Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

openSUSE: Prometheus Moderate Security Update 2025-4481-1 CVE-2025-47908

suse
Calendar Grey December 18, 2025
Dist Suse Esm H88
Install this moderate SUSE security update for prometheus-alertmanager addressing CVE-2025-47908. Essential fixes are included.
An update that solves one vulnerability and contains two features can now be installed.

Summary

## This update for golang-github-prometheus-alertmanager fixes the following issues: * Update to version 0.28.1 (jsc#PED-13285): * Improved performance of inhibition rules when using Equal labels. * Improve the documentation on escaping in UTF-8 matchers. * Update alertmanager_config_hash metric help to document the hash is not cryptographically strong. * Fix panic in amtool when using --verbose. * Fix templating of channel field for Rocket.Chat. * Fix rocketchat_configs written as rocket_configs in docs. * Fix usage for --enable-feature flag. * Trim whitespace from OpsGenie API Key. * Fix Jira project template not rendered when searching for existing issues. * Fix subtle bug in JSON/YAML encoding of inhibition rules that would cause Equal labels to be omitted. * Fix header for slack_configs in docs.

Topics%20covered

Topics Covered

security advisory moderate update DoS OpenSUSE prometheus alertmanager

References

* bsc#1247748

* jsc#MSQA-1034

* jsc#PED-13285

Cross-

* CVE-2025-47908

CVSS scores:

* CVE-2025-47908 ( SUSE ): 6.9

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

* CVE-2025-47908 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

* CVE-2025-47908 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.3

* openSUSE Leap 15.4

* openSUSE Leap 15.5

* openSUSE Leap 15.6

* SUSE Linux Enterprise Desktop 15

* SUSE Linux Enterprise Desktop 15 SP1

* SUSE Linux Enterprise Desktop 15 SP2

* SUSE Linux Enterprise Desktop 15 SP3

* SUSE Linux Enterprise Desktop 15 SP4

* SUSE Linux Enterprise Desktop 15 SP5

* SUSE Linux Enterprise Desktop 15 SP6

* SUSE Linux Enterprise Desktop 15 SP7

* SUSE Linux Enterprise High Performance Computing 15

Announcement ID: SUSE-SU-2025:4481-1
Release Date: 2025-12-18T12:19:03Z
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate update DoS OpenSUSE prometheus alertmanager

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here