SUSE Container Update Advisory: trento/trento-runner ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:238-1 Container Tags : trento/trento-runner:0.9.0 , trento/trento-runner:0.9.0-rev1.1.0 , trento/trento-runner:0.9.0-rev1.1.0-build3.2.14 , trento/trento-runner:latest Container Release : 3.2.14 Severity : important Type : security References : 1194968 1195054 1195217 CVE-2022-23852 CVE-2022-23990 ----------------------------------------------------------------- The container trento/trento-runner was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:471-1 Released: Thu Feb 17 09:58:37 2022 Summary: Recommended update for trento-premium Type: recommended Severity: important References: This update for trento-premium fixes the following issues: - Releasing new sub-package 'trento-premium-installer'. (jsc#MSC-302) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:498-1 Released: Fri Feb 18 10:46:56 2022 Summary: Security update for expat Type: security Severity: important References: 1195054,1195217,CVE-2022-23852,CVE-2022-23990 This update for expat fixes the following issues: - CVE-2022-23852: Fixed signed integer overflow in XML_GetBuffer (bsc#1195054). - CVE-2022-23990: Fixed integer overflow in the doProlog function (bsc#1195217). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:520-1 Released: Fri Feb 18 12:45:19 2022 Summary: Recommended update for rpm Type: recommended Severity: moderate References: 1194968 This update for rpm fixes the following issues: - Revert unwanted /usr/bin/python to /usr/bin/python2 change we got with the update to 4.14.3 (bsc#1194968) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:579-1 Released: Mon Feb 28 11:12:24 2022 Summary: Recommended update for trento-premium Type: recommended Severity: moderate References: This update for trento-premium fixes the following issues: Release 0.9.0 ### Added - Pin specific container image versions in the helm chart values - review values for SUSE infrastructure - Add health summary api endpoint - Homepage UI component - Embed cpu and memory usage dashboards in host detail - Sap system health computation - Attach system replication status badge on secondary node - Add remediation command to the corosync token timeouts checks - Add node exporter state in the frontend - Add prometheus grafana to helm chart - Prometheus HTTP service discovery API - Adds feedback collector - Add connection retry when starting Web and Runner ### Fixed - Web serve command not stopped correctly during database initializaion tries - Links in compressed sidebar don't work - CD process doesn't clean up old node module tgz files - Aligns Overview - Use context correctly during db initialization - Compute attached database health - Fix dump scenario script clean-up command - Push catalog info after the checks - Show all sbd devices - Do not make assumptions about the shape of the payload of checks catalog - Remove mention of Blue Horizon from landing page - Links in compressed sidebar are working again ### Closed Issues - Checks catalog empty - Settings button missing in Pacemaker Clusters details view ### Other Changes - Enable Grafana persistence - Fix health summary api - Fix grafana secret - Fix grafana embedding - Implement cluster heatlh computation projection - refresh zypper repo before installing node exporter - Add Grafana initialization - Run prometheus installation as root - Do not add bitnami charts repo from the installer if it's not needed - Fix dependabot auto-merge workflow - Change trento path in the Dockerfile - Allows Grafana dashboards to be embedded - Add hana cluster details e2e test - E2e test cluster overview - Switch to the SLE BCI images The following package changes have been done: - libexpat1-2.2.5-3.12.1 updated - trento-premium-0.9.0+git.dev74.1645798943.a1180f8-150300.3.10.1 updated - python3-rpm-4.14.3-150300.46.1 updated