Explore top 10 tips to secure your open-source projects now. Read More
×
This update fixes the following issues: golang-github-prometheus-prometheus: - Provide and reload firewalld configuration only for: + openSUSE Leap 15.0, 15.1, 15.2 + SUSE SUSE Linux Enterprise 15, SP1, SP2 - Upgrade to upstream version 2.27.1 (jsc#SLE-18254) - SECURITY: Fix arbitrary redirects under the /new endpoint (CVE-2021-29622, bsc#1186242) + Features: * Promtool: Retroactive rule evaluation functionality. * Configuration: Environment variable expansion for external labels. Behind '--enable-feature=expand-external-labels' flag. * TSDB: Add a flag '--storage.tsdb.max-block-chunk-segment-size' to control the max chunks file size of the blocks for small Prometheus instances. * UI: Add a dark theme. * AWS Lightsail Discovery: Add AWS Lightsail Discovery.
#1175478 #1186242 #1186508 #1186581 #1186650
SLE-18254
Cross- CVE-2021-27962 CVE-2021-28146 CVE-2021-28147
CVE-2021-28148 CVE-2021-29622
CVSS scores:
CVE-2021-27962 (NVD) : 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
CVE-2021-27962 (SUSE): 6.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
CVE-2021-28148 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-29622 (NVD) : 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected Products:
SUSE Manager Tools 12
https://www.suse.com/security/cve/CVE-2021-27962.html
https://www.suse.com/security/cve/CVE-2021-28146.html
https://www.suse.com/security/cve/CVE-2021-28147.html
https://www.suse.com/security/cve/CVE-2021-28148.html
Get the latest Linux and open source security news straight to your inbox.