288)

This update for mutt fixes the following issues:

• CVE-2022-1328: Fixed an invalid memory access when reading untrusted uuencoded data. This could result in including private memory in replies (bsc#1198518).

This update for salt fixes the following issues:

• Fix regression preventing bootstrapping new clients caused by redundant dependency on psutil (bsc#1197533)
• Prevent data pollution between actions processed at the same time (bsc#1197637)
• Fix salt-ssh opts poisoning. (bsc#1197637)
• Clear network interfaces cache on grains request. (bsc#1196050)
• Fix Salt-API failure due to an exception from the scheduled SSH-Push Tasks. (bsc#1182851, bsc#1196432)
• Restrict 'state.orchestrate_single' to pass a pillar value if it exists. (bsc#1194632)

This update fixes the following issues:
grafana:

• Update from version 7.5.12 to version 8.3.5 (jsc#SLE-23439, jsc#SLE-23422) + Security: * Fixes XSS vulnerability in handling data sources (bsc#1195726, CVE-2022-21702) * Fixes cross-origin request forgery vulnerability (bsc#1195727, CVE-2022-21703) * Fixes Insecure Direct Object Reference vulnerability in Teams API (bsc#1195728, CVE-2022-21713)
• Update to Go 1.17.
• Add build-time dependency on `wire`.
• Update license to GNU Affero General Public License v3.0.
• Update to version 8.3.4 * GetUserInfo: return an error if no user was found (bsc#1194873, CVE-2022-21673) + Features and enhancements: * Alerting: Allow configuration of non-ready alertmanagers. * Alerting: Allow customization of Google chat message. * AppPlugins: Support app plugins with only default nav. * InfluxDB: query editor: skip fields in metadata queries. * Postgres/MySQL/MSSQL: Cancel in-flight SQL query if user cancels query in grafana. * Prometheus: Forward oauth tokens after prometheus datasource migration. + Bug fixes: * Azure Monitor: Bug fix for variable interpolations in metrics dropdowns. * Azure Monitor: Improved error messages for variable queries. * CloudMonitoring: Fixes broken variable queries that use group bys. * Configuration: You can now see your expired API keys if you have no active ones. * Elasticsearch: Fix handling multiple datalinks for a single field. * Export: Fix error being thrown when exporting dashboards using query variables that reference the default datasource. * ImportDashboard: Fixes issue with importing dashboard and name ending up in uid. * Login: Page no longer overflows on mobile. * Plugins: Set backend metadata property for core plugins. * Prometheus: Fill missing steps with null values. * Prometheus: Fix interpolation of $__rate_interval variable. * Prometheus: Interpolate variables with curly brackets syntax. * Prometheus: Respect the http-method data source setting. * Table: Fixes issue with field config applied to wrong fields when hiding columns. * Toolkit: Fix bug with rootUrls not being properly parsed when signing a private plugin. * Variables: Fix so data source variables are added to adhoc configuration. + Plugin development fixes & changes: * Toolkit: Revert build config so tslib is bundled with plugins to prevent plugins from crashing.
• Update to version 8.3.3: * BarChart: Use new data error view component to show actions in panel edit. * CloudMonitor: Iterate over pageToken for resources. * Macaron: Prevent WriteHeader invalid HTTP status code panic. * AnnoListPanel: Fix interpolation of variables in tags. * CloudWatch: Allow queries to have no dimensions specified. * CloudWatch: Fix broken queries for users migrating from 8.2.4/8.2.5 to 8.3.0. * CloudWatch: Make sure MatchExact flag gets the right value. * Dashboards: Fix so that empty folders can be deleted from the manage dashboards/folders page. * InfluxDB: Improve handling of metadata query errors in InfluxQL. * Loki: Fix adding of ad hoc filters for queries with parser and line_format expressions. * Prometheus: Fix running of exemplar queries for non-histogram metrics. * Prometheus: Interpolate template variables in interval. * StateTimeline: Fix toolitp not showing when for frames with multiple fields. * TraceView: Fix virtualized scrolling when trace view is opened in right pane in Explore. * Variables: Fix repeating panels for on time range changed variables. * Variables: Fix so queryparam option works for scoped
• Update to version 8.3.2 + Security: Fixes CVE-2021-43813 and CVE-2021-43815.
• Update to version 8.3.1 + Security: Fixes CVE-2021-43798.
• Update to version 8.3.0 * Alerting: Prevent folders from being deleted when they contain alerts. * Alerting: Show full preview value in tooltip. * BarGauge: Limit title width when name is really long. * CloudMonitoring: Avoid to escape regexps in filters. * CloudWatch: Add support for AWS Metric Insights. * TooltipPlugin: Remove other panels' shared tooltip in edit panel. * Visualizations: Limit y label width to 40% of visualization width. * Alerting: Clear alerting rule evaluation errors after intermittent failures. * Alerting: Fix refresh on legacy Alert List panel. * Dashboard: Fix queries for panels with non-integer widths. * Explore: Fix url update inconsistency. * Prometheus: Fix range variables interpolation for time ranges smaller than 1 second. * ValueMappings: Fixes issue with regex value mapping that only sets color.
• Update to version 8.3.0-beta2 + Breaking changes: * Grafana 8 Alerting enabled by default for installations that do not use legacy alerting. * Keep Last State for 'If execution error or timeout' when upgrading to Grafana 8 alerting. * Alerting: Create DatasourceError alert if evaluation returns error. * Alerting: Make Unified Alerting enabled by default for those who do not use legacy alerting. * Alerting: Support mute timings configuration through the api for the embedded alert manager. * CloudWatch: Add missing AWS/Events metrics. * Docs: Add easier to find deprecation notices to certain data sources and to the changelog. * Plugins Catalog: Enable install controls based on the pluginAdminEnabled flag. * Table: Add space between values for the DefaultCell and JSONViewCell. * Tracing: Make query editors available in dashboard for Tempo and Zipkin. * AccessControl: Renamed orgs roles, removed fixed:orgs:reader introduced in beta1. * Azure Monitor: Add trap focus for modals in grafana/ui and other small a11y fixes for Azure Monitor. * CodeEditor: Prevent suggestions from being clipped. * Dashboard: Fix cache timeout persistence. * Datasource: Fix stable sort order of query responses. * Explore: Fix error in query history when removing last item. * Logs: Fix requesting of older logs when flipped order. * Prometheus: Fix running of health check query based on access mode. * TextPanel: Fix suggestions for existing panels. * Tracing: Fix incorrect indentations due to reoccurring spanIDs. * Tracing: Show start time of trace with milliseconds precision. * Variables: Make renamed or missing variable section expandable. * Select: Select menus now properly scroll during keyboard navigation.
• Update to version 8.3.0-beta1 * Alerting: Add UI for contact point testing with custom annotations and labels. * Alerting: Make alert state indicator in panel header work with Grafana 8 alerts. * Alerting: Option for Discord notifier to use webhook name. * Annotations: Deprecate AnnotationsSrv. * Auth: Omit all base64 paddings in JWT tokens for the JWT auth. * Azure Monitor: Clean up fields when editing Metrics. * AzureMonitor: Add new starter dashboards. * AzureMonitor: Add starter dashboard for app monitoring with Application Insights. * Barchart/Time series: Allow x axis label. * CLI: Improve error handling for installing plugins. * CloudMonitoring: Migrate to use backend plugin SDK contracts. * CloudWatch Logs: Add retry strategy for hitting max concurrent queries. * CloudWatch: Add AWS RoboMaker metrics and dimension. * CloudWatch: Add AWS Transfer metrics and dimension. * Dashboard: replace datasource name with a reference object. * Dashboards: Show logs on time series when hovering. * Elasticsearch: Add support for Elasticsearch 8.0 (Beta). * Elasticsearch: Add time zone setting to Date Histogram aggregation. * Elasticsearch: Enable full range log volume histogram. * Elasticsearch: Full range logs volume. * Explore: Allow changing the graph type. * Explore: Show ANSI colors when highlighting matched words in the logs panel. * Graph(old) panel: Listen to events from Time series panel. * Import: Load gcom dashboards from URL. * LibraryPanels: Improves export and import of library panels between orgs. * OAuth: Support PKCE. * Panel edit: Overrides now highlight correctly when searching. * PanelEdit: Display drag indicators on draggable sections. * Plugins: Refactor Plugin Management. * Prometheus: Add custom query parameters when creating PromLink url. * Prometheus: Remove limits on metrics, labels, and values in Metrics Browser. * StateTimeline: Share cursor with rest of the panels. * Tempo: Add error details when json upload fails. * Tempo: Add filtering for service graph query. * Tempo: Add links to nodes in Service Graph pointing to Prometheus metrics. * Time series/Bar chart panel: Add ability to sort series via legend. * TimeSeries: Allow multiple axes for the same unit. * TraceView: Allow span links defined on dataFrame. * Transformations: Support a rows mode in labels to fields. * ValueMappings: Don't apply field config defaults to time fields. * Variables: Only update panels that are impacted by variable change. * API: Fix dashboard quota limit for imports. * Alerting: Fix rule editor issues with Azure Monitor data source. * Azure monitor: Make sure alert rule editor is not enabled when template variables are being used. * CloudMonitoring: Fix annotation queries. * CodeEditor: Trigger the latest getSuggestions() passed to CodeEditor. * Dashboard: Remove the current panel from the list of options in the Dashboard datasource. * Encryption: Fix decrypting secrets in alerting migration. * InfluxDB: Fix corner case where index is too large in ALIAS * NavBar: Order App plugins alphabetically. * NodeGraph: Fix zooming sensitivity on touchpads. * Plugins: Add OAuth pass-through logic to api/ds/query endpoint. * Snapshots: Fix panel inspector for snapshot data. * Tempo: Fix basic auth password reset on adding tag. * ValueMapping: Fixes issue with regex mappings. * grafana/ui: Enable slider marks display.
• Update to version 8.2.7
• Update to version 8.2.6 * Security: Upgrade Docker base image to Alpine 3.14.3. * Security: Upgrade Go to 1.17.2. * TimeSeries: Fix fillBelowTo wrongly affecting fills of unrelated series.
• Update to version 8.2.5 * Fix No Data behaviour in Legacy Alerting. * Alerting: Fix a bug where the metric in the evaluation string was not correctly populated. * Alerting: Fix no data behaviour in Legacy Alerting for alert rules using the AND operator. * CloudMonitoring: Ignore min and max aggregation in MQL queries. * Dashboards: 'Copy' is no longer added to new dashboard titles. * DataProxy: Fix overriding response body when response is a WebSocket upgrade. * Elasticsearch: Use field configured in query editor as field for date_histogram aggregations. * Explore: Fix running queries without a datasource property set. * InfluxDB: Fix numeric aliases in queries. * Plugins: Ensure consistent plugin settings list response. * Tempo: Fix validation of float durations. * Tracing: Correct tags for each span are shown.
• Update to version 8.2.4 + Security: Fixes CVE-2021-41244.
• Update to version 8.2.3 + Security: Fixes CVE-2021-41174.
• Update to version 8.2.2 * Annotations: We have improved tag search performance. * Application: You can now configure an error-template title. * AzureMonitor: We removed a restriction from the resource filter query. * Packaging: We removed the ProcSubset option in systemd. This option prevented Grafana from starting in LXC environments. * Prometheus: We removed the autocomplete limit for metrics. * Table: We improved the styling of the type icons to make them more distinct from column / field name. * ValueMappings: You can now use value mapping in stat, gauge, bar gauge, and pie chart visualizations. * Alerting: Fix panic when Slack's API sends unexpected response. * Alerting: The Create Alert button now appears on the dashboard panel when you are working with a default datasource. * Explore: We fixed the problem where the Explore log panel disappears when an Elasticsearch logs query returns no results. * Graph: You can now see annotation descriptions on hover. * Logs: The system now uses the JSON parser only if the line is parsed to an object. * Prometheus: We fixed the issue where the system did not reuse TCP connections when querying from Grafana alerting. * Prometheus: We fixed the problem that resulted in an error when a user created a query with a $__interval min step. * RowsToFields: We fixed the issue where the system was not properly interpreting number values. * Scale: We fixed how the system handles NaN percent when data min = data max. * Table panel: You can now create a filter that includes special characters.
• Update to version 8.2.1 * Dashboard: Fix rendering of repeating panels. * Datasources: Fix deletion of data source if plugin is not found. * Packaging: Remove systemcallfilters sections from systemd unit files. * Prometheus: Add Headers to HTTP client options.
• Update to version 8.2.0 * AWS: Updated AWS authentication documentation. * Alerting: Added support Alertmanager data source for upstream Prometheus AM implementation. * Alerting: Allows more characters in label names so notifications are sent. * Alerting: Get alert rules for a dashboard or a panel using /api/v1/rules endpoints. * Annotations: Improved rendering performance of event markers. * CloudWatch Logs: Skip caching for log queries. * Explore: Added an opt-in configuration for Node Graph in Jaeger, Zipkin, and Tempo. * Packaging: Add stricter systemd unit options. * Prometheus: Metrics browser can now handle label values with * CodeEditor: Ensure that we trigger the latest onSave callback provided to the component. * DashboardList/AlertList: Fix for missing All folder value. * Plugins: Create a mock icon component to prevent console errors.
• Update to version 8.2.0-beta2 * AccessControl: Document new permissions restricting data source access. * TimePicker: Add fiscal years and search to time picker. * Alerting: Added support for Unified Alerting with Grafana HA. * Alerting: Added support for tune rule evaluation using configuration options. * Alerting: Cleanups alertmanager namespace from key-value store when disabling Grafana 8 alerts. * Alerting: Remove ngalert feature toggle and introduce two new settings for enabling Grafana 8 alerts and disabling them for specific organisations. * CloudWatch: Introduced new math expression where it is necessary to specify the period field. * InfluxDB: Added support for $__interval and $__interval_ms in Flux queries for alerting. * InfluxDB: Flux queries can use more precise start and end timestamps with nanosecond-precision. * Plugins Catalog: Make the catalog the default way to interact with plugins. * Prometheus: Removed autocomplete limit for metrics. * Alerting: Fixed an issue where the edit page crashes if you tried to preview an alert without a condition set. * Alerting: Fixed rules migration to keep existing Grafana 8 alert rules. * Alerting: Fixed the silence file content generated during * Analytics: Fixed an issue related to interaction event propagation in Azure Application Insights. * BarGauge: Fixed an issue where the cell color was lit even though there was no data. * BarGauge: Improved handling of streaming data. * CloudMonitoring: Fixed INT64 label unmarshal error. * ConfirmModal: Fixes confirm button focus on modal open. * Dashboard: Add option to generate short URL for variables with values containing spaces. * Explore: No longer hides errors containing refId property. * Fixed an issue that produced State timeline panel tooltip error when data was not in sync. * InfluxDB: InfluxQL query editor is set to always use resultFormat. * Loki: Fixed creating context query for logs with parsed labels. * PageToolbar: Fixed alignment of titles. * Plugins Catalog: Update to the list of available panels after an install, update or uninstall. * TimeSeries: Fixed an issue where the shared cursor was not showing when hovering over in old Graph panel. * Variables: Fixed issues related to change of focus or refresh pages when pressing enter in a text box variable input. * Variables: Panel no longer crash when using the adhoc variable in data links.
• Update to version 8.2.0-beta1 * AccessControl: Introduce new permissions to restrict access for reloading provisioning configuration. * Alerting: Add UI to edit Cortex/Loki namespace, group names, and group evaluation interval. * Alerting: Add a Test button to test contact point. * Alerting: Allow creating/editing recording rules for Loki and Cortex. * Alerting: Metrics should have the label org instead of user. * Alerting: Sort notification channels by name to make them easier to locate. * Alerting: Support org level isolation of notification * AzureMonitor: Add data links to deep link to Azure Portal Azure Resource Graph. * AzureMonitor: Add support for annotations from Azure Monitor Metrics and Azure Resource Graph services. * AzureMonitor: Show error message when subscriptions request fails in ConfigEditor. * Chore: Update to Golang 1.16.7. * CloudWatch Logs: Add link to X-Ray data source for trace IDs in logs. * CloudWatch Logs: Disable query path using websockets (Live) feature. * CloudWatch/Logs: Don't group dataframes for non time series * Cloudwatch: Migrate queries that use multiple stats to one query per stat. * Dashboard: Keep live timeseries moving left (v2). * Datasources: Introduce response_limit for datasource responses. * Explore: Add filter by trace or span ID to trace to logs * Explore: Download traces as JSON in Explore Inspector. * Explore: Reuse Dashboard's QueryRows component. * Explore: Support custom display label for derived fields buttons for Loki datasource. * Grafana UI: Update monaco-related dependencies. * Graphite: Deprecate browser access mode. * InfluxDB: Improve handling of intervals in alerting. * InfluxDB: InfluxQL query editor: Handle unusual characters in tag values better. * Jaeger: Add ability to upload JSON file for trace data. * LibraryElements: Enable specifying UID for new and existing library elements. * LibraryPanels: Remove library panel icon from the panel header so you can no longer tell that a panel is a library panel from the dashboard view. * Logs panel: Scroll to the bottom on page refresh when sorting in ascending order. * Loki: Add fuzzy search to label browser. * Navigation: Implement active state for items in the Sidemenu. * Packaging: Update PID file location from /var/run to /run. * Plugins: Add Hide OAuth Forward config option. * Postgres/MySQL/MSSQL: Add setting to limit the maximum number of rows processed. * Prometheus: Add browser access mode deprecation warning. * Prometheus: Add interpolation for built-in-time variables to backend. * Tempo: Add ability to upload trace data in JSON format. * TimeSeries/XYChart: Allow grid lines visibility control in XYChart and TimeSeries panels. * Transformations: Convert field types to time string number or boolean. * Value mappings: Add regular-expression based value mapping. * Zipkin: Add ability to upload trace JSON. * Admin: Prevent user from deleting user's current/active organization. * LibraryPanels: Fix library panel getting saved in the dashboard's folder. * OAuth: Make generic teams URL and JMES path configurable. * QueryEditor: Fix broken copy-paste for mouse middle-click * Thresholds: Fix undefined color in 'Add threshold'. * Timeseries: Add wide-to-long, and fix multi-frame output. * TooltipPlugin: Fix behavior of Shared Crosshair when Tooltip is set to All. * Grafana UI: Fix TS error property css is missing in type.
• Update to version 8.1.8
• Update to version 8.1.7 * Alerting: Fix alerts with evaluation interval more than 30 seconds resolving before notification. * Elasticsearch/Prometheus: Fix usage of proper SigV4 service namespace.
• Update to version 8.1.6 + Security: Fixes CVE-2021-39226.
• Update to version 8.1.5 * BarChart: Fixes panel error that happens on second refresh.
• Update to version 8.1.4 + Features and enhancements * Explore: Ensure logs volume bar colors match legend colors. * LDAP: Search all DNs for users. * Alerting: Fix notification channel migration. * Annotations: Fix blank panels for queries with unknown data sources. * BarChart: Fix stale values and x axis labels. * Graph: Make old graph panel thresholds work even if ngalert is enabled. * InfluxDB: Fix regex to identify / as separator. * LibraryPanels: Fix update issues related to library panels in rows. * Variables: Fix variables not updating inside a Panel when the preceding Row uses 'Repeat For'.
• Update to version 8.1.3 + Bug fixes * Alerting: Fix alert flapping in the internal alertmanager. * Alerting: Fix request handler failed to convert dataframe 'results' to plugins.DataTimeSeriesSlice: input frame is not recognized as a time series. * Dashboard: Fix UIDs are not preserved when importing/creating dashboards thru importing .json file. * Dashboard: Forces panel re-render when exiting panel edit. * Dashboard: Prevent folder from changing when navigating to general settings. * Docker: Force use of libcrypto1.1 and libssl1.1 versions to fix CVE-2021-3711. * Elasticsearch: Fix metric names for alert queries. * Elasticsearch: Limit Histogram field parameter to numeric values. * Elasticsearch: Prevent pipeline aggregations to show up in terms order by options. * LibraryPanels: Prevent duplicate repeated panels from being created. * Loki: Fix ad-hoc filter in dashboard when used with parser. * Plugins: Track signed files + add warn log for plugin assets which are not signed. * Postgres/MySQL/MSSQL: Fix region annotations not displayed correctly. * Prometheus: Fix validate selector in metrics browser. * Security: Fix stylesheet injection vulnerability. * Security: Fix short URL vulnerability.
• Update to version 8.1.2 * AzureMonitor: Add support for PostgreSQL and MySQL Flexible Servers. * Datasource: Change HTTP status code for failed datasource health check to 400. * Explore: Add span duration to left panel in trace viewer. * Plugins: Use file extension allowlist when serving plugin assets instead of checking for UNIX executable. * Profiling: Add support for binding pprof server to custom network interfaces. * Search: Make search icon keyboard navigable. * Template variables: Keyboard navigation improvements. * Tooltip: Display ms within minute time range. * Alerting: Fix saving LINE contact point. * Annotations: Fix alerting annotation coloring. * Annotations: Alert annotations are now visible in the correct Panel. * Auth: Hide SigV4 config UI and disable middleware when its config flag is disabled. * Dashboard: Prevent incorrect panel layout by comparing window width against theme breakpoints. * Explore: Fix showing of full log context. * PanelEdit: Fix 'Actual' size by passing the correct panel size to Dashboard. * Plugins: Fix TLS datasource settings. * Variables: Fix issue with empty drop downs on navigation. * Variables: Fix URL util converting false into true. * Toolkit: Fix matchMedia not found error.
• Update to version 8.1.1 * CloudWatch Logs: Fix crash when no region is selected.
• Update to version 8.1.0 * Alerting: Deduplicate receivers during migration. * ColorPicker: Display colors as RGBA. * Select: Make portalling the menu opt-in, but opt-in everywhere. * TimeRangePicker: Improve accessibility. * Annotations: Correct annotations that are displayed upon page refresh. * Annotations: Fix Enabled button that disappeared from Grafana v8.0.6. * Annotations: Fix data source template variable that was not available for annotations. * AzureMonitor: Fix annotations query editor that does not load. * Geomap: Fix scale calculations. * GraphNG: Fix y-axis autosizing. * Live: Display stream rate and fix duplicate channels in list * Loki: Update labels in log browser when time range changes in dashboard. * NGAlert: Send resolve signal to alertmanager on alerting -> Normal. * PasswordField: Prevent a password from being displayed when you click the Enter button. * Renderer: Remove debug.log file when Grafana is stopped. * Security: Update dependencies to fix CVE-2021-36222.
• Update to version 8.1.0-beta3 * Alerting: Support label matcher syntax in alert rule list filter. * IconButton: Put tooltip text as aria-label. * Live: Experimental HA with Redis. * UI: FileDropzone component. * CloudWatch: Add AWS LookoutMetrics. * Docker: Fix builds by delaying go mod verify until all required files are copied over. * Exemplars: Fix disable exemplars only on the query that failed. * SQL: Fix SQL dataframe resampling (fill mode + time intervals).
• Update to version 8.1.0-beta2 * Alerting: Expand the value string in alert annotations and * Auth: Add Azure HTTP authentication middleware. * Auth: Auth: Pass user role when using the authentication proxy. * Gazetteer: Update countries.json file to allow for linking to 3-letter country codes. * Config: Fix Docker builds by correcting formatting in sample.ini. * Explore: Fix encoding of internal URLs.
• Update to version 8.1.0-beta1 * Alerting: Add Alertmanager notifications tab. * Alerting: Add button to deactivate current Alertmanager * Alerting: Add toggle in Loki/Prometheus data source configuration to opt out of alerting UI. * Alerting: Allow any 'evaluate for' value >=0 in the alert rule form. * Alerting: Load default configuration from status endpoint, if Cortex Alertmanager returns empty user configuration. * Alerting: view to display alert rule and its underlying data. * Annotation panel: Release the annotation panel. * Annotations: Add typeahead support for tags in built-in annotations. * AzureMonitor: Add curated dashboards for Azure services. * AzureMonitor: Add support for deep links to Microsoft Azure portal for Metrics. * AzureMonitor: Remove support for different credentials for Azure Monitor Logs. * AzureMonitor: Support querying any Resource for Logs queries. * Elasticsearch: Add frozen indices search support. * Elasticsearch: Name fields after template variables values instead of their name. * Elasticsearch: add rate aggregation. * Email: Allow configuration of content types for email notifications. * Explore: Add more meta information when line limit is hit. * Explore: UI improvements to trace view. * FieldOverrides: Added support to change display name in an override field and have it be matched by a later rule. * HTTP Client: Introduce dataproxy_max_idle_connections config variable. * InfluxDB: InfluxQL: adds tags to timeseries data. * InfluxDB: InfluxQL: make measurement search case insensitive. Legacy Alerting: Replace simplejson with a struct in webhook notification channel. * Legend: Updates display name for Last (not null) to just Last*. * Logs panel: Add option to show common labels. * Loki: Add $__range variable. * Loki: Add support for 'label_values(log stream selector, label)' in templating. * Loki: Add support for ad-hoc filtering in dashboard. * MySQL Datasource: Add timezone parameter. * NodeGraph: Show gradient fields in legend. * PanelOptions: Don't mutate panel options/field config object when updating. * PieChart: Make pie gradient more subtle to match other charts. * Prometheus: Update PromQL typeahead and highlighting. * Prometheus: interpolate variable for step field. * Provisioning: Improve validation by validating across all dashboard providers. * SQL Datasources: Allow multiple string/labels columns with time series. * Select: Portal select menu to document.body. * Team Sync: Add group mapping to support team sync in the Generic OAuth provider. * Tooltip: Make active series more noticeable. * Tracing: Add support to configure trace to logs start and end time. * Transformations: Skip merge when there is only a single data frame. * ValueMapping: Added support for mapping text to color, boolean values, NaN and Null. Improved UI for value mapping. * Visualizations: Dynamically set any config (min, max, unit, color, thresholds) from query results. * live: Add support to handle origin without a value for the port when matching with root_url. * Alerting: Handle marshaling Inf values. * AzureMonitor: Fix macro resolution for template variables. * AzureMonitor: Fix queries with Microsoft.NetApp/../../volumes resources. * AzureMonitor: Request and concat subsequent resource pages. * Bug: Fix parse duration for day. * Datasources: Improve error handling for error messages. * Explore: Correct the functionality of shift-enter shortcut across all uses. * Explore: Show all dataFrames in data tab in Inspector. * GraphNG: Fix Tooltip mode 'All' for XYChart. * Loki: Fix highlight of logs when using filter expressions with backticks. * Modal: Force modal content to overflow with scroll. * Plugins: Ignore symlinked folders when verifying plugin signature. * Toolkit: Improve error messages when tasks fail.
• Update to version 8.0.7
• Update to version 8.0.6 * Alerting: Add annotation upon alert state change. * Alerting: Allow space in label and annotation names. * InfluxDB: Improve legend labels for InfluxDB query results. * Alerting: Fix improper alert by changing the handling of empty labels. * CloudWatch/Logs: Reestablish Cloud Watch alert behavior. * Dashboard: Avoid migration breaking on fieldConfig without defaults field in folded panel. * DashboardList: Fix issue not re-fetching dashboard list after variable change. * Database: Fix incorrect format of isolation level configuration parameter for MySQL. * InfluxDB: Correct tag filtering on InfluxDB data. * Links: Fix links that caused a full page reload. * Live: Fix HTTP error when InfluxDB metrics have an incomplete or asymmetrical field set. * Postgres/MySQL/MSSQL: Change time field to 'Time' for time series queries. * Postgres: Fix the handling of a null return value in query * Tempo: Show hex strings instead of uints for IDs. * TimeSeries: Improve tooltip positioning when tooltip overflows. * Transformations: Add 'prepare time series' transformer.
• Update to version 8.0.5 * Cloudwatch Logs: Send error down to client. * Folders: Return 409 Conflict status when folder already exists. * TimeSeries: Do not show series in tooltip if it's hidden in the viz. * AzureMonitor: Fix issue where resource group name is missing on the resource picker button. * Chore: Fix AWS auth assuming role with workspace IAM. * DashboardQueryRunner: Fixes unrestrained subscriptions being * DateFormats: Fix reading correct setting key for use_browser_locale. * Links: Fix links to other apps outside Grafana when under sub path. * Snapshots: Fix snapshot absolute time range issue. * Table: Fix data link color. * Time Series: Fix X-axis time format when tick increment is larger than a year. * Tooltip Plugin: Prevent tooltip render if field is undefined.
• Update to version 8.0.4 * Live: Rely on app url for origin check. * PieChart: Sort legend descending, update placeholder. * TimeSeries panel: Do not reinitialize plot when thresholds mode change. * Elasticsearch: Allow case sensitive custom options in date_histogram interval. * Elasticsearch: Restore previous field naming strategy when using variables. * Explore: Fix import of queries between SQL data sources. * InfluxDB: InfluxQL query editor: fix retention policy handling. * Loki: Send correct time range in template variable queries. * TimeSeries: Preserve RegExp series overrides when migrating from old graph panel.
• Update to version 8.0.3 * Alerting: Increase alertmanager_conf column if MySQL. * Time series/Bar chart panel: Handle infinite numbers as nulls when converting to plot array. * TimeSeries: Ensure series overrides that contain color are migrated, and migrate the previous fieldConfig when changing the panel type. * ValueMappings: Improve singlestat value mappings migration. * Annotations: Fix annotation line and marker colors. * AzureMonitor: Fix KQL template variable queries without default workspace. * CloudWatch/Logs: Fix missing response data for log queries. * LibraryPanels: Fix crash in library panels list when panel plugin is not found. * LogsPanel: Fix performance drop when moving logs panel in * Loki: Parse log levels when ANSI coloring is enabled. * MSSQL: Fix issue with hidden queries still being executed. * PanelEdit: Display the VisualizationPicker that was not displayed if a panel has an unknown panel plugin. * Plugins: Fix loading symbolically linked plugins. * Prometheus: Fix issue where legend name was replaced with name Value in stat and gauge panels. * State Timeline: Fix crash when hovering over panel.
• Update to version 8.0.2 * Datasource: Add support for max_conns_per_host in dataproxy settings. * Configuration: Fix changing org preferences in FireFox. * PieChart: Fix legend dimension limits. * Postgres/MySQL/MSSQL: Fix panic in concurrent map writes. * Variables: Hide default data source if missing from regex.
• Update to version 8.0.1 * Alerting/SSE: Fix 'count_non_null' reducer validation. * Cloudwatch: Fix duplicated time series. * Cloudwatch: Fix missing defaultRegion. * Dashboard: Fix Dashboard init failed error on dashboards with old singlestat panels in collapsed rows. * Datasource: Fix storing timeout option as numeric. * Postgres/MySQL/MSSQL: Fix annotation parsing for empty * Postgres/MySQL/MSSQL: Numeric/non-string values are now returned from query variables. * Postgres: Fix an error that was thrown when the annotation query did not return any results. * StatPanel: Fix an issue with the appearance of the graph when switching color mode. * Visualizations: Fix an issue in the Stat/BarGauge/Gauge/PieChart panels where all values mode were showing the same name if they had the same value. * Toolkit: Resolve external fonts when Grafana is served from a sub path.
• Update to version 8.0.0 * The following endpoints were deprecated for Grafana v5.0 and support for them has now been removed: GET /dashboards/db/:slug GET /dashboard-solo/db/:slug GET /api/dashboard/db/:slug DELETE /api/dashboards/db/:slug * AzureMonitor: Require default subscription for workspaces() template variable query. * AzureMonitor: Use resource type display names in the UI. * Dashboard: Remove support for loading and deleting dashboard by slug. * InfluxDB: Deprecate direct browser access in data source. * VizLegend: Add a read-only property. * AzureMonitor: Fix Azure Resource Graph queries in Azure China. * Checkbox: Fix vertical layout issue with checkboxes due to fixed height. * Dashboard: Fix Table view when editing causes the panel data to not update. * Dashboard: Fix issues where unsaved-changes warning is not displayed. * Login: Fixes Unauthorized message showing when on login page or snapshot page. * NodeGraph: Fix sorting markers in grid view. * Short URL: Include orgId in generated short URLs. * Variables: Support raw values of boolean type.
• Update to version 8.0.0-beta3 * The default HTTP method for Prometheus data source is now POST. * API: Support folder UID in dashboards API. * Alerting: Add support for configuring avatar URL for the Discord notifier. * Alerting: Clarify that Threema Gateway Alerts support only Basic IDs. * Azure: Expose Azure settings to external plugins. * AzureMonitor: Deprecate using separate credentials for Azure Monitor Logs. * AzureMonitor: Display variables in resource picker for Azure * AzureMonitor: Hide application insights for data sources not using it. * AzureMonitor: Support querying subscriptions and resource groups in Azure Monitor Logs. * AzureMonitor: remove requirement for default subscription. * CloudWatch: Add Lambda@Edge Amazon CloudFront metrics. * CloudWatch: Add missing AWS AppSync metrics. * ConfirmModal: Auto focus delete button. * Explore: Add caching for queries that are run from logs * Loki: Add formatting for annotations. * Loki: Bring back processed bytes as meta information. * NodeGraph: Display node graph collapsed by default with trace view. * Overrides: Include a manual override option to hide something from visualization. * PieChart: Support row data in pie charts. * Prometheus: Update default HTTP method to POST for existing data sources. * Time series panel: Position tooltip correctly when window is scrolled or resized. * Admin: Fix infinite loading edit on the profile page. * Color: Fix issues with random colors in string and date * Dashboard: Fix issue with title or folder change has no effect after exiting settings view. * DataLinks: Fix an issue __series.name is not working in data link. * Datasource: Fix dataproxy timeout should always be applied for outgoing data source HTTP requests. * Elasticsearch: Fix NewClient not passing httpClientProvider to client impl. * Explore: Fix Browser title not updated on Navigation to Explore. * GraphNG: Remove fieldName and hideInLegend properties from UPlotSeriesBuilder. * OAuth: Fix fallback to auto_assign_org_role setting for Azure AD OAuth when no role claims exists. * PanelChrome: Fix issue with empty panel after adding a non data panel and coming back from panel edit. * StatPanel: Fix data link tooltip not showing for single value. * Table: Fix sorting for number fields. * Table: Have text underline for datalink, and add support for image datalink. * Transformations: Prevent FilterByValue transform from crashing panel edit.
• Update to version 8.0.0-beta2 * AppPlugins: Expose react-router to apps. * AzureMonitor: Add Azure Resource Graph. * AzureMonitor: Managed Identity configuration UI. * AzureMonitor: Token provider with support for Managed Identities. * AzureMonitor: Update Logs workspace() template variable query to return resource URIs. * BarChart: Value label sizing. * CloudMonitoring: Add support for preprocessing. * CloudWatch: Add AWS/EFS StorageBytes metric. * CloudWatch: Allow use of missing AWS namespaces using custom * Datasource: Shared HTTP client provider for core backend data sources and any data source using the data source proxy. * InfluxDB: InfluxQL: allow empty tag values in the query editor. * Instrumentation: Instrument incoming HTTP request with histograms by default. * Library Panels: Add name endpoint & unique name validation to AddLibraryPanelModal. * Logs panel: Support details view. * PieChart: Always show the calculation options dropdown in the * PieChart: Remove beta flag. * Plugins: Enforce signing for all plugins. * Plugins: Remove support for deprecated backend plugin protocol version. * Tempo/Jaeger: Add better display name to legend. * Timeline: Add time range zoom. * Timeline: Adds opacity & line width option. * Timeline: Value text alignment option. * ValueMappings: Add duplicate action, and disable dismiss on backdrop click. * Zipkin: Add node graph view to trace response. * Annotations panel: Remove subpath from dashboard links. * Content Security Policy: Allow all image sources by default. * Content Security Policy: Relax default template wrt. loading of scripts, due to nonces not working. * Datasource: Fix tracing propagation for alert execution by introducing HTTP client outgoing tracing middleware. * InfluxDB: InfluxQL always apply time interval end. * Library Panels: Fixes 'error while loading library panels'. * NewsPanel: Fixes rendering issue in Safari. * PanelChrome: Fix queries being issued again when scrolling in and out of view. * Plugins: Fix Azure token provider cache panic and auth param nil value. * Snapshots: Fix key and deleteKey being ignored when creating an external snapshot. * Table: Fix issue with cell border not showing with colored background cells. * Table: Makes tooltip scrollable for long JSON values. * TimeSeries: Fix for Connected null values threshold toggle during panel editing. * Variables: Fixes inconsistent selected states on dashboard * Variables: Refreshes all panels even if panel is full screen. * QueryField: Remove carriage return character from pasted text.
• Update to version 8.0.0-beta1 + License update: * AGPL License: Update license from Apache 2.0 to the GNU Affero General Public License (AGPL). * Removes the never refresh option for Query variables. * Removes the experimental Tags feature for Variables. + Deprecations: * The InfoBox & FeatureInfoBox are now deprecated please use the Alert component instead with severity info. * API: Add org users with pagination. * API: Return 404 when deleting nonexistent API key. * API: Return query results as JSON rather than base64 encoded Arrow. * Alerting: Allow sending notification tags to Opsgenie as extra properties. * Alerts: Replaces all uses of InfoBox & FeatureInfoBox with Alert. * Auth: Add support for JWT Authentication. * AzureMonitor: Add support for Microsoft.SignalRService/SignalR metrics. * AzureMonitor: Azure settings in Grafana server config. * AzureMonitor: Migrate Metrics query editor to React. * BarChart panel: enable series toggling via legend. * BarChart panel: Adds support for Tooltip in BarChartPanel. * PieChart panel: Change look of highlighted pie slices. * CloudMonitoring: Migrate config editor from angular to react. * CloudWatch: Add Amplify Console metrics and dimensions. * CloudWatch: Add missing Redshift metrics to CloudWatch data * CloudWatch: Add metrics for managed RabbitMQ service. * DashboardList: Enable templating on search tag input. * Datasource config: correctly remove single custom http header. * Elasticsearch: Add generic support for template variables. * Elasticsearch: Allow omitting field when metric supports inline script. * Elasticsearch: Allow setting a custom limit for log queries. * Elasticsearch: Guess field type from first non-empty value. * Elasticsearch: Use application/x-ndjson content type for multisearch requests. * Elasticsearch: Use semver strings to identify ES version. * Explore: Add logs navigation to request more logs. * Explore: Map Graphite queries to Loki. * Explore: Scroll split panes in Explore independently. * Explore: Wrap each panel in separate error boundary. * FieldDisplay: Smarter naming of stat values when visualising row values (all values) in stat panels. * Graphite: Expand metric names for variables. * Graphite: Handle unknown Graphite functions without breaking the visual editor. * Graphite: Show graphite functions descriptions. * Graphite: Support request cancellation properly (Uses new backendSrv.fetch Observable request API). * InfluxDB: Flux: Improve handling of complex response-structures. * InfluxDB: Support region annotations. * Inspector: Download logs for manual processing. * Jaeger: Add node graph view for trace. * Jaeger: Search traces. * Loki: Use data source settings for alerting queries. * NodeGraph: Exploration mode. * OAuth: Add support for empty scopes. * PanelChrome: New logic-less emotion based component with no dependency on PanelModel or DashboardModel. * PanelEdit: Adds a table view toggle to quickly view data in table form. * PanelEdit: Highlight matched words when searching options. * PanelEdit: UX improvements. * Plugins: PanelRenderer and simplified QueryRunner to be used from plugins. * Plugins: AuthType in route configuration and params interpolation. * Plugins: Enable plugin runtime install/uninstall capabilities. * Plugins: Support set body content in plugin routes. * Plugins: Introduce marketplace app. * Plugins: Moving the DataSourcePicker to grafana/runtime so it can be reused in plugins. * Prometheus: Add custom query params for alert and exemplars * Prometheus: Use fuzzy string matching to autocomplete metric names and label. * Routing: Replace Angular routing with react-router. * Slack: Use chat.postMessage API by default. * Tempo: Search for Traces by querying Loki directly from Tempo. * Tempo: Show graph view of the trace. * Themes: Switch theme without reload using global shortcut. * TimeSeries panel: Add support for shared cursor. * TimeSeries panel: Do not crash the panel if there is no time series data in the response. * Variables: Do not save repeated panels, rows and scopedVars. * Variables: Removes experimental Tags feature. * Variables: Removes the never refresh option. * Visualizations: Unify tooltip options across visualizations. * Visualizations: Refactor and unify option creation between new visualizations. * Visualizations: Remove singlestat panel. * APIKeys: Fixes issue with adding first api key. * Alerting: Add checks for non supported units - disable defaulting to seconds. * Alerting: Fix issue where Slack notifications won't link to user IDs. * Alerting: Omit empty message in PagerDuty notifier. * AzureMonitor: Fix migration error from older versions of App Insights queries. * CloudWatch: Fix AWS/Connect dimensions. * CloudWatch: Fix broken AWS/MediaTailor dimension name. * Dashboards: Allow string manipulation as advanced variable format option. * DataLinks: Includes harmless extended characters like Cyrillic characters. * Drawer: Fixes title overflowing its container. * Explore: Fix issue when some query errors were not shown. * Generic OAuth: Prevent adding duplicated users. * Graphite: Handle invalid annotations. * Graphite: Fix autocomplete when tags are not available. * InfluxDB: Fix Cannot read property 'length' of undefined in when parsing response. * Instrumentation: Enable tracing when Jaeger host and port are * Instrumentation: Prefix metrics with grafana. * MSSQL: By default let driver choose port. * OAuth: Add optional strict parsing of role_attribute_path. * Panel: Fixes description markdown with inline code being rendered on newlines and full width. * PanelChrome: Ignore data updates & errors for non data panels. * Permissions: Fix inherited folder permissions can prevent new permissions being added to a dashboard. * Plugins: Remove pre-existing plugin installs when installing with grafana-cli. * Plugins: Support installing to folders with whitespace and fix pluginUrl trailing and leading whitespace failures. * Postgres/MySQL/MSSQL: Don't return connection failure details to the client. * Postgres: Fix ms precision of interval in time group macro when TimescaleDB is enabled. * Provisioning: Use dashboard checksum field as change indicator. * SQL: Fix so that all captured errors are returned from sql engine. * Shortcuts: Fixes panel shortcuts so they always work. * Table: Fixes so border is visible for cells with links. * Variables: Clear query when data source type changes. * Variables: Filters out builtin variables from unknown list. * Button: Introduce buttonStyle prop. * DataQueryRequest: Remove deprecated props showingGraph and showingTabel and exploreMode. * grafana/ui: Update React Hook Form to v7. * IconButton: Introduce variant for red and blue icon buttons. * Plugins: Expose the getTimeZone function to be able to get the current selected timeZone. * TagsInput: Add className to TagsInput. * VizLegend: Move onSeriesColorChanged to PanelContext (breaking change).
• Update to version 7.5.13 * Alerting: Fix NoDataFound for alert rules using AND operator.

• Version 4.2.8-1 * Fix the condition for preventing building python 2 subpackage for SLE15 (bsc#1197579)
• Version 4.2.7-1 * Fix installation problem for SLE15SP4 due missing python-selinux

• Version 4.2.8-1 * Fix the condition for preventing building python 2 subpackage for SLE15

• Version 4.2.5-1 * Fix the condition for preventing building python 2 subpackage for SLE15

• Version 4.2.4-1 * Fix the condition for preventing building python 2 subpackage for SLE15

• Version 0.10.0 * Added hardening to systemd service(s) with changes to `prometheus-postgres_exporter.service` (bsc#1181400) * Package rename from golang-github-wrouesnel-postgres_exporter (jsc#SLE-23051)

• Version 4.2.6-1 * Fix the condition for preventing building python 2 subpackage for SLE15

• Version 4.2.16-1 * implement system.bootstrap (bsc#1194909) * Fix interactive mode for 'system_applyerrata' and 'errata_apply' (bsc#1194363)

• Version 4.2.18-1 * Fix the condition for preventing building python 2 subpackage for SLE15
• Version 4.2.17-1 * Update translation strings

• Version 4.2.6-1 * Fix the condition for preventing building python 2 subpackage for SLE15

• Version 4.2.4-1 * Fix the condition for preventing building python 2 subpackage for SLE15

• Version 4.2.6-1 * Fix the condition for preventing building python 2 subpackage for SLE15

Maintenance update for SUSE Manager 4.2: Server and Proxy
This is a codestream only update.

This update for podman fixes the following issues:

• Fixed breakage on some setups of rootless containers after the last major update (bsc#1196751).

This feature update for glm fixes the following issues:
Update from version 0.9.7.5 to version 0.9.9.8 (jsc#SLE-23864):

• Added CMake GLM interface
• Added EXT_scalar_integer extension with power of two and multiple scalar functions
• Added EXT_vector_integer extension with power of two and multiple vector functions
• Added GLM_FORCE_QUAT_DATA_WXYZ to store quat data as w,x,y,z instead of x,y,z,w
• Added Neon support
• Added SYCL support
• Added fma implementation based on std::fma
• Added missing genType check for bitCount and bitfieldReverse
• Added missing quat constexpr
• Ensure glmConfig.cmake gets installed
• Fixed 'if constexpr' warning
• Fixed .natvis due to renamed structs
• Fixed ARM 64bit detection
• Fixed Nvidia CUDA 9 build
• Fixed Clang or GCC build due to wrong GLM_HAS_IF_CONSTEXPR definition
• Fixed EXT_matrix_clip_space perspectiveFov
• Fixed EXT_scalar_ulp and EXT_vector_ulp API coding style
• Fixed GLM_EXT_matrix_clip_space warnings
• Fixed GLM_HAS_CXX11_STL broken on Clang with Linux
• Fixed Wimplicit-int-float-conversion warnings with clang 10+
• Fixed build errors when defining GLM_ENABLE_EXPERIMENTAL
• Fixed equal ULP variation when using negative sign
• Fixed for g++6 where -std=c++1z sets __cplusplus to 201500 instead of 201402
• Fixed for glm::length using arch64
• Fixed for intersection ray/plane and added related tests
• Fixed hash hashes 'qua' instead of 'tquat'
• Fixed ldexp and frexp declaration
• Fixed missing const to quaternion conversion operators
• Fixed missing declarations for 'frexp' and 'ldexp'
• Fixed quaternion componant order: w, {x, y, z}
• Fixed quaternion slerp overload which interpolates with extra spins
• Fixed singularity check for quatLookAt
• Improved Neon support with more functions optimized

This update for ppp fixes the following issues:

• Fix package building issues (bsc#1197799)

This update for ocfs2-tools fixes the following issues:

• Prevent attempt to lock cluster after replaying journals if -F is given (bsc#1196705)

This update for autofs fixes the following issues:

• Fix problem with quote handling (bsc#1181715)
• Fix locking problem that causes deadlock when sss is used (bsc#1196485)
• Suppress portmap calls when port explicitly given (bsc#1195697)

This update for gcc11 fixes the following issues:

• Add a list of Obsoletes to libstdc++6-pp-gcc11 so updates from packages provided by older GCC work. Add a requires from that package to the corresponding libstc++6 package to keep those at the same version. [bsc#1196107]
• Fixed memory corruption when creating dependences with the D language frontend.
• Add gcc11-PIE, similar to gcc-PIE but affecting gcc11 [bsc#1195628]
• Put libstdc++6-pp Requires on the shared library and drop to Recommends.

This update for go1.18 fixes the following issues:

• CVE-2022-24675: Fixed a stack overlow in Decode() in encoding/pem (bsc#1198423).
• CVE-2022-28327: Fixed a crash due to refused oversized scalars in generic P-256 (bsc#1198424).
• CVE-2022-27536: Fixed a crash in Certificate.Verify in crypto/x509 (bsc#1198427).

This update for go1.17 fixes the following issues:

• Updated to version 1.17.9 (bsc#1190649): - CVE-2022-24675: Fixed a stack overflow via crafted PEM file (bsc#1198423). - CVE-2022-28327: Fixed a potential panic when using big P-256 scalars in the crypto/elliptic module (bsc#1198424).

This update for ant fixes the following issues:

• CVE-2021-36373: Fixed an excessive memory allocation when reading a specially crafted TAR archive (bsc#1188468).
• CVE-2021-36374: Fixed an excessive memory allocation when reading a specially crafted ZIP archive (bsc#1188469).

This update for lifecycle-data-sle-module-live-patching fixes the following issues:
Lifecycle data update. (bsc#1020320)

• Added data for 4_12_14-150_83, 4_12_14-150_86, 4_12_14-197_105, 4_12_14-197_108, 5_3_18-150300_59_46, 5_3_18-150300_59_49, 5_3_18-150300_59_54, 5_3_18-24_102, 5_3_18-24_107.

This update for glib2-branding fixes the following issues:

• Change the default `LibreOffice Startcenter` entry to `libreoffice-startcenter.desktop` and provide the missing favorite link. (bsc#1195836)

This update for pacemaker fixes the following issues:

• Pacemaker high resolution timestamps. (bsc#1197668)

This update for cifs-utils fixes the following issues:

• CVE-2022-27239: Fixed a buffer overflow in the command line ip option (bsc#1197216).

This update for webkit2gtk3 fixes the following issues:
Update to version 2.36.0 (bsc#1198290):

• CVE-2022-22624: Fixed use after free that may lead to arbitrary code execution.
• CVE-2022-22628: Fixed use after free that may lead to arbitrary code execution.
• CVE-2022-22629: Fixed a buffer overflow that may lead to arbitrary code execution.
• CVE-2022-22637: Fixed an unexpected cross-origin behavior due to a logic error.

• CVE-2022-22594: Fixed a cross-origin issue in the IndexDB API.

This update for firewalld, golang-github-prometheus-prometheus fixes the following issues:
Security fixes for golang-github-prometheus-prometheus:

• CVE-2022-21698: Denial of Service through unbounded cardinality, and potential memory exhaustion, when handling requests with non-standard HTTP methods (bsc#1196338).

• Build `firewalld-prometheus-config` only for SUSE Linux Enterprise 15, 15-SP1 and 15-SP2, and require `firewalld`.
• Only recommends `firewalld-prometheus-config` as prometheus does not require it to run.
• Create `firewalld-prometheus-config` subpackage (bsc#1197042, jsc#SLE-24373, jsc#SLE-24374, jsc#SLE-24375)

• Provide dummy `firewalld-prometheus-config` package (bsc#1197042)

This update for libaom fixes the following issues:

• CVE-2021-30473: AOMedia in aom_image.c frees memory that is not located on the heap (bsc#1185778).

This update for buildah fixes the following issues:

• CVE-2022-27651: Fixed incorrect default inheritable capabilities for linux container (bsc#1197870).

• add workaround for https://bugzilla.opensuse.org/show_bug.cgi?id=1183043

This update for systemd-presets-common-SUSE fixes the following issue:

• enable vgauthd service for VMWare by default (bsc#1195251)

This update for binutils fixes the following issues:

• The official name IBM z16 for IBM zSeries arch14 is recognized. (bsc#1198237)

This update for patterns-public-cloud-15 fixes the following issues:

• Fix pattern migration issue from SLE 12 to SLE 15. (bsc#1196122)

This update for python-paramiko fixes the following issues:

• CVE-2022-24302: Fixed a race condition between creation and chmod when writing private keys. (bsc#1197279)

This update for osinfo-db fixes the following issues:

• Update to database version 20220214
• Request support for SLE15-SP4 in the osinfo database. (bsc#1197958)
• Add support for SUSE linux Enterprise Micro 5.2
• openSUSE Tumbleweed unattended installation with libvirt fails (bsc#1196965, bsc#1188336)
• Dev: Support Oracle Linux as a guest VM. (jsc#SLE-17764, bsc#1192238)
• Fix AutoYaST profiles to pass the validation during installation. (bsc#1182144)
• Add support for openSUSE Leap 15.4, SLE15-SP4, and SLEM 5.1 (bsc#1188692)

This update for openmpi3 fixes the following issues:

• Fix bad rdma component selection which can cause stall when running on multiple IB nodes. (bsc#1196838)
• Move rpm macros to %_rpmmacrodir. (bsc#1191390)
• Add build support for gcc8/9/10 to HPC build. (bsc#1174439)

This update for perl fixes the following issues:

• Fix Socket::VERSION evaluation and stabilize Socket:VERSION comparisons (bsc#1193489)

This update for python-pip fixes the following issues:

• Add wheel subpackage with the generated wheel for this package (bsc#1176262, CVE-2019-20916).

• Make wheel a separate build run to avoid the setuptools/wheel build cycle.

• Switch this package to use update-alternatives for all files in %{_bindir} so it doesn't collide with the versions on 'the latest' versions of Python interpreter (jsc#SLE-18038, bsc#1195831).

This update for postgresql12 fixes the following issues:

• Upgrade to 12.10: (bsc#1195680) * https://www.postgresql.org/docs/12/release-12-10.html * Reindexing might be needed after applying this upgrade, so please read the release notes carefully.
• Add constraints file with 12GB of memory for s390x as a workaround. (bsc#1190740)

• Add a llvmjit-devel subpackage to pull in the right versions of clang and llvm for building extensions.
• Fix some mistakes in the interdependencies between the implementation packages and their noarch counterpart.
• Update the BuildIgnore section.

This update for postgresql fixes the following issues:

• Fix the pg_server_requires macro on older rpm versions (SLE-12)
• Avoid a dependency on awk in postgresql-script.
• Move the dependency of llvmjit-devel on clang and llvm to the implementation packages where we can depend on the correct versions.
• Fix postgresql_has_llvm usage
• First round of changes to make it easier to build extensions for - add postgresql-llvmjit-devel subpackage: This package will pull in clang and llvm if the distro has a recent enough version, otherwise it will just pull postgresql-server-devel. - add postgresql macros to the postgresql-server-devel package those cover all the variables from pg_config and some macros to remove repitition from the spec files
• Bump version to 14. (bsc#1195680)

This update for google-guest-agent, google-guest-configs, google-guest-oslogin, google-osconfig-agent fixes the following issues:

• Update to version 20220204.00. (bsc#1195437, bsc#1195438) * remove han from owners (#154) * Remove extra slash from metadata URL. (#151)
• from version 20220104.00 * List IPv6 routes (#150)
• from version 20211228.00 * add add or remove route integration test, utils (#147)
• from version 20211214.00 * add malformed ssh key unit test (#142)

• Update to version 20220211.00. (bsc#1195437, bsc#1195438) * Set NVMe-PD IO timeout to 4294967295. (#32)

• Update to version 20220205.00. (bsc#1195437, bsc#1195438) * Fix build for EL9. (#82)
• from version 20211213.00 * Reauth error (#81)
• Rename Source0 field to Source
• Update URL in Source field to point to upstream tarball

• Update to version 20220209.00 (bsc#1195437, bsc#1195438) * Update licences, remove deprecated centos-8 tests (#414)

• Update to version 20220204.00 * Add DisableLocalLogging option (#413)
• from version 20220107.00 * OS assignment example: Copy file from bucket

This update for nodejs12 fixes the following issues:

• CVE-2022-0778: Fixed a infinite loop in BN_mod_sqrt() reachable when parsing certificates (bsc#1196877).
• CVE-2021-44906: Fixed a prototype pollution in node-minimist (bsc#1198247).
• CVE-2021-44907: Fixed a potential Denial of Service vulnerability in node-qs (bsc#1197283).
• CVE-2022-0235: Fixed an exposure of sensitive information to an unauthorized actor in node-fetch (bsc#1194819).

This update for nodejs14 fixes the following issues:

• CVE-2022-0778: Fixed a infinite loop in BN_mod_sqrt() reachable when parsing certificates (bsc#1196877).
• CVE-2021-44906: Fixed a prototype pollution in node-minimist (bsc#1198247).
• CVE-2021-44907: Fixed a potential Denial of Service vulnerability in node-qs (bsc#1197283).
• CVE-2022-0235: Fixed an exposure of sensitive information to an unauthorized actor in node-fetch (bsc#1194819).

This update for postgresql13 fixes the following issues:

• Upgrade to 14.2: (bsc#1195680) * https://www.postgresql.org/docs/14/release-14-2.html * Reindexing might be needed after applying this upgrade, so please read the release notes carefully.
• Add constraints file with 12GB of memory for s390x as a workaround. (bsc#1190740)
• Add a llvmjit-devel subpackage to pull in the right versions of clang and llvm for building extensions.
• Fix some mistakes in the interdependencies between the implementation packages and their noarch counterpart.
• Update the BuildIgnore section.

This update for strongswan fixes the following issues:

• Enable auth_els plugin (jsc#SLE-20151)

This update for libslirp fixes the following issues:

• CVE-2021-3592: Fixed invalid pointer initialization may lead to information disclosure (bootp) (bsc#1187364).
• CVE-2021-3594: Fixed invalid pointer initialization may lead to information disclosure (udp) (bsc#1187367).
• CVE-2021-3595: Fixed invalid pointer initialization may lead to information disclosure (tftp) (bsc#1187366).
• Fix a dhcp regression [bsc#1198773]

This update for python-Whoosh fixes the following issues:

• python-Whoosh won't compile on SP4 (bsc#1197830)
• Remove superfluous devel dependency for noarch package

This update for libcaca fixes the following issues:

• CVE-2022-0856: Fixed a divide by zero issue which could be exploited to cause an application crash (bsc#1197028).

This update for python-Twisted fixes the following issues:

• CVE-2022-24801: Fixed to not be as lenient as earlier HTTP/1.1 RFCs to prevent HTTP request smuggling. (bsc#1198086)

This update for jasper fixes the following issues:

• CVE-2021-3467: Fixed NULL pointer deref in jp2_decode() (bsc#1184757).
• CVE-2021-3443: Fixed NULL pointer deref in jp2_decode() (bsc#1184798).
• CVE-2021-26927: Fixed NULL pointer deref in jp2_decode() (bsc#1182104).
• CVE-2021-26926: Fixed an out of bounds read in jp2_decode() (bsc#1182105).

This update for collectd fixes the following issues:

• Adding new plugin rpm 'collect-plugin-dpdk' including the following modules (jsc#SLE-23472): - dpdkevent - dpdk_telemetry

This update for mdadm fixes the following issues:

• Fix a boot failure with multipath if the reading the VPD page attribute fails and skip RAID assembly if it is set. (bsc#1196054)

This update for git fixes the following issues:

• Updated to version 2.35.3: - CVE-2022-24765: Fixed a potential command injection via git worktree (bsc#1198234).

This update for python39 fixes the following issues:

• CVE-2021-3572: Fixed an improper handling of unicode characters in pip (bsc#1186819).

• Update to 3.9.10 (jsc#SLE-23849)

• Remove shebangs from from python-base libraries in _libdir. (bsc#1193179)

• Update to 3.9.9: * Core and Builtins + bpo-30570: Fixed a crash in issubclass() from infinite recursion when searching pathological __bases__ tuples. + bpo-45494: Fix parser crash when reporting errors involving invalid continuation characters. Patch by Pablo Galindo. + bpo-45385: Fix reference leak from descr_check. Patch by Dong-hee Na. + bpo-45167: Fix deepcopying of types.GenericAlias objects. + bpo-44219: Release the GIL while performing isatty system calls on arbitrary file descriptors. In particular, this affects os.isatty(), os.device_encoding() and io.TextIOWrapper. By extension, io.open() in text mode is also affected. This change solves a deadlock in os.isatty(). Patch by Vincent Michel in bpo-44219. + bpo-44959: Added fallback to extension modules with '.sl' suffix on HP-UX + bpo-44050: Extensions that indicate they use global state (by setting m_size to -1) can again be used in multiple interpreters. This reverts to behavior of Python 3.8. + bpo-45121: Fix issue where Protocol.__init__ raises RecursionError when it's called directly or via super(). Patch provided by Yurii Karabas. + bpo-45083: When the interpreter renders an exception, its name now has a complete qualname. Previously only the class name was concatenated to the module name, which sometimes resulted in an incorrect full name being displayed. + bpo-45738: Fix computation of error location for invalid continuation characters in the parser. Patch by Pablo Galindo. + Library + bpo-45678: Fix bug in Python 3.9 that meant functools.singledispatchmethod failed to properly wrap the attributes of the target method. Patch by Alex Waygood. + bpo-45679: Fix caching of multi-value typing.Literal. Literal[True, 2] is no longer equal to Literal[1, 2]. + bpo-45438: Fix typing.Signature string representation for generic builtin types. + bpo-45581: sqlite3.connect() now correctly raises MemoryError if the underlying SQLite API signals memory error. Patch by Erlend E. Aasland. + bpo-39679: Fix bug in functools.singledispatchmethod that caused it to fail when attempting to register a classmethod() or staticmethod() using type annotations. Patch contributed by Alex Waygood. + bpo-45515: Add references to zoneinfo in the datetime documentation, mostly replacing outdated references to dateutil.tz. Change by Paul Ganssle. + bpo-45467: Fix incremental decoder and stream reader in the 'raw-unicode-escape' codec. Previously they failed if the escape sequence was split. + bpo-45461: Fix incremental decoder and stream reader in the 'unicode-escape' codec. Previously they failed if the escape sequence was split. + bpo-45239: Fixed email.utils.parsedate_tz() crashing with UnboundLocalError on certain invalid input instead of returning None. Patch by Ben Hoyt. + bpo-44904: Fix bug in the doctest module that caused it to fail if a docstring included an example with a classmethod property. Patch by Alex Waygood. + bpo-45406: Make inspect.getmodule() catch FileNotFoundError raised by :'func:inspect.getabsfile, and return None to indicate that the module could not be determined. + bpo-45262: Prevent use-after-free in asyncio. Make sure the cached running loop holder gets cleared on dealloc to prevent use-after-free in get_running_loop + bpo-45386: Make xmlrpc.client more robust to C runtimes where the underlying C strftime function results in a ValueError when testing for year formatting options. + bpo-45371: Fix clang rpath issue in distutils. The UnixCCompiler now uses correct clang option to add a runtime library directory (rpath) to a shared library. + bpo-20028: Improve error message of csv.Dialect when initializing. Patch by Vajrasky Kok and Dong-hee Na. + bpo-45343: Update bundled pip to 21.2.4 and setuptools to 58.1.0 + bpo-41710: On Unix, if the sem_clockwait() function is available in the C library (glibc 2.30 and newer), the threading.Lock.acquire() method now uses the monotonic clock (time.CLOCK_MONOTONIC) for the timeout, rather than using the system clock (time.CLOCK_REALTIME), to not be affected by system clock changes. Patch by Victor Stinner. + bpo-45328: Fixed http.client.HTTPConnection to work properly in OSs that don't support the TCP_NODELAY socket option. + bpo-1596321: Fix the threading._shutdown() function when the threading module was imported first from a thread different than the main thread: no longer log an error at Python exit. + bpo-45274: Fix a race condition in the Thread.join() method of the threading module. If the function is interrupted by a signal and the signal handler raises an exception, make sure that the thread remains in a consistent state to prevent a deadlock. Patch by Victor Stinner. + bpo-45238: Fix unittest.IsolatedAsyncioTestCase.debug(): it runs now asynchronous methods and callbacks. + bpo-36674: unittest.TestCase.debug() raises now a unittest.SkipTest if the class or the test method are decorated with the skipping decorator. + bpo-45235: Fix an issue where argparse would not preserve values in a provided namespace when using a subparser with defaults. + bpo-45234: Fixed a regression in copyfile(), copy(), copy2() raising FileNotFoundError when source is a directory, which should raise IsADirectoryError + bpo-45228: Fix stack buffer overflow in parsing J1939 network address. + bpo-45192: Fix the tempfile._infer_return_type function so that the dir argument of the tempfile functions accepts an object implementing the os.PathLike protocol. + bpo-45160: When tracing a tkinter variable used by a ttk OptionMenu, callbacks are no longer made twice. + bpo-35474: Calling mimetypes.guess_all_extensions() with strict=False no longer affects the result of the following call with strict=True. Also, mutating the returned list no longer affects the global state. + bpo-45166: typing.get_type_hints() now works with Final wrapped in ForwardRef. + bpo-45097: Remove deprecation warnings about the loop argument in asyncio incorrectly emitted in cases when the user does not pass the loop argument. + bpo-45081: Fix issue when dataclasses that inherit from typing.Protocol subclasses have wrong __init__. Patch provided by Yurii Karabas. + bpo-24444: Fixed an error raised in argparse help display when help for an option is set to 1+ blank spaces or when choices arg is an empty container. + bpo-45021: Fix a potential deadlock at shutdown of forked children when using concurrent.futures module + bpo-45030: Fix integer overflow in pickling and copying the range iterator. + bpo-39039: tarfile.open raises ReadError when a zlib error occurs during file extraction. + bpo-44594: Fix an edge case of ExitStack and AsyncExitStack exception chaining. They will now match with block behavior when __context__ is explicitly set to None when the exception is in flight. * Documentation + bpo-45726: Improve documentation for functools.singledispatch() and functools.singledispatchmethod. + bpo-45680: Amend the docs on GenericAlias objects to clarify that non-container classes can also implement __class_getitem__. Patch contributed by Alex Waygood. + bpo-45655: Add a new 'relevant PEPs' section to the top of the documentation for the typing module. Patch by Alex Waygood. + bpo-45604: Add level argument to multiprocessing.log_to_stderr function docs. + bpo-45464: Mention in the documentation of Built-in Exceptions that inheriting from multiple exception types in a single subclass is not recommended due to possible memory layout incompatibility. + bpo-45449: Add note about PEP 585 in collections.abc. + bpo-45516: Add protocol description to the importlib.abc.Traversable documentation. + bpo-20692: Add Programming FAQ entry explaining that int literal attribute access requires either a space after or parentheses around the literal. + bpo-45216: Remove extra documentation listing methods in difflib. It was rendering twice in pydoc and was outdated in some places. + bpo-45772: socket.socket documentation is corrected to a class from a function. + bpo-45392: Update the docstring of the type built-in to remove a redundant line and to mention keyword arguments for the constructor. * Tests + bpo-45578: Add tests for dis.distb() + bpo-45577: Add subtests for all pickle protocols in test_zoneinfo. + bpo-43592: test.libregrtest now raises the soft resource limit for the maximum number of file descriptors when the default is too low for our test suite as was often the case on macOS. + bpo-40173: Fix test.support.import_helper.import_fresh_module(). + bpo-45280: Add a test case for empty typing.NamedTuple. + bpo-45269: Cover case when invalid markers type is supplied to c_make_encoder. + bpo-45209: Fix UserWarning: resource_tracker warning in _test_multiprocessing._TestSharedMemory.test_shared_memory_cleaned_after_process_termination + bpo-45195: Fix test_readline.test_nonascii(): sometimes, the newline character is not written at the end, so don't expect it in the output. Patch by Victor Stinner. + bpo-45156: Fixes infinite loop on unittest.mock.seal() of mocks created by create_autospec(). + bpo-45042: Fixes that test classes decorated with @hashlib_helper.requires_hashdigest were skipped all the time. + bpo-45235: Reverted an argparse bugfix that caused regression in the handling of default arguments for subparsers. This prevented leaf level arguments from taking precedence over root level arguments. + bpo-45765: In importlib.metadata, fix distribution discovery for an empty path. + bpo-45644: In-place JSON file formatting using python3 -m json.tool infile infile now works correctly, previously it left the file empty. Patch by Chris Wesseling. * Build + bpo-43158: setup.py now uses values from configure script to build the _uuid extension module. Configure now detects util-linux's libuuid, too. + bpo-45571: Modules/Setup now use PY_CFLAGS_NODIST instead of PY_CFLAGS to compile shared modules. + bpo-45532: Update sys.version to use main as fallback information. Patch by Jeong YunWon. + bpo-45405: Prevent internal configure error when running configure with recent versions of non-Apple clang. Patch by David Bohman. + bpo-45220: Avoid building with the Windows 11 SDK previews automatically. This may be overridden by setting the DefaultWindowsSDKVersion environment variable before building. * C API + bpo-44687: BufferedReader.peek() no longer raises ValueError when the entire file has already been buffered. + bpo-44751: Remove crypt.h include from the public Python.h header.

• rpm-build-python dependency is available on the current Factory, not with SLE.

• BuildRequire rpm-build-python: The provider to inject python(abi) has been moved there. rpm-build pulls rpm-build-python automatically in when building anything against python3-base, but this implies that the initial build of python3-base does not trigger the automatic installation.

• Update to 3.9.7: - Security - Replaced usage of tempfile.mktemp() with TemporaryDirectory to avoid a potential race condition. - Add auditing events to the marshal module, and stop raising code.__init__ events for every unmarshalled code object. Directly instantiated code objects will continue to raise an event, and audit event handlers should inspect or collect the raw marshal data. This reduces a significant performance overhead when loading from .pyc files. - Made the internal putcmd function in smtplib sanitize input for presence of \r and \n characters to avoid (unlikely) command injection. - Core and Builtins - Fixed pickling of range iterators that iterated for over 2**32 times. - Fix a race in WeakKeyDictionary, WeakValueDictionary and WeakSet when two threads attempt to commit the last pending removal. This fixes asyncio.create_task and fixes a data loss in asyncio.run where shutdown_asyncgens is not run - Fixed a corner case bug where the result of float.fromhex('0x.8p-1074') was rounded the wrong way. - Refine the syntax error for trailing commas in import statements. Patch by Pablo Galindo. - Restore behaviour of complex exponentiation with integer-valued exponent of type float or complex. - Correct the ast locations of f-strings with format specs and repeated expressions. Patch by Pablo Galindo - Use new trashcan macros (Py_TRASHCAN_BEGIN/END) in frameobject.c instead of the old ones (Py_TRASHCAN_SAFE_BEGIN/END). - Fix segmentation fault with deep recursion when cleaning method objects. Patch by Augusto Goulart and Pablo Galindo. - Fix bug where PyErr_SetObject hangs when the current exception has a cycle in its context chain. - Fix reference leaks in the error paths of update_bases() and __build_class__. Patch by Pablo Galindo. - Fix undefined behaviour in complex object exponentiation. - Remove uses of PyObject_GC_Del() in error path when initializing types.GenericAlias. - Remove the pass-through for hash() of weakref.proxy objects to prevent unintended consequences when the original referred object dies while the proxy is part of a hashable object. Patch by Pablo Galindo. - Fix ltrace functionality when exceptions are raised. Patch by Pablo Galindo - Fix a crash at Python exit when a deallocator function removes the last strong reference to a heap type. Patch by Victor Stinner. - Fix crash when using passing a non-exception to a generator's throw() method. Patch by Noah Oxer - Library - run() now always return a TestResult instance. Previously it returned None if the test class or method was decorated with a skipping decorator. - Fix bugs in cleaning up classes and modules in unittest: - Functions registered with addModuleCleanup() were not called unless the user defines tearDownModule() in their test module. - Functions registered with addClassCleanup() were not called if tearDownClass is set to None. - Buffering in TestResult did not work with functions registered with addClassCleanup() and addModuleCleanup(). - Errors in functions registered with addClassCleanup() and addModuleCleanup() were not handled correctly in buffered and debug modes. - Errors in setUpModule() and functions registered with addModuleCleanup() were reported in wrong order. - And several lesser bugs. - Made email date parsing more robust against malformed input, namely a whitespace-only Date: header. Patch by Wouter Bolsterlee. - Fix a crash in the signal handler of the faulthandler module: no longer modify the reference count of frame objects. Patch by Victor Stinner. - Method stopTestRun() is now always called in pair with method startTestRun() for TestResult objects implicitly created in run(). Previously it was not called for test methods and classes decorated with a skipping decorator. - argparse.BooleanOptionalAction's default value is no longer printed twice when used with argparse.ArgumentDefaultsHelpFormatter. - Upgrade bundled pip to 21.2.3 and setuptools to 57.4.0 - Fix the os.set_inheritable() function on FreeBSD 14 for file descriptor opened with the O_PATH flag: ignore the EBADF error on ioctl(), fallback on the fcntl() implementation. Patch by Victor Stinner. - The @functools.total_ordering() decorator now works with metaclasses. - sqlite3 user-defined functions and aggregators returning strings with embedded NUL characters are no longer truncated. Patch by Erlend E. Aasland. - Always show loop= arg deprecations in asyncio.gather() and asyncio.sleep() - Non-protocol subclasses of typing.Protocol ignore now the __init__ method inherited from protocol base classes. - The tokenize.tokenize() doesn't incorrectly generate a NEWLINE token if the source doesn't end with a new line character but the last line is a comment, as the function is already generating a NL token. Patch by Pablo Galindo - Fix http.client.HTTPSConnection fails to download >2GiB data. - rcompleter does not call getattr() on property objects to avoid the side-effect of evaluating the corresponding method. - weakref.proxy objects referencing non-iterators now raise TypeError rather than dereferencing the null tp_iternext slot and crashing. - The implementation of collections.abc.Set._hash() now matches that of frozenset.__hash__(). - Fixed issue in compileall.compile_file() when sys.stdout is redirected. Patch by Stefan Hölzl. - Give priority to using the current class constructor in inspect.signature(). Patch by Weipeng Hong. - Fix memory leak in _tkinter._flatten() if it is called with a sequence or set, but not list or tuple. - Update shutil.copyfile() to raise FileNotFoundError instead of confusing IsADirectoryError when a path ending with a os.path.sep does not exist; shutil.copy() and shutil.copy2() are also affected. - handle StopIteration subclass raised from @contextlib.contextmanager generator - Make the implementation consistency of indexOf() between C and Python versions. Patch by Dong-hee Na. - Fixes TypedDict to work with typing.get_type_hints() and postponed evaluation of annotations across modules. - Fix bug with pdb's handling of import error due to a package which does not have a __main__ module - Fixed an exception thrown while parsing a malformed multipart email by email.message.EmailMessage. - pathlib.PureWindowsPath.is_reserved() now identifies a greater range of reserved filenames, including those with trailing spaces or colons. - Handle exceptions from parsing the arg of pdb's run/restart command. - The sqlite3 context manager now performs a rollback (thus releasing the database lock) if commit failed. Patch by Luca Citi and Erlend E. Aasland. - Improved string handling for sqlite3 user-defined functions and aggregates: - It is now possible to pass strings with embedded null characters to UDFs - Conversion failures now correctly raise MemoryError - Patch by Erlend E. Aasland. - Handle RecursionError in TracebackException's constructor, so that long exceptions chains are truncated instead of causing traceback formatting to fail. - Fix email.message.EmailMessage.set_content() when called with binary data and 7bit content transfer encoding. - The compresslevel and preset keyword arguments of tarfile.open() are now both documented and tested. - Fixed a Y2k38 bug in the compileall module where it would fail to compile files with a modification time after the year 2038. - Fix test___all__ on platforms lacking a shared memory implementation. - Pass multiprocessing BaseProxy argument manager_owned through AutoProxy. - email.utils.getaddresses() now accepts email.header.Header objects along with string values. Patch by Zackery Spytz. - lib2to3 now recognizes async generators everywhere. - Fix TypeError when required subparsers without dest do not receive arguments. Patch by Anthony Sottile. - Documentation - Removed the othergui.rst file, any references to it, and the list of GUI frameworks in the FAQ. In their place I've added links to the Python Wiki page on GUI frameworks. - Update the definition of __future__ in the glossary by replacing the confusing word 'pseudo-module' with a more accurate description. - Add typical examples to os.path.splitext docs - Clarify that shutil.make_archive() is not thread-safe due to reliance on changing the current working directory. - Update of three expired hyperlinks in Doc/distributing/index.rst: 'Project structure', 'Building and packaging the project', and 'Uploading the project to the Python Packaging Index'. - Updated the docstring and docs of filecmp.cmp() to be more accurate and less confusing especially in respect to shallow arg. - Match the docstring and python implementation of countOf() to the behavior of its c implementation. - List all kwargs for textwrap.wrap(), textwrap.fill(), and textwrap.shorten(). Now, there are nav links to attributes of TextWrap, which makes navigation much easier while minimizing duplication in the documentation. - Clarify that atexit uses equality comparisons internally. - Documentation of csv.Dialect is more descriptive. - Fix documentation for the return type of sysconfig.get_path(). - Add a 'Security Considerations' index which links to standard library modules that have explicitly documented security considerations. - Remove the unqualified claim that tkinter is threadsafe. It has not been true for several years and likely never was. An explanation of what is true may be added later, after more discussion, and possibly after patching _tkinter.c, - Tests - Add calls of gc.collect() in tests to support PyPy. - Made tests relying on the _asyncio C extension module optional to allow running on alternative Python implementations. Patch by Serhiy Storchaka. - Fix auto history tests of test_readline: sometimes, the newline character is not written at the end, so don't expect it in the output. - Add ability to wholesale silence DeprecationWarnings while running the regression test suite. - Notify users running test_decimal regression tests on macOS of potential harmless 'malloc can't allocate region' messages spewed by test_decimal. - Fixed floating point precision issue in turtle tests. - Regression tests, when run with -w, are now re-running only the affected test methods instead of re-running the entire test file. - Add test for nested queues when using multiprocessing shared objects AutoProxy[Queue] inside ListProxy and DictProxy

• Add building with --with-system-libmpdec option (bsc#1189356).

• test_faulthandler is still problematic under qemu linux-user emulation, disable it there
• Reenable profileopt with qemu emulation, test_faulthandler is no longer run during profiling

This update for liblangtag fixes the following issues:

• Fix build of future service packs of SUSE Linux Enterprise 15 (bsc#1197767)

This update for psmisc fixes the following issues:

• Add a fallback if the system call name_to_handle_at() is not supported by the used file system.
• Replace the synchronizing over pipes of the sub process for the stat(2) system call with mutex and conditions from pthreads(7) (bsc#1194172)
• Use statx(2) or SYS_statx system call to replace the stat(2) system call and avoid the sub process (bsc#1194172)

This optional update provides the following changes:

• Provide binaries for non x86_64 architectures directly to SUSE Package Hub.
• There are no visible changes for the final user.
• Affected source packages: libdvdread

This optional update provides the following changes:

• Provide binaries for non x86_64 architectures directly to SUSE Package Hub.
• There are no visible changes for the final user.
• Affected source packages: a52dec

This optional update provides the following changes:

• Provide binaries for non x86_64 architectures directly to SUSE Package Hub.
• There are no visible changes for the final user.
• Affected source packages: hp-drive-guard, upower

This update for kvm_stat fixes the following issues:

• Add an appropriate delay in the unit file to ensure kvm module is properly loaded (bsc#1185945)
• Add a dummy -rebuild package: give OBS/Tumbleweed a hint to tell when this package needs a rebuild (bsc#1178493)

This update for yast2-bootloader fixes the following issue:

• AutoYaST: do not clone device for hibernation and also check during autoinstallation if device for hibernation exists and if not then use proposed one. (bsc#1187690, bsc#1197192)

This update for jetty-artifact-remote-resources, jboss-logging fixes the following issues:

• Do not require mvn(log4j:log4j) for build. (bsc#1197642)
• Do not build against the log4j12 packages.
• Update jboss-logging to 3.4.1

This update for python-uamqp fixes the following issues:

• python-uamqp won't compile on SP4 (bsc#1197848)
• Only build Python3 flavors for distributions 15 and greater

This update for rpmlint fixes the following issues:

• whitelist kcron (bsc#1199006)
• whitelisted power-profiles-daemon (bsc#1198693).

This update for xen fixes the following issues:

• CVE-2022-26356: Fixed potential race conditions in dirty memory tracking that could cause a denial of service in the host (bsc#1197423).
• CVE-2022-26357: Fixed a potential race condition in memory cleanup for hosts using VT-d IOMMU hardware, which could lead to a denial of service in the host (bsc#1197425).
• CVE-2022-26358,CVE-2022-26359,CVE-2022-26360,CVE-2022-26361: Fixed various memory corruption issues for hosts using VT-d or AMD-Vi IOMMU hardware. These could be leveraged by an attacker to cause a denial of service in the host (bsc#1197426).

This update for amazon-ssm-agent fixes the following issues:

• CVE-2022-29527: Fixed unsafe file creation mode of ssm-agent-users sudoer file (bsc#1196556).

This update for ruby2.5 fixes the following issues:

• CVE-2022-28739: Fixed a buffer overrun in String-to-Float conversion (bsc#1198441).
• CVE-2021-41817: Fixed a regular expression denial of service in Date Parsing Methods (bsc#1193035).
• CVE-2021-32066: Fixed a StartTLS stripping vulnerability in Net:IMAP (bsc#1188160).
• CVE-2021-31810: Fixed a trusting FTP PASV responses vulnerability in Net:FTP (bsc#1188161).
• CVE-2021-31799: Fixed a command injection vulnerability in RDoc (bsc#1190375).

This update for java-11-openjdk fixes the following issues:

• CVE-2022-21426: Fixed Oracle Java SE compromission via unauthenticated attacker with network access via multiple protocols (bsc#1198672).
• CVE-2022-21434: Fixed Oracle Java SE compromission via unauthenticated attacker with network access via multiple protocols (bsc#1198674).
• CVE-2022-21496: Fixed Oracle Java SE compromission via unauthenticated attacker with network access via multiple protocols (bsc#1198673).
• CVE-2022-21443: Fixed Oracle Java SE compromission via unauthenticated attacker with network access via multiple protocols (bsc#1198675).
• CVE-2022-21476: Fixed Oracle Java SE compromission via unauthenticated attacker with network access via multiple protocols (bsc#1198671).

This update for rubygem-puma fixes the following issues:
rubygem-puma was updated to version 4.3.11:

• CVE-2021-29509: Adjusted an incomplete fix for allows Denial of Service (DoS) (bsc#1188527)
• CVE-2021-41136: Fixed request smuggling if HTTP header value contains the LF character (bsc#1191681)
• CVE-2022-23634: Fixed information leak between requests (bsc#1196222)

This update for libwmf fixes the following issues:
libwmf was updated to 0.2.12:

• upstream changed to fork from Fedora: https://github.com/caolanm/libwmf
• merged all the pending fixes
• merge in fixes for libgd CVE-2019-6978 (bsc#1123522)
• fixed memory allocation failure (CVE-2016-9011)

• Fixes for %_libexecdir changing to /usr/libexec (bsc#1174075)

This update for lksctp-tools fixes the following issues:
Update to version 1.0.17 (bsc#1197590)

• sctp_test: fix hostname resolution
• man: remove sysctl listing from sctp.7
• Fix recieved->received typos
• Fix usage help for sctp_test
• test_1_to_1_accept_close: also expect EACCES when accept on an established socket
• lksctp-tools: make bind_test can do while disable IPV6
• libsctp: add pkg-config support

This update for sanlock fixes the following issues:

• Add libuuid as a build requirement to fix build issues on future SUSE Linux Enterprise Service Packs (bsc#1197853)

This feature update for python-contextvars, python-immutables fixes the following issues:

python-immutables:

• Provide python-immutables version 0.11 in SUSE Linux Enterprise 15 (jsc#SLE-24404)

• Provide python-contextvars version 2.4 in SUSE Linux Enterprise 15 (jsc#SLE-24404)

This update for NetworkManager fixes the following issues:

• Backport upstream fixes to implement RFC 8106. (bsc#1195173)
• ndisc: don't artificially extend the lifetime of DNSSL/RDNSS options. (bsc#1195222)

This update for apache2-mod_auth_mellon fixes the following issues:

• CVE-2021-3639: Fixed open Redirect vulnerability in logout URLs (bsc#1188926)

This update for pgadmin4 fixes the following issues:

• CVE-2022-0959: Fixed an unrestricted file upload (bsc#1197143).

This update for sblim-sfcb fixes the following issues:

• Add config option to optionally disable TLSv1.2 (bsc#1190107)
• Enable TLS v1.3 by removing explicit curve selection. This should not be required for OpenSSL 1.1.0+ (bsc#1190107)

This update for dracut fixes the following issues:

• fix(dracut-install): copy files preserving ownership attributes (bsc#1197967)
• fix(dracut-systemd): do not require vconsole-setup.service (bsc#1195508)
• fix(dracut-functions.sh): ip route parsing (bsc#1195011)

This update for tar fixes the following issues:

• CVE-2021-20193: Fixed a memory leak in read_header() in list.c (bsc#1181131).
• CVE-2019-9923: Fixed a null-pointer dereference in pax_decode_header in sparse.c (bsc#1130496).
• CVE-2018-20482: Fixed infinite read loop in sparse_dump_region in sparse.c (bsc#1120610).

• Update to GNU tar 1.34: * Fix extraction over pipe * Fix memory leak in read_header (CVE-2021-20193) (bsc#1181131) * Fix extraction when . and .. are unreadable * Gracefully handle duplicate symlinks when extracting * Re-initialize supplementary groups when switching to user privileges

• Update to GNU tar 1.33: * POSIX extended format headers do not include PID by default * --delay-directory-restore works for archives with reversed member ordering * Fix extraction of a symbolic link hardlinked to another symbolic link * Wildcards in exclude-vcs-ignore mode don't match slash * Fix the --no-overwrite-dir option * Fix handling of chained renames in incremental backups * Link counting works for file names supplied with -T * Accept only position-sensitive (file-selection) options in file list files

• prepare usrmerge (bsc#1029961)

• Update to GNU 1.32 * Fix the use of --checkpoint without explicit --checkpoint-action * Fix extraction with the -U option * Fix iconv usage on BSD-based systems * Fix possible NULL dereference (savannah bug #55369) [bsc#1130496] [CVE-2019-9923] * Improve the testsuite

• Update to GNU 1.31 * Fix heap-buffer-overrun with --one-top-level, bug introduced with the addition of that option in 1.28 * Support for zstd compression * New option '--zstd' instructs tar to use zstd as compression program. When listing, extractng and comparing, zstd compressed archives are recognized automatically. When '-a' option is in effect, zstd compression is selected if the destination archive name ends in '.zst' or '.tzst'. * The -K option interacts properly with member names given in the command line. Names of members to extract can be specified along with the '-K NAME' option. In this case, tar will extract NAME and those of named members that appear in the archive after it, which is consistent with the semantics of the option. Previous versions of tar extracted NAME, those of named members that appeared before it, and everything after it. * Fix CVE-2018-20482 - When creating archives with the --sparse option, previous versions of tar would loop endlessly if a sparse file had been truncated while being archived.

This update for libvirt fixes the following issues:

• CVE-2022-0897: Fixed a crash in nwfilter when counting number of network filters (bsc#1197636).

• qemu: Improve save operation by increasing pipe size c61d1e9b-virfile-set-pipe-size.patch, 47d6d185-virfile-fix-indent.patch, cd7acb33-virfile-report-error.patch bsc#1196625
• qemu: Directly query KVM for TSC scaling support 5df2c492-use-kvm-for-tsc-scaling.patch bsc#1193364

This update for go1.18 fixes the following issues:

• Remove remaining use of gold linker when bootstrapping with gccgo.

This optional update provides the following changes:

• Provide binaries for non x86_64 architectures directly to SUSE Package Hub.
• There are no visible changes for the final user.
• Affected source packages: gom

This optional update provides the following changes:

• Provide binaries for non x86_64 architectures directly to SUSE Package Hub.
• There are no visible changes for the final user.
• Affected source packages: gtkmm2, atkmm1_6, pangomm1_4, cairomm1_0

This update for amavisd-new fixes the following issues:

• Removed deprecated option 'syslog' used in amavis.service (bsc#1185145)

This update for xkeyboard-config fixes the following issues:

• Add French standardized AZERTY layout (AFNOR: NF Z71-300) (bsc#1188867)

This update for perf fixes the following issues:

• Support for PowerPC exposing Performance Monitor Counter SPRs as part of extended regs (bsc#1198077)

This update for ovmf fixes the following issues:

• Set TPM2_ENABLE and TPM2_CONFIG_ENABLE because it's needed by ARM (bsc#1197458)

This update for python-kiwi fixes the following issue:

• Fix booting GRUB submenu entries with hybrid images (linux/linuxefi) Variables assigned with 'set' are not visible in submenus. Export $linux and $initrd, so that they also work in submenu entries. (bsc#1192523)

This update for giflib fixes the following issues:

• CVE-2019-15133: Fixed a divide-by-zero exception in the decoder function DGifSlurp in dgif_lib.c if the height field of the ImageSize data structure is equal to zero (bsc#1146299).
• CVE-2018-11490: Fixed a heap-based buffer overflow in DGifDecompressLine function in dgif_lib.c (bsc#1094832).
• CVE-2016-3977: Fixed a heap buffer overflow in gif2rgb (bsc#974847).

• build path independent objects and inherit CFLAGS from the build system (bsc#1184123)

This update for go1.17 fixes the following issues:

• Remove remaining use of gold linker when bootstrapping with gccgo.

This update for ldb fixes the following issues:

• Update to version 2.4.2 - CVE-2021-3670: Fixed an issue where the LDAP server MaxQueryDuration value would not be honoured (bsc#1198397).

This update for MozillaFirefox fixes the following issues:
Firefox Extended Support Release 91.9.0 ESR
MFSA 2022-17 (bsc#1198970)

• CVE-2022-29914: Fullscreen notification bypass using popups
• CVE-2022-29909: Bypassing permission prompt in nested browsing contexts
• CVE-2022-29916: Leaking browser history with CSS variables
• CVE-2022-29911: iframe Sandbox bypass
• CVE-2022-29912: Reader mode bypassed SameSite cookies
• CVE-2022-29917: Memory safety bugs fixed in Firefox 100 and Firefox ESR 91.9

This update for rsyslog fixes the following issues:

• CVE-2022-24903: Fixed potential heap buffer overflow in modules for TCP syslog reception (bsc#1199061).

This optional update provides the following changes:

• Provide binaries for non x86_64 architectures directly to SUSE Package Hub.
• There are no visible changes for the final user.
• Affected source packages: stoken

This update for libnss_nis fixes the following issues:

• Fix build issues occurring on SUSE Linux Enterprise 15 Service Pack 4 (bsc#1197768)

This update for gzip fixes the following issues:

• CVE-2022-1271: Fix escaping of malicious filenames. (bsc#1198062)

This update for python-python3-saml fixes the following issues:

• Update expiry dates for responses. (bsc#1197846)

This update for systemd fixes the following issues:

• tmpfiles.d: only 'w+' can have multiple lines for the same path (bsc#1198090)
• journald: make sure journal_file_open() doesn't leave a corrupted file around after failing (bsc#1198114)
• tmpfiles: constify item_compatible() parameters
• test tmpfiles: add a test for 'w+'
• test: add test checking tmpfiles conf file precedence
• journald: make use of CLAMP() in cache_space_refresh()
• journal-file: port journal_file_open() to openat_report_new()
• fs-util: make sure openat_report_new() initializes return param also on shortcut
• fs-util: fix typos in comments
• fs-util: add openat_report_new() wrapper around openat()

This update for cluster-glue fixes the following issues:

• Fix for comment in external ec2 (bsc#1197681)
• Support IMDSv2 in EC2 stonith agent. (jsc#SLE-23490, jsc#SLE-23491, jsc#SLE-23492, jsc#SLE-23494)

This update for u-boot fixes the following issue:

• Fix USB stall that causes reboot with some devices on RPi (bsc#1197627)

This update for linuxrc fixes the following issues:

• Do not leave repository mounted when starting yast (bsc#1196061)
• Improve url logging function
• Handle umount errors better
• Check RAID devices for install repository (bsc#1196061)

This update for clamav fixes the following issues:

• CVE-2022-20770: Fixed a possible infinite loop vulnerability in the CHM file parser (bsc#1199242).
• CVE-2022-20796: Fixed a possible NULL-pointer dereference crash in the scan verdict cache check (bsc#1199246).
• CVE-2022-20771: Fixed a possible infinite loop vulnerability in the TIFF file parser (bsc#1199244).
• CVE-2022-20785: Fixed a possible memory leak in the HTML file parser / Javascript normalizer (bsc#1199245).
• CVE-2022-20792: Fixed a possible multi-byte heap buffer overflow write vulnerability in the signature database load module (bsc#1199274).

This update for pam fixes the following issue:

• Do not include obsolete header files (bsc#1197794)

This update for llvm7 fixes the following issues:

• Backport fixes and changes from Factory. (bsc#1197775)
• Drop RUNPATH from packaged binaries, instead set LD_LIBRARY_PATH for building and testing to simulate behavior of actual package.
• Fix build with linux-glibc-devel 5.13.

This update for curl fixes the following issues:

• CVE-2022-27776: Fixed auth/cookie leak on redirect (bsc#1198766)
• CVE-2022-27775: Fixed bad local IPv6 connection reuse (bsc#1198723)
• CVE-2022-22576: Fixed OAUTH2 bearer bypass in connection re-use (bsc#1198614)

This update for libpsl fixes the following issues:

• Fix libpsl compilation issues (bsc#1197771)

This update for cups fixes the following issues:

• CUPS printservice takes much longer than before with a big number of printers (bsc#1189517)
• CUPS PreserveJobHistory doesn't work with seconds (bsc#1195115)

This update for publicsuffix fixes the following issue:

• Update to version 20220405 (bsc#1198068)

This update for rust, rust1.60 fixes the following issues:
rust1.60 is shipped with this update.
Version 1.60.0 (2022-04-07) ========================== Language --------

• Stabilize cfg(panic = '...') for either 'unwind' or 'abort'.
• Stabilize cfg(target_has_atomic = '...') for each integer size and 'ptr'.

• Enable combining +crt-static and relocation-model=pic on x86_64-unknown-linux-gnu
• Fixes wrong unreachable_pub lints on nested and glob public reexport
• Stabilize -Z instrument-coverage as -C instrument-coverage
• Stabilize -Z print-link-args as --print link-args
• Add new Tier 3 target mips64-openwrt-linux-musl\*
• Add new Tier 3 target armv7-unknown-linux-uclibceabi (softfloat)\*
• Fix invalid removal of newlines from doc comments
• Add kernel target for RustyHermit
• Deny mixing bin crate type with lib crate types
• Make rustc use RUST_BACKTRACE=full by default
• Refer to Rust's platform support page for more information on Rust's tiered platform support.

• Guarantee call order for sort_by_cached_key
• Improve Duration::try_from_secs_f32/f64 accuracy by directly processing exponent and mantissa
• Make Instant::{duration_since, elapsed, sub} saturating
• Remove non-monotonic clocks workarounds in Instant::now
• Make BuildHasherDefault, iter::Empty and future::Pending covariant

• Arc::new_cyclic
• Rc::new_cyclic
• slice::EscapeAscii
• <[u8]>::escape_ascii
• u8::escape_ascii
• Vec::spare_capacity_mut
• MaybeUninit::assume_init_drop
• MaybeUninit::assume_init_read
• i8::abs_diff
• i16::abs_diff
• i32::abs_diff
• i64::abs_diff
• i128::abs_diff
• isize::abs_diff
• u8::abs_diff
• u16::abs_diff
• u32::abs_diff
• u64::abs_diff
• u128::abs_diff
• usize::abs_diff
• Display for io::ErrorKind
• From for ExitCode]
• Not for ! (the 'never' type)
• _Op_Assign<$t> for Wrapping<$t>
• arch::is_aarch64_feature_detected!

• Port cargo from toml-rs to toml_edit
• Stabilize -Ztimings as --timings
• Stabilize namespaced and weak dependency features.
• Accept more cargo:rustc-link-arg-* types from build script output.
• cargo-new should not add ignore rule on Cargo.lock inside subdirs

• Ship docs on Tier 2 platforms by reusing the closest Tier 1 platform docs
• Drop rustc-docs from complete profile
• bootstrap: tidy up flag handling for llvm build

• Mitigations for platforms with non-monotonic clocks have been removed from Instant::now. On platforms that don't provide monotonic clocks, an instant is not guaranteed to be greater than an earlier instant anymore.
• Instant::{duration_since, elapsed, sub} do not panic anymore on underflow, saturating to 0 instead. In the real world the panic happened mostly on platforms with buggy monotonic clock implementations rather than catching programming errors like reversing the start and end times. Such programming errors will now results in 0 rather than a panic.

This optional update provides the following changes:

• Provide binaries for non x86_64 architectures directly to SUSE Package Hub.
• There are no visible changes for the final user.
• Affected source packages: meanwhile

This update for pidgin fixes the following issues:

• CVE-2022-26491: Fixed MITM vulnerability when DNSSEC wasn't used (bsc#1199025).

This update for slurm fixes the following issues:

• CVE-2022-29500: Fixed architectural flaw that could have been exploited to allow an unprivileged user to execute arbitrary processes as root (bsc#1199278).
• CVE-2022-29501: Fixed a problem that an unprivileged user could have sent data to arbitrary unix socket as root (bsc#1199279).

This update for openldap2 fixes the following issues:

• CVE-2022-29155: Fixed SQL injection in back-sql (bsc#1199240).

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

• CVE-2020-27835: Fixed a use after free vulnerability in infiniband hfi1 driver in the way user calls Ioctl after open dev file and fork. A local user could use this flaw to crash the system (bnc#1179878).
• CVE-2021-0707: Fixed a use after free vulnerability in dma_buf_release of dma-buf.c, which may lead to local escalation of privilege with no additional execution privileges needed (bnc#1198437).
• CVE-2021-20292: Fixed object validation prior to performing operations on the object in nouveau_sgdma_create_ttm in Nouveau DRM subsystem (bnc#1183723).
• CVE-2021-20321: Fixed a race condition accessing file object in the OverlayFS subsystem in the way users do rename in specific way with OverlayFS. A local user could have used this flaw to crash the system (bnc#1191647).
• CVE-2021-38208: Fixed a denial of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure of a bind call (bnc#1187055).
• CVE-2021-4154: Fixed a use-after-free vulnerability in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c, allowing a local privilege escalation by an attacker with user privileges by exploiting the fsconfig syscall parameter, leading to a container breakout and a denial of service on the system (bnc#1193842).
• CVE-2022-0812: Fixed information leak when a file is read from RDMA (bsc#1196639)
• CVE-2022-1158: Fixed a vulnerability in the kvm module that may lead to a use-after-free write or denial of service (bsc#1197660).
• CVE-2022-1280: Fixed a use-after-free vulnerability in drm_lease_held in drivers/gpu/drm/drm_lease.c (bnc#1197914).
• CVE-2022-1353: Fixed access controll to kernel memory in the pfkey_register function in net/key/af_key.c (bnc#1198516).
• CVE-2022-1419: Fixed a concurrency use-after-free in vgem_gem_dumb_create (bsc#1198742).
• CVE-2022-1516: Fixed null-ptr-deref caused by x25_disconnect (bsc#1199012).
• CVE-2022-28356: Fixed a refcount leak bug in net/llc/af_llc.c (bnc#1197391).
• CVE-2022-28748: Fixed memory lead over the network by ax88179_178a devices (bsc#1196018).
• CVE-2022-28893: Fixed a use after free vulnerability in inet_put_port where some sockets are not closed before xs_xprt_free() (bsc#1198330).
• CVE-2022-29156: Fixed a double free vulnerability related to rtrs_clt_dev_release.ate (jsc#SLE-15176 bsc#1198515).

• ACPI/APEI: Limit printable size of BERT table data (git-fixes).
• ACPI: processor idle: Check for architectural support for LPI (git-fixes).
• ACPICA: Avoid walking the ACPI Namespace if it is not there (git-fixes).
• ALSA: cs4236: fix an incorrect NULL check on list iterator (git-fixes).
• ALSA: hda/hdmi: fix warning about PCM count when used with SOF (git-fixes).
• ALSA: hda/realtek: Add alc256-samsung-headphone fixup (git-fixes).
• ALSA: hda/realtek: Add quirk for Clevo PD50PNT (git-fixes).
• ALSA: hda/realtek: Fix audio regression on Mi Notebook Pro 2020 (git-fixes).
• ALSA: pcm: Test for 'silence' field in struct 'pcm_format_data' (git-fixes).
• ALSA: usb-audio: Cap upper limits of buffer/period bytes for implicit fb (git-fixes).
• ALSA: usb-audio: Increase max buffer size (git-fixes).
• ALSA: usb-audio: Limit max buffer and period sizes per time (git-fixes).
• ASoC: atmel: Remove system clock tree configuration for at91sam9g20ek (git-fixes).
• ASoC: codecs: wcd934x: do not switch off SIDO Buck when codec is in use (git-fixes).
• ASoC: mediatek: mt6358: add missing EXPORT_SYMBOLs (git-fixes).
• ASoC: msm8916-wcd-digital: Check failure for devm_snd_soc_register_component (git-fixes).
• ASoC: soc-compress: Change the check for codec_dai (git-fixes).
• ASoC: soc-compress: prevent the potentially use of null pointer (git-fixes).
• ASoC: soc-core: skip zero num_dai component in searching dai name (git-fixes).
• ASoC: soc-dapm: fix two incorrect uses of list iterator (git-fixes).
• Bluetooth: Fix use after free in hci_send_acl (git-fixes).
• Bluetooth: btmtksdio: Fix kernel oops in btmtksdio_interrupt (git-fixes).
• Bluetooth: hci_serdev: call init_rwsem() before p->open() (git-fixes).
• Documentation: add link to stable release candidate tree (git-fixes).
• HID: i2c-hid: fix GET/SET_REPORT for unnumbered reports (git-fixes).
• IB/hfi1: Allow larger MTU without AIP (jsc#SLE-13208).
• Input: omap4-keypad - fix pm_runtime_get_sync() error checking (git-fixes).
• KEYS: fix length validation in keyctl_pkey_params_get_2() (git-fixes).
• NFSv4: fix open failure with O_ACCMODE flag (git-fixes).
• PCI: aardvark: Fix reading PCI_EXP_RTSTA_PME bit on emulated bridge (git-fixes).
• PCI: aardvark: Fix support for MSI interrupts (git-fixes).
• PCI: imx6: Allow to probe when dw_pcie_wait_for_link() fails (git-fixes).
• PCI: pciehp: Add Qualcomm quirk for Command Completed erratum (git-fixes).
• PCI: pciehp: Clear cmd_busy bit in polling mode (git-fixes).
• PM: core: keep irq flags in device_pm_check_callbacks() (git-fixes).
• RDMA/core: Set MR type in ib_reg_user_mr (jsc#SLE-8449).
• RDMA/mlx5: Add a missing update of cache->last_add (jsc#SLE-15175).
• RDMA/mlx5: Do not remove cache MRs when a delay is needed (jsc#SLE-15175).
• RDMA/mlx5: Fix the flow of a miss in the allocation of a cache ODP MR (jsc#SLE-15175).
• SUNRPC: Ensure we flush any closed sockets before xs_xprt_free() (git-fixes).
• SUNRPC: Fix the svc_deferred_event trace class (git-fixes).
• SUNRPC: Handle ENOMEM in call_transmit_status() (git-fixes).
• SUNRPC: Handle low memory situations in call_status() (git-fixes).
• SUNRPC: change locking for xs_swap_enable/disable (bsc#1196367).
• USB: serial: pl2303: add IBM device IDs (git-fixes).
• USB: serial: simple: add Nokia phone driver (git-fixes).
• USB: storage: ums-realtek: fix error code in rts51x_read_mem() (git-fixes).
• USB: usb-storage: Fix use of bitfields for hardware data in ene_ub6250.c (git-fixes).
• USB: dwc3: omap: fix 'unbalanced disables for smps10_out1' on omap5evm (git-fixes).
• USB: gadget: uvc: Fix crash when encoding data for usb request (git-fixes).
• adm8211: fix error return code in adm8211_probe() (git-fixes).
• arm64/sve: Use correct size when reinitialising SVE state (git-fixes)
• arm64: clear_page() shouldn't use DC ZVA when DCZID_EL0.DZP == 1 (git-fixes)
• arm64: dts: allwinner: h5: NanoPI Neo 2: Fix ethernet node (git-fixes)
• arm64: dts: allwinner: orangepi-zero-plus: fix PHY mode (git-fixes)
• arm64: dts: exynos: correct GIC CPU interfaces address range on (git-fixes)
• arm64: dts: ls1028a: fix memory node (git-fixes)
• arm64: dts: ls1028a: fix node name for the sysclk (git-fixes)
• arm64: dts: lx2160a: fix scl-gpios property name (git-fixes)
• arm64: dts: marvell: armada-37xx: Extend PCIe MEM space (git-fixes)
• arm64: dts: marvell: armada-37xx: Fix reg for standard variant of (git-fixes)
• arm64: dts: marvell: armada-37xx: Remap IO space to bus address 0x0 (git-fixes)
• arm64: dts: rockchip: Fix GPU register width for RK3328 (git-fixes)
• arm64: dts: rockchip: remove mmc-hs400-enhanced-strobe from (git-fixes)
• arm64: dts: zii-ultra: fix 12V_MAIN voltage (git-fixes)
• arm64: head: avoid over-mapping in map_memory (git-fixes)
• ata: libata-core: Disable READ LOG DMA EXT for Samsung 840 EVOs (git-fixes).
• ata: sata_dwc_460ex: Fix crash due to OOB write (git-fixes).
• ath10k: fix memory overwrite of the WoWLAN wakeup packet pattern (git-fixes).
• ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 (git-fixes).
• ath5k: fix building with LEDS=m (git-fixes).
• ath9k: Fix usage of driver-private space in tx_info (git-fixes).
• ath9k: Properly clear TX status area before reporting to mac80211 (git-fixes).
• ath9k_htc: fix uninit value bugs (git-fixes).
• bareudp: use ipv6_mod_enabled to check if IPv6 enabled (jsc#SLE-15172).
• bfq: Avoid merging queues with different parents (bsc#1197926).
• bfq: Drop pointless unlock-lock pair (bsc#1197926).
• bfq: Get rid of __bio_blkcg() usage (bsc#1197926).
• bfq: Make sure bfqg for which we are queueing requests is online (bsc#1197926).
• bfq: Remove pointless bfq_init_rq() calls (bsc#1197926).
• bfq: Split shared queues on move between cgroups (bsc#1197926).
• bfq: Track whether bfq_group is still online (bsc#1197926).
• bfq: Update cgroup information before merging bio (bsc#1197926).
• block: Drop leftover references to RQF_SORTED (bsc#1182073).
• bnx2x: fix napi API usage sequence (bsc#1198217).
• bpf: Resolve to prog->aux->dst_prog->type only for BPF_PROG_TYPE_EXT (git-fixes bsc#1177028).
• brcmfmac: firmware: Allocate space for default boardrev in nvram (git-fixes).
• brcmfmac: pcie: Fix crashes due to early IRQs (git-fixes).
• brcmfmac: pcie: Release firmwares in the brcmf_pcie_setup error path (git-fixes).
• brcmfmac: pcie: Replace brcmf_pcie_copy_mem_todev with memcpy_toio (git-fixes).
• carl9170: fix missing bit-wise or operator for tx_params (git-fixes).
• cfg80211: hold bss_lock while updating nontrans_list (git-fixes).
• cifs: fix bad fids sent over wire (bsc#1197157).
• clk: Enforce that disjoints limits are invalid (git-fixes).
• clk: si5341: fix reported clk_rate when output divider is 2 (git-fixes).
• direct-io: clean up error paths of do_blockdev_direct_IO (bsc#1197656).
• direct-io: defer alignment check until after the EOF check (bsc#1197656).
• direct-io: do not force writeback for reads beyond EOF (bsc#1197656).
• dma-debug: fix return value of __setup handlers (git-fixes).
• dma: at_xdmac: fix a missing check on list iterator (git-fixes).
• dmaengine: Revert 'dmaengine: shdma: Fix runtime PM imbalance on error' (git-fixes).
• dmaengine: idxd: add RO check for wq max_batch_size write (git-fixes).
• dmaengine: idxd: add RO check for wq max_transfer_size write (git-fixes).
• dmaengine: imx-sdma: Fix error checking in sdma_event_remap (git-fixes).
• dmaengine: mediatek:Fix PM usage reference leak of mtk_uart_apdma_alloc_chan_resources (git-fixes).
• drm/amd/amdgpu/amdgpu_cs: fix refcount leak of a dma_fence obj (git-fixes).
• drm/amd/display: Fix a NULL pointer dereference in amdgpu_dm_connector_add_common_modes() (git-fixes).
• drm/amd/display: Fix allocate_mst_payload assert on resume (git-fixes).
• drm/amd/display: do not ignore alpha property on pre-multiplied mode (git-fixes).
• drm/amd: Add USBC connector ID (git-fixes).
• drm/amdgpu: Fix recursive locking warning (git-fixes).
• drm/amdgpu: fix off by one in amdgpu_gfx_kiq_acquire() (git-fixes).
• drm/amdkfd: Check for potential null return of kmalloc_array() (git-fixes).
• drm/amdkfd: Fix Incorrect VMIDs passed to HWS (git-fixes).
• drm/amdkfd: make CRAT table missing message informational only (git-fixes).
• drm/bridge: Add missing pm_runtime_disable() in __dw_mipi_dsi_probe (git-fixes).
• drm/bridge: Fix free wrong object in sii8620_init_rcp_input_dev (git-fixes).
• drm/bridge: cdns-dsi: Make sure to to create proper aliases for dt (git-fixes).
• drm/edid: Do not clear formats if using deep color (git-fixes).
• drm/edid: check basic audio support on CEA extension block (git-fixes).
• drm/i915/gem: Flush coherency domains on first set-domain-ioctl (git-fixes).
• drm/i915: Call i915_globals_exit() if pci_register_device() fails (git-fixes).
• drm/imx: Fix memory leak in imx_pd_connector_get_modes (git-fixes).
• drm/mediatek: Add AAL output size configuration (git-fixes).
• drm/mediatek: Fix aal size config (git-fixes).
• drm/msm/dsi: Use connector directly in msm_dsi_manager_connector_init() (git-fixes).
• drm/panel/raspberrypi-touchscreen: Avoid NULL deref if not initialised (git-fixes).
• drm/panel/raspberrypi-touchscreen: Initialise the bridge in prepare (git-fixes).
• drm/tegra: Fix reference leak in tegra_dsi_ganged_probe (git-fixes).
• drm/vc4: Use pm_runtime_resume_and_get to fix pm_runtime_get_sync() usage (git-fixes).
• drm: Add orientation quirk for GPD Win Max (git-fixes).
• drm: add a locked version of drm_is_current_master (bsc#1197914).
• drm: add a locked version of drm_is_current_master (bsc#1197914).
• drm: drm_file struct kABI compatibility workaround (bsc#1197914).
• drm: drm_file struct kABI compatibility workaround (bsc#1197914).
• drm: protect drm_master pointers in drm_lease.c (bsc#1197914).
• drm: protect drm_master pointers in drm_lease.c (bsc#1197914).
• drm: serialize drm_file.master with a new spinlock (bsc#1197914).
• drm: serialize drm_file.master with a new spinlock (bsc#1197914).
• drm: use the lookup lock in drm_is_current_master (bsc#1197914).
• drm: use the lookup lock in drm_is_current_master (bsc#1197914).
• e1000e: Fix possible overflow in LTR decoding (git-fixes).
• fibmap: Reject negative block numbers (bsc#1198448).
• fibmap: Use bmap instead of ->bmap method in ioctl_fibmap (bsc#1198448).
• firmware: arm_scmi: Fix sorting of retrieved clock rates (git-fixes).
• gpiolib: acpi: use correct format characters (git-fixes).
• gpu: ipu-v3: Fix dev_dbg frequency output (git-fixes).
• hwrng: cavium - HW_RANDOM_CAVIUM should depend on ARCH_THUNDER (git-fixes).
• i2c: dev: Force case user pointers in compat_i2cdev_ioctl() (git-fixes).
• ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module (git-fixes).
• ipmi: Move remove_work to dedicated workqueue (git-fixes).
• ipmi: bail out if init_srcu_struct fails (git-fixes).
• iwlwifi: Fix -EIO error code that is never returned (git-fixes).
• iwlwifi: mvm: Fix an error code in iwl_mvm_up() (git-fixes).
• livepatch: Do not block removal of patches that are safe to unload (bsc#1071995).
• lz4: fix LZ4_decompress_safe_partial read out of bound (git-fixes).
• media: cx88-mpeg: clear interrupt status register before streaming video (git-fixes).
• media: hdpvr: initialize dev->worker at hdpvr_register_videodev (git-fixes).
• memory: atmel-ebi: Fix missing of_node_put in atmel_ebi_probe (git-fixes).
• mfd: asic3: Add missing iounmap() on error asic3_mfd_probe (git-fixes).
• mfd: mc13xxx: Add check for mc13xxx_irq_request (git-fixes).
• mmc: host: Return an error when ->enable_sdio_irq() ops is missing (git-fixes).
• mmc: mmci: stm32: correctly check all elements of sg list (git-fixes).
• mmc: mmci_sdmmc: Replace sg_dma_xxx macros (git-fixes).
• mmc: renesas_sdhi: do not overwrite TAP settings when HS400 tuning is complete (git-fixes).
• mtd: onenand: Check for error irq (git-fixes).
• mtd: rawnand: atmel: fix refcount issue in atmel_nand_controller_init (git-fixes).
• mtd: rawnand: gpmi: fix controller timings setting (git-fixes).
• mwl8k: Fix a double Free in mwl8k_probe_hw (git-fixes).
• net: asix: add proper error handling of usb read errors (git-fixes).
• net: mcs7830: handle usb read errors properly (git-fixes).
• net: usb: aqc111: Fix out-of-bounds accesses in RX fixup (git-fixes).
• nfc: nci: add flush_workqueue to prevent uaf (git-fixes).
• power: reset: gemini-poweroff: Fix IRQ check in gemini_poweroff_probe (git-fixes).
• power: supply: ab8500: Fix memory leak in ab8500_fg_sysfs_init (git-fixes).
• power: supply: axp20x_battery: properly report current when discharging (git-fixes).
• power: supply: axp288-charger: Set Vhold to 4.4V (git-fixes).
• power: supply: bq24190_charger: Fix bq24190_vbus_is_enabled() wrong false return (git-fixes).
• power: supply: wm8350-power: Add missing free in free_charger_irq (git-fixes).
• power: supply: wm8350-power: Handle error for wm8350_register_irq (git-fixes).
• powerpc/perf: Fix power10 event alternatives (jsc#SLE-13513 git-fixes).
• powerpc/perf: Fix power9 event alternatives (bsc#1137728, LTC#178106, git-fixes).
• ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE (bsc#1198413).
• random: check for signal_pending() outside of need_resched() check (git-fixes).
• ray_cs: Check ioremap return value (git-fixes).
• regulator: wm8994: Add an off-on delay for WM8994 variant (git-fixes).
• rtc: check if __rtc_read_time was successful (git-fixes).
• rtc: wm8350: Handle error for wm8350_register_irq (git-fixes).
• scsi: libsas: Fix sas_ata_qc_issue() handling of NCQ NON DATA commands (git-fixes).
• scsi: mpt3sas: Fix use after free in _scsih_expander_node_remove() (git-fixes).
• scsi: mpt3sas: Page fault in reply q processing (git-fixes).
• scsi: scsi_dh_alua: Avoid crash during alua_bus_detach() (bsc#1028340 bsc#1198825).
• spi: Fix erroneous sgs value with min_t() (git-fixes).
• spi: Fix invalid sgs value (git-fixes).
• spi: atmel-quadspi: Fix the buswidth adjustment between spi-mem and controller (git-fixes).
• spi: bcm-qspi: fix MSPI only access with bcm_qspi_exec_mem_op() (git-fixes).
• spi: mxic: Fix the transmit path (git-fixes).
• spi: tegra20: Use of_device_get_match_data() (git-fixes).
• staging: mt7621-dts: fix LEDs and pinctrl on GB-PC1 devicetree (git-fixes).
• vgacon: Propagate console boot parameters before calling `vc_resize' (bsc#1152489)
• video: fbdev: atari: Atari 2 bpp (STe) palette bugfix (git-fixes).
• video: fbdev: cirrusfb: check pixclock to avoid divide by zero (git-fixes).
• video: fbdev: nvidiafb: Use strscpy() to prevent buffer overflow (git-fixes).
• video: fbdev: sm712fb: Fix crash in smtcfb_read() (git-fixes).
• video: fbdev: sm712fb: Fix crash in smtcfb_write() (git-fixes).
• video: fbdev: udlfb: properly check endpoint type (bsc#1152489)
• video: fbdev: w100fb: Reset global state (git-fixes).
• virtio_console: break out of buf poll on remove (git-fixes).
• virtio_console: eliminate anonymous module_init & module_exit (git-fixes).
• w1: w1_therm: fixes w1_seq for ds28ea00 sensors (git-fixes).
• x86/pm: Save the MSR validity status at context setup (bsc#1198400).
• x86/sev: Unroll string mmio with CC_ATTR_GUEST_UNROLL_STRING_IO (git-fixes).
• x86/speculation: Restore speculation related MSRs during S3 resume (bsc#1198400).
• xen/blkfront: fix comment for need_copy (git-fixes).
• xen/x86: obtain full video frame buffer address for Dom0 also under EFI (bsc#1193556).
• xen/x86: obtain upper 32 bits of video frame buffer address for Dom0 (bsc#1193556).
• xen: fix is_xen_pmu() (git-fixes).
• xhci: fix runtime PM imbalance in USB2 resume (git-fixes).
• xhci: fix uninitialized string returned by xhci_decode_ctrl_ctx() (git-fixes).

This update for jackson-databind, jackson-dataformats-binary, jackson-annotations, jackson-bom, jackson-core fixes the following issues:
Security issues fixed:

• CVE-2020-36518: Fixed a Java stack overflow exception and denial of service via a large depth of nested objects in jackson-databind. (bsc#1197132)
• CVE-2020-25649: Fixed an insecure entity expansion in jackson-databind which was vulnerable to XML external entity (XXE). (bsc#1177616)
• CVE-2020-28491: Fixed a bug which could cause `java.lang.OutOfMemoryError` exception in jackson-dataformats-binary. (bsc#1182481)