Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

openSUSE 15.6: 2025:0546-1 moderate: Prometheus error handling fix

suse
Calendar Grey February 14, 2025
Dist Suse Esm H88
The latest security patch for golang-github-prometheus-prometheus addresses CVE-2024-51744, providing important enhancements for SUSE system users.
* bsc#1232970 * jsc#MSQA-914 * jsc#PED-11649 Cross-References:

Summary

## golang-github-prometheus-prometheus was updated from version 2.45.6 to 2.53.3 (jsc#PED-11649): * Security issues fixed: * CVE-2024-51744: Updated golang-jwt to version 5.0 to fix bad error handling (bsc#1232970) * Highlights of other changes: * Performance: * Significant enhancements to PromQL execution speed, TSDB operations (especially querying and compaction) and remote write operations. * Default GOGC value lowered to 75 for better memory management. * Option to limit memory usage from dropped targets added. * New Features: * Experimental OpenTelemetry ingestion. * Automatic memory limit handling. * Native histogram support, including new functions, UI enhancements, and improved scraping.

Topics%20covered

Topics Covered

security advisory moderate security issue moderate severity patch SUSE error handling openSUSE SUSE Linux Enterprise golang prometheus go patch

References

* bsc#1232970

* jsc#MSQA-914

* jsc#PED-11649

Cross-

* CVE-2024-51744

CVSS scores:

* CVE-2024-51744 ( SUSE ): 2.1

CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

* CVE-2024-51744 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

* CVE-2024-51744 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

Affected Products:

* openSUSE Leap 15.6

* SUSE Linux Enterprise Desktop 15 SP6

* SUSE Linux Enterprise Real Time 15 SP6

* SUSE Linux Enterprise Server 15 SP6

* SUSE Linux Enterprise Server for SAP Applications 15 SP6

* SUSE Manager Proxy 4.3

* SUSE Manager Proxy 4.3 Module

* SUSE Manager Retail Branch Server 4.3

* SUSE Package Hub 15 15-SP6

An update that solves one vulnerability and contains two features can now be

installed.

##

Announcement ID: SUSE-SU-2025:0546-1
Release Date: 2025-02-14T07:24:45Z
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate security issue moderate severity patch SUSE error handling openSUSE SUSE Linux Enterprise golang prometheus go patch

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here