Alerts This Week
Warning Icon 1 540
Alerts This Week
Warning Icon 1 540

openSUSE: golang-github-prometheus-alertmanager CVE-2025-47908 Advisory

opensuse
Calendar Grey December 18, 2025
Dist Opensuse Esm H88
This update addresses CVE-2025-47908 in openSUSE alertmanager, rated moderate severity, along with new features.
An update that solves one vulnerability and contains two features can now be installed.

Description

This update for golang-github-prometheus-alertmanager fixes the following

issues:

* Update to version 0.28.1 (jsc#PED-13285):

* Improved performance of inhibition rules when using Equal labels.

* Improve the documentation on escaping in UTF-8 matchers.

* Update alertmanager_config_hash metric help to document the hash is not

cryptographically strong.

* Fix panic in amtool when using --verbose.

* Fix templating of channel field for Rocket.Chat.

* Fix rocketchat_configs written as rocket_configs in docs.

* Fix usage for --enable-feature flag.

* Trim whitespace from OpsGenie API Key.

* Fix Jira project template not rendered when searching for existing issues.

* Fix subtle bug in JSON/YAML encoding of inhibition rules that would cause

Equal labels to be omitted.

* Fix header for slack_configs in docs.

* Fix weight and wrap of Microsoft Teams notifications.

* Upgrade to version 0.28.0:

* CVE-2025-47908: Bump github.com/rs/cors (bsc#1247748).

*...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory moderate denial of service OpenSUSE alertmanager cve-2025-47908

Patch

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like

YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

* SUSE Package Hub 15 15-SP7

zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-4481=1

* SUSE Manager Proxy 4.3 LTS

zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-4481=1

* openSUSE Leap 15.6

zypper in -t patch openSUSE-SLE-15.6-2025-4481=1

* SUSE Manager Client Tools for SLE 15

zypper in -t patch SUSE-SLE-Manager-Tools-15-2025-4481=1

* SUSE Package Hub 15 15-SP6

zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-4481=1

Package List

* SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64)

* golang-github-prometheus-alertmanager-0.28.1-150100.4.28.2

* golang-github-prometheus-alertmanager-debuginfo-0.28.1-150100.4.28.2

* SUSE Manager Proxy 4.3 LTS (x86_64)

* golang-github-prometheus-alertmanager-0.28.1-150100.4.28.2

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)

* golang-github-prometheus-alertmanager-0.28.1-150100.4.28.2

* golang-github-prometheus-alertmanager-debuginfo-0.28.1-150100.4.28.2

* SUSE Manager Client Tools for SLE 15 (aarch64 ppc64le s390x x86_64)

* golang-github-prometheus-alertmanager-0.28.1-150100.4.28.2

* SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)

* golang-github-prometheus-alertmanager-0.28.1-150100.4.28.2

* golang-github-prometheus-alertmanager-debuginfo-0.28.1-150100.4.28.2

References

* bsc#1247748

* jsc#MSQA-1034

* jsc#PED-13285

## References:

* https://www.suse.com/security/cve/CVE-2025-47908.html

* https://bugzilla.suse.com/show_bug.cgi?id=1247748

* https://jira.suse.com/login.jsp?permissionViolation=true&os_destination=https%3A%2F%2Fjira.suse.com%2Fbrowse%2FMSQA-1034

* https://jira.suse.com/login.jsp?permissionViolation=true&os_destination=https%3A%2F%2Fjira.suse.com%2Fbrowse%2FPED-13285

Announcement ID: SUSE-SU-2025:4481-1
Release Date: 2025-12-18T12:19:03Z
Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 * SUSE Linux Enterprise Desktop 15 SP1 * SUSE Linux Enterprise Desktop 15 SP2 * SUSE Linux Enterprise Desktop 15 SP3 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 * SUSE Linux Enterprise High Performance Computing 15 SP1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP1 * SUSE Linux Enterprise Real Time 15 SP2 * SUSE Linux Enterprise Real Time 15 SP3 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 * SUSE Linux Enterprise Server 15 SP1 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Manager Client Tools for SLE 15 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 LTS * SUSE Manager Retail Branch Server 4.3 * SUSE Package Hub 15 15-SP6 * SUSE Package Hub 15 15-SP7

Topics%20covered

Topics Covered

security advisory moderate denial of service OpenSUSE alertmanager cve-2025-47908

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here