Security update for SUSE Manager Client Tools

Announcement ID:	SUSE-SU-2022:2134-1
Rating:	important
References:	bsc#1181223 bsc#1181400 bsc#1190462 bsc#1190535 bsc#1193600 bsc#1194873 bsc#1195726 bsc#1195727 bsc#1195728 bsc#1196338 bsc#1196704 bsc#1197507 bsc#1197689 jsc#SLE-23422 jsc#SLE-23439 jsc#SLE-24077 jsc#SLE-24238 jsc#SLE-24239
Cross-References:	CVE-2021-36222 CVE-2021-3711 CVE-2021-39226 CVE-2021-41174 CVE-2021-41244 CVE-2021-43798 CVE-2021-43813 CVE-2021-43815 CVE-2022-21673 CVE-2022-21698 CVE-2022-21702 CVE-2022-21703 CVE-2022-21713
CVSS scores:	CVE-2021-36222 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2021-36222 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2021-3711 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-3711 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-39226 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L CVE-2021-39226 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L CVE-2021-41174 ( SUSE ): 6.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:N CVE-2021-41174 ( NVD ): 6.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:N CVE-2021-41244 ( SUSE ): 9.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H CVE-2021-41244 ( NVD ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2021-43798 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2021-43798 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2021-43813 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2021-43813 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2021-43815 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2021-43815 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2022-21673 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2022-21673 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2022-21698 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-21698 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-21702 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N CVE-2022-21702 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2022-21703 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N CVE-2022-21703 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2022-21713 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2022-21713 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Affected Products:	HPE Helion OpenStack 8 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise High Performance Computing 12 SP2 SUSE Linux Enterprise High Performance Computing 12 SP3 SUSE Linux Enterprise High Performance Computing 12 SP4 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3 BCL 12-SP3 SUSE Linux Enterprise Server 12 SP3 ESPOS 12-SP3 SUSE Linux Enterprise Server 12 SP3 LTSS 12-SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4 ESPOS 12-SP4 SUSE Linux Enterprise Server 12 SP4 LTSS 12-SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Server for SAP Applications 12 SP1 SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2 SUSE Manager Client Tools for SLE 12 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9

An update that solves 13 vulnerabilities and contains five features can now be installed.

Description:

This update fixes the following issues:

golang-github-QubitProducts-exporter_exporter:

Adapted to build on Enterprise Linux.
Fix build for RedHat 7
Require Go >= 1.14 also for CentOS
Add support for CentOS
Replace %{?systemd_requires} with %{?systemd_ordering}

golang-github-prometheus-alertmanager:

CVE-2022-21698: Denial of service using InstrumentHandlerCounter.
Update vendor tarball with prometheus/client_golang 1.11.1 (bsc#1196338, jsc#SLE-24077)
Update required Go version to 1.16
Update to version 0.23.0:
amtool: Detect version drift and warn users (#2672)
Add ability to skip TLS verification for amtool (#2663)
Fix empty isEqual in amtool. (#2668)
Fix main tests (#2670)
cli: add new template render command (#2538)
OpsGenie: refer to alert instead of incident (#2609)
Docs: target_match and source_match are DEPRECATED (#2665)
Fix test not waiting for cluster member to be ready
Added hardening to systemd service(s) (bsc#1181400)

golang-github-prometheus-node_exporter:

CVE-2022-21698: Denial of service using InstrumentHandlerCounter.
Update vendor tarball with prometheus/client_golang 1.11.1 (bsc#1196338, jsc#SLE-24238, jsc#SLE-24239)
Update to 1.3.0
[CHANGE] Add path label to rapl collector #2146
[CHANGE] Exclude filesystems under /run/credentials #2157
[CHANGE] Add TCPTimeouts to netstat default filter #2189
[FEATURE] Add lnstat collector for metrics from /proc/net/stat/ #1771
[FEATURE] Add darwin powersupply collector #1777
[FEATURE] Add support for monitoring GPUs on Linux #1998
[FEATURE] Add Darwin thermal collector #2032
[FEATURE] Add os release collector #2094
[FEATURE] Add netdev.address-info collector #2105
[FEATURE] Add clocksource metrics to time collector #2197
[ENHANCEMENT] Support glob textfile collector directories #1985
[ENHANCEMENT] ethtool: Expose node_ethtool_info metric #2080
[ENHANCEMENT] Use include/exclude flags for ethtool filtering #2165
[ENHANCEMENT] Add flag to disable guest CPU metrics #2123
[ENHANCEMENT] Add DMI collector #2131
[ENHANCEMENT] Add threads metrics to processes collector #2164
[ENHANCMMENT] Reduce timer GC delays in the Linux filesystem collector #2169
[ENHANCMMENT] Add TCPTimeouts to netstat default filter #2189
[ENHANCMMENT] Use SysctlTimeval for boottime collector on BSD #2208
[BUGFIX] ethtool: Sanitize metric names #2093
[BUGFIX] Fix ethtool collector for multiple interfaces #2126
[BUGFIX] Fix possible panic on macOS #2133
[BUGFIX] Collect flag_info and bug_info only for one core #2156
[BUGFIX] Prevent duplicate ethtool metric names #2187
Update to 1.2.2
Bug fixes Fix processes collector long int parsing #2112
Update to 1.2.1
Removed Remove obsolete capture permission denied error patch that is already included upstream Fix zoneinfo parsing prometheus/procfs#386 Fix nvme collector log noise #2091 Fix rapl collector log noise #2092
Update to 1.2.0
Changes Rename filesystem collector flags to match other collectors #2012 Make node_exporter print usage to STDOUT #203
Features Add conntrack statistics metrics #1155 Add ethtool stats collector #1832 Add flag to ignore network speed if it is unknown #1989 Add tapestats collector for Linux #2044 Add nvme collector #2062
Enhancements Add ErrorLog plumbing to promhttp #1887 Add more Infiniband counters #2019 netclass: retrieve interface names and filter before parsing #2033 Add time zone offset metric #2060 Handle errors from disabled PSI subsystem #1983 Fix panic when using backwards compatible flags #2000 Fix wrong value for OpenBSD memory buffer cache #2015 Only initiate collectors once #2048 Handle small backwards jumps in CPU idle #2067
Apply patch to capture permission denied error for "energy_uj" file (bsc#1190535)

grafana:

Update to version 8.3.5 (jsc#SLE-23439, jsc#SLE-23422)
Security:
- Fixes XSS vulnerability in handling data sources (bsc#1195726, CVE-2022-21702)
- Fixes cross-origin request forgery vulnerability (bsc#1195727, CVE-2022-21703)
- Fixes Insecure Direct Object Reference vulnerability in Teams API (bsc#1195728, CVE-2022-21713)
Update to Go 1.17.
Add build-time dependency on wire.
Update license to GNU Affero General Public License v3.0.
Update to version 8.3.4
- GetUserInfo: return an error if no user was found (bsc#1194873, CVE-2022-21673)
Features and enhancements:
- Alerting: Allow configuration of non-ready alertmanagers.
- Alerting: Allow customization of Google chat message.
- AppPlugins: Support app plugins with only default nav.
- InfluxDB: query editor: skip fields in metadata queries.
- Postgres/MySQL/MSSQL: Cancel in-flight SQL query if user cancels query in grafana.
- Prometheus: Forward oauth tokens after prometheus datasource migration.
Bug fixes:
- Azure Monitor: Bug fix for variable interpolations in metrics dropdowns.
- Azure Monitor: Improved error messages for variable queries.
- CloudMonitoring: Fixes broken variable queries that use group bys.
- Configuration: You can now see your expired API keys if you have no active ones.
- Elasticsearch: Fix handling multiple datalinks for a single field.
- Export: Fix error being thrown when exporting dashboards using query variables that reference the default datasource.
- ImportDashboard: Fixes issue with importing dashboard and name ending up in uid.
- Login: Page no longer overflows on mobile.
- Plugins: Set backend metadata property for core plugins.
- Prometheus: Fill missing steps with null values.
- Prometheus: Fix interpolation of $__rate_interval variable.
- Prometheus: Interpolate variables with curly brackets syntax.
- Prometheus: Respect the http-method data source setting.
- Table: Fixes issue with field config applied to wrong fields when hiding columns.
- Toolkit: Fix bug with rootUrls not being properly parsed when signing a private plugin.
- Variables: Fix so data source variables are added to adhoc configuration.
Plugin development fixes & changes:
- Toolkit: Revert build config so tslib is bundled with plugins to prevent plugins from crashing.
Update to version 8.3.3:
- BarChart: Use new data error view component to show actions in panel edit.
- CloudMonitor: Iterate over pageToken for resources.
- Macaron: Prevent WriteHeader invalid HTTP status code panic.
- AnnoListPanel: Fix interpolation of variables in tags.
- CloudWatch: Allow queries to have no dimensions specified.
- CloudWatch: Fix broken queries for users migrating from 8.2.4/8.2.5 to 8.3.0.
- CloudWatch: Make sure MatchExact flag gets the right value.
- Dashboards: Fix so that empty folders can be deleted from the manage dashboards/folders page.
- InfluxDB: Improve handling of metadata query errors in InfluxQL.
- Loki: Fix adding of ad hoc filters for queries with parser and line_format expressions.
- Prometheus: Fix running of exemplar queries for non-histogram metrics.
- Prometheus: Interpolate template variables in interval.
- StateTimeline: Fix toolitp not showing when for frames with multiple fields.
- TraceView: Fix virtualized scrolling when trace view is opened in right pane in Explore.
- Variables: Fix repeating panels for on time range changed variables.
- Variables: Fix so queryparam option works for scoped
Update to version 8.3.2
Security: Fixes CVE-2021-43813 and CVE-2021-43815.
Update to version 8.3.1
Security: Fixes CVE-2021-43798.
Update to version 8.3.0
- Alerting: Prevent folders from being deleted when they contain alerts.
- Alerting: Show full preview value in tooltip.
- BarGauge: Limit title width when name is really long.
- CloudMonitoring: Avoid to escape regexps in filters.
- CloudWatch: Add support for AWS Metric Insights.
- TooltipPlugin: Remove other panels' shared tooltip in edit panel.
- Visualizations: Limit y label width to 40% of visualization width.
- Alerting: Clear alerting rule evaluation errors after intermittent failures.
- Alerting: Fix refresh on legacy Alert List panel.
- Dashboard: Fix queries for panels with non-integer widths.
- Explore: Fix url update inconsistency.
- Prometheus: Fix range variables interpolation for time ranges smaller than 1 second.
- ValueMappings: Fixes issue with regex value mapping that only sets color.
Update to version 8.3.0-beta2
Breaking changes:
- Grafana 8 Alerting enabled by default for installations that do not use legacy alerting.
- Keep Last State for "If execution error or timeout" when upgrading to Grafana 8 alerting.
- Alerting: Create DatasourceError alert if evaluation returns error.
- Alerting: Make Unified Alerting enabled by default for those who do not use legacy alerting.
- Alerting: Support mute timings configuration through the api for the embedded alert manager.
- CloudWatch: Add missing AWS/Events metrics.
- Docs: Add easier to find deprecation notices to certain data sources and to the changelog.
- Plugins Catalog: Enable install controls based on the pluginAdminEnabled flag.
- Table: Add space between values for the DefaultCell and JSONViewCell.
- Tracing: Make query editors available in dashboard for Tempo and Zipkin.
- AccessControl: Renamed orgs roles, removed fixed:orgs:reader introduced in beta1.
- Azure Monitor: Add trap focus for modals in grafana/ui and other small a11y fixes for Azure Monitor.
- CodeEditor: Prevent suggestions from being clipped.
- Dashboard: Fix cache timeout persistence.
- Datasource: Fix stable sort order of query responses.
- Explore: Fix error in query history when removing last item.
- Logs: Fix requesting of older logs when flipped order.
- Prometheus: Fix running of health check query based on access mode.
- TextPanel: Fix suggestions for existing panels.
- Tracing: Fix incorrect indentations due to reoccurring spanIDs.
- Tracing: Show start time of trace with milliseconds precision.
- Variables: Make renamed or missing variable section expandable.
- Select: Select menus now properly scroll during keyboard navigation.
Update to version 8.3.0-beta1
- Alerting: Add UI for contact point testing with custom annotations and labels.
- Alerting: Make alert state indicator in panel header work with Grafana 8 alerts.
- Alerting: Option for Discord notifier to use webhook name.
- Annotations: Deprecate AnnotationsSrv.
- Auth: Omit all base64 paddings in JWT tokens for the JWT auth.
- Azure Monitor: Clean up fields when editing Metrics.
- AzureMonitor: Add new starter dashboards.
- AzureMonitor: Add starter dashboard for app monitoring with Application Insights.
- Barchart/Time series: Allow x axis label.
- CLI: Improve error handling for installing plugins.
- CloudMonitoring: Migrate to use backend plugin SDK contracts.
- CloudWatch Logs: Add retry strategy for hitting max concurrent queries.
- CloudWatch: Add AWS RoboMaker metrics and dimension.
- CloudWatch: Add AWS Transfer metrics and dimension.
- Dashboard: replace datasource name with a reference object.
- Dashboards: Show logs on time series when hovering.
- Elasticsearch: Add support for Elasticsearch 8.0 (Beta).
- Elasticsearch: Add time zone setting to Date Histogram aggregation.
- Elasticsearch: Enable full range log volume histogram.
- Elasticsearch: Full range logs volume.
- Explore: Allow changing the graph type.
- Explore: Show ANSI colors when highlighting matched words in the logs panel.
- Graph(old) panel: Listen to events from Time series panel.
- Import: Load gcom dashboards from URL.
- LibraryPanels: Improves export and import of library panels between orgs.
- OAuth: Support PKCE.
- Panel edit: Overrides now highlight correctly when searching.
- PanelEdit: Display drag indicators on draggable sections.
- Plugins: Refactor Plugin Management.
- Prometheus: Add custom query parameters when creating PromLink url.
- Prometheus: Remove limits on metrics, labels, and values in Metrics Browser.
- StateTimeline: Share cursor with rest of the panels.
- Tempo: Add error details when json upload fails.
- Tempo: Add filtering for service graph query.
- Tempo: Add links to nodes in Service Graph pointing to Prometheus metrics.
- Time series/Bar chart panel: Add ability to sort series via legend.
- TimeSeries: Allow multiple axes for the same unit.
- TraceView: Allow span links defined on dataFrame.
- Transformations: Support a rows mode in labels to fields.
- ValueMappings: Don't apply field config defaults to time fields.
- Variables: Only update panels that are impacted by variable change.
- API: Fix dashboard quota limit for imports.
- Alerting: Fix rule editor issues with Azure Monitor data source.
- Azure monitor: Make sure alert rule editor is not enabled when template variables are being used.
- CloudMonitoring: Fix annotation queries.
- CodeEditor: Trigger the latest getSuggestions() passed to CodeEditor.
- Dashboard: Remove the current panel from the list of options in the Dashboard datasource.
- Encryption: Fix decrypting secrets in alerting migration.
- InfluxDB: Fix corner case where index is too large in ALIAS
- NavBar: Order App plugins alphabetically.
- NodeGraph: Fix zooming sensitivity on touchpads.
- Plugins: Add OAuth pass-through logic to api/ds/query endpoint.
- Snapshots: Fix panel inspector for snapshot data.
- Tempo: Fix basic auth password reset on adding tag.
- ValueMapping: Fixes issue with regex mappings.
- grafana/ui: Enable slider marks display.
Update to version 8.2.7
Update to version 8.2.6
- Security: Upgrade Docker base image to Alpine 3.14.3.
- Security: Upgrade Go to 1.17.2.
- TimeSeries: Fix fillBelowTo wrongly affecting fills of unrelated series.
Update to version 8.2.5
- Fix No Data behaviour in Legacy Alerting.
- Alerting: Fix a bug where the metric in the evaluation string was not correctly populated.
- Alerting: Fix no data behaviour in Legacy Alerting for alert rules using the AND operator.
- CloudMonitoring: Ignore min and max aggregation in MQL queries.
- Dashboards: 'Copy' is no longer added to new dashboard titles.
- DataProxy: Fix overriding response body when response is a WebSocket upgrade.
- Elasticsearch: Use field configured in query editor as field for date_histogram aggregations.
- Explore: Fix running queries without a datasource property set.
- InfluxDB: Fix numeric aliases in queries.
- Plugins: Ensure consistent plugin settings list response.
- Tempo: Fix validation of float durations.
- Tracing: Correct tags for each span are shown.
Update to version 8.2.4
Security: Fixes CVE-2021-41244.
Update to version 8.2.3
Security: Fixes CVE-2021-41174.
Update to version 8.2.2
- Annotations: We have improved tag search performance.
- Application: You can now configure an error-template title.
- AzureMonitor: We removed a restriction from the resource filter query.
- Packaging: We removed the ProcSubset option in systemd. This option prevented Grafana from starting in LXC environments.
- Prometheus: We removed the autocomplete limit for metrics.
- Table: We improved the styling of the type icons to make them more distinct from column / field name.
- ValueMappings: You can now use value mapping in stat, gauge, bar gauge, and pie chart visualizations.
- Alerting: Fix panic when Slack's API sends unexpected response.
- Alerting: The Create Alert button now appears on the dashboard panel when you are working with a default datasource.
- Explore: We fixed the problem where the Explore log panel disappears when an Elasticsearch logs query returns no results.
- Graph: You can now see annotation descriptions on hover.
- Logs: The system now uses the JSON parser only if the line is parsed to an object.
- Prometheus: We fixed the issue where the system did not reuse TCP connections when querying from Grafana alerting.
- Prometheus: We fixed the problem that resulted in an error when a user created a query with a $__interval min step.
- RowsToFields: We fixed the issue where the system was not properly interpreting number values.
- Scale: We fixed how the system handles NaN percent when data min = data max.
- Table panel: You can now create a filter that includes special characters.
Update to version 8.2.1
- Dashboard: Fix rendering of repeating panels.
- Datasources: Fix deletion of data source if plugin is not found.
- Packaging: Remove systemcallfilters sections from systemd unit files.
- Prometheus: Add Headers to HTTP client options.
Update to version 8.2.0
- AWS: Updated AWS authentication documentation.
- Alerting: Added support Alertmanager data source for upstream Prometheus AM implementation.
- Alerting: Allows more characters in label names so notifications are sent.
- Alerting: Get alert rules for a dashboard or a panel using /api/v1/rules endpoints.
- Annotations: Improved rendering performance of event markers.
- CloudWatch Logs: Skip caching for log queries.
- Explore: Added an opt-in configuration for Node Graph in Jaeger, Zipkin, and Tempo.
- Packaging: Add stricter systemd unit options.
- Prometheus: Metrics browser can now handle label values with
- CodeEditor: Ensure that we trigger the latest onSave callback provided to the component.
- DashboardList/AlertList: Fix for missing All folder value.
- Plugins: Create a mock icon component to prevent console errors.
Update to version 8.2.0-beta2
- AccessControl: Document new permissions restricting data source access.
- TimePicker: Add fiscal years and search to time picker.
- Alerting: Added support for Unified Alerting with Grafana HA.
- Alerting: Added support for tune rule evaluation using configuration options.
- Alerting: Cleanups alertmanager namespace from key-value store when disabling Grafana 8 alerts.
- Alerting: Remove ngalert feature toggle and introduce two new settings for enabling Grafana 8 alerts and disabling them for specific organisations.
- CloudWatch: Introduced new math expression where it is necessary to specify the period field.
- InfluxDB: Added support for $__interval and $__interval_ms in Flux queries for alerting.
- InfluxDB: Flux queries can use more precise start and end timestamps with nanosecond-precision.
- Plugins Catalog: Make the catalog the default way to interact with plugins.
- Prometheus: Removed autocomplete limit for metrics.
- Alerting: Fixed an issue where the edit page crashes if you tried to preview an alert without a condition set.
- Alerting: Fixed rules migration to keep existing Grafana 8 alert rules.
- Alerting: Fixed the silence file content generated during
- Analytics: Fixed an issue related to interaction event propagation in Azure Application Insights.
- BarGauge: Fixed an issue where the cell color was lit even though there was no data.
- BarGauge: Improved handling of streaming data.
- CloudMonitoring: Fixed INT64 label unmarshal error.
- ConfirmModal: Fixes confirm button focus on modal open.
- Dashboard: Add option to generate short URL for variables with values containing spaces.
- Explore: No longer hides errors containing refId property.
- Fixed an issue that produced State timeline panel tooltip error when data was not in sync.
- InfluxDB: InfluxQL query editor is set to always use resultFormat.
- Loki: Fixed creating context query for logs with parsed labels.
- PageToolbar: Fixed alignment of titles.
- Plugins Catalog: Update to the list of available panels after an install, update or uninstall.
- TimeSeries: Fixed an issue where the shared cursor was not showing when hovering over in old Graph panel.
- Variables: Fixed issues related to change of focus or refresh pages when pressing enter in a text box variable input.
- Variables: Panel no longer crash when using the adhoc variable in data links.
Update to version 8.2.0-beta1
- AccessControl: Introduce new permissions to restrict access for reloading provisioning configuration.
- Alerting: Add UI to edit Cortex/Loki namespace, group names, and group evaluation interval.
- Alerting: Add a Test button to test contact point.
- Alerting: Allow creating/editing recording rules for Loki and Cortex.
- Alerting: Metrics should have the label org instead of user.
- Alerting: Sort notification channels by name to make them easier to locate.
- Alerting: Support org level isolation of notification
- AzureMonitor: Add data links to deep link to Azure Portal Azure Resource Graph.
- AzureMonitor: Add support for annotations from Azure Monitor Metrics and Azure Resource Graph services.
- AzureMonitor: Show error message when subscriptions request fails in ConfigEditor.
- Chore: Update to Golang 1.16.7.
- CloudWatch Logs: Add link to X-Ray data source for trace IDs in logs.
- CloudWatch Logs: Disable query path using websockets (Live) feature.
- CloudWatch/Logs: Don't group dataframes for non time series
- Cloudwatch: Migrate queries that use multiple stats to one query per stat.
- Dashboard: Keep live timeseries moving left (v2).
- Datasources: Introduce response_limit for datasource responses.
- Explore: Add filter by trace or span ID to trace to logs
- Explore: Download traces as JSON in Explore Inspector.
- Explore: Reuse Dashboard's QueryRows component.
- Explore: Support custom display label for derived fields buttons for Loki datasource.
- Grafana UI: Update monaco-related dependencies.
- Graphite: Deprecate browser access mode.
- InfluxDB: Improve handling of intervals in alerting.
- InfluxDB: InfluxQL query editor: Handle unusual characters in tag values better.
- Jaeger: Add ability to upload JSON file for trace data.
- LibraryElements: Enable specifying UID for new and existing library elements.
- LibraryPanels: Remove library panel icon from the panel header so you can no longer tell that a panel is a library panel from the dashboard view.
- Logs panel: Scroll to the bottom on page refresh when sorting in ascending order.
- Loki: Add fuzzy search to label browser.
- Navigation: Implement active state for items in the Sidemenu.
- Packaging: Update PID file location from /var/run to /run.
- Plugins: Add Hide OAuth Forward config option.
- Postgres/MySQL/MSSQL: Add setting to limit the maximum number of rows processed.
- Prometheus: Add browser access mode deprecation warning.
- Prometheus: Add interpolation for built-in-time variables to backend.
- Tempo: Add ability to upload trace data in JSON format.
- TimeSeries/XYChart: Allow grid lines visibility control in XYChart and TimeSeries panels.
- Transformations: Convert field types to time string number or boolean.
- Value mappings: Add regular-expression based value mapping.
- Zipkin: Add ability to upload trace JSON.
- Admin: Prevent user from deleting user's current/active organization.
- LibraryPanels: Fix library panel getting saved in the dashboard's folder.
- OAuth: Make generic teams URL and JMES path configurable.
- QueryEditor: Fix broken copy-paste for mouse middle-click
- Thresholds: Fix undefined color in "Add threshold".
- Timeseries: Add wide-to-long, and fix multi-frame output.
- TooltipPlugin: Fix behavior of Shared Crosshair when Tooltip is set to All.
- Grafana UI: Fix TS error property css is missing in type.
Update to version 8.1.8
Update to version 8.1.7
- Alerting: Fix alerts with evaluation interval more than 30 seconds resolving before notification.
- Elasticsearch/Prometheus: Fix usage of proper SigV4 service namespace.
Update to version 8.1.6
Security: Fixes CVE-2021-39226.
Update to version 8.1.5
- BarChart: Fixes panel error that happens on second refresh.
Update to version 8.1.4
Features and enhancements
- Explore: Ensure logs volume bar colors match legend colors.
- LDAP: Search all DNs for users.
- Alerting: Fix notification channel migration.
- Annotations: Fix blank panels for queries with unknown data sources.
- BarChart: Fix stale values and x axis labels.
- Graph: Make old graph panel thresholds work even if ngalert is enabled.
- InfluxDB: Fix regex to identify / as separator.
- LibraryPanels: Fix update issues related to library panels in rows.
- Variables: Fix variables not updating inside a Panel when the preceding Row uses "Repeat For".
Update to version 8.1.3
Bug fixes
- Alerting: Fix alert flapping in the internal alertmanager.
- Alerting: Fix request handler failed to convert dataframe "results" to plugins.DataTimeSeriesSlice: input frame is not recognized as a time series.
- Dashboard: Fix UIDs are not preserved when importing/creating dashboards thru importing .json file.
- Dashboard: Forces panel re-render when exiting panel edit.
- Dashboard: Prevent folder from changing when navigating to general settings.
- Docker: Force use of libcrypto1.1 and libssl1.1 versions to fix CVE-2021-3711.
- Elasticsearch: Fix metric names for alert queries.
- Elasticsearch: Limit Histogram field parameter to numeric values.
- Elasticsearch: Prevent pipeline aggregations to show up in terms order by options.
- LibraryPanels: Prevent duplicate repeated panels from being created.
- Loki: Fix ad-hoc filter in dashboard when used with parser.
- Plugins: Track signed files + add warn log for plugin assets which are not signed.
- Postgres/MySQL/MSSQL: Fix region annotations not displayed correctly.
- Prometheus: Fix validate selector in metrics browser.
- Security: Fix stylesheet injection vulnerability.
- Security: Fix short URL vulnerability.
Update to version 8.1.2
- AzureMonitor: Add support for PostgreSQL and MySQL Flexible Servers.
- Datasource: Change HTTP status code for failed datasource health check to 400.
- Explore: Add span duration to left panel in trace viewer.
- Plugins: Use file extension allowlist when serving plugin assets instead of checking for UNIX executable.
- Profiling: Add support for binding pprof server to custom network interfaces.
- Search: Make search icon keyboard navigable.
- Template variables: Keyboard navigation improvements.
- Tooltip: Display ms within minute time range.
- Alerting: Fix saving LINE contact point.
- Annotations: Fix alerting annotation coloring.
- Annotations: Alert annotations are now visible in the correct Panel.
- Auth: Hide SigV4 config UI and disable middleware when its config flag is disabled.
- Dashboard: Prevent incorrect panel layout by comparing window width against theme breakpoints.
- Explore: Fix showing of full log context.
- PanelEdit: Fix 'Actual' size by passing the correct panel size to Dashboard.
- Plugins: Fix TLS datasource settings.
- Variables: Fix issue with empty drop downs on navigation.
- Variables: Fix URL util converting false into true.
- Toolkit: Fix matchMedia not found error.
Update to version 8.1.1
- CloudWatch Logs: Fix crash when no region is selected.
Update to version 8.1.0
- Alerting: Deduplicate receivers during migration.
- ColorPicker: Display colors as RGBA.
- Select: Make portalling the menu opt-in, but opt-in everywhere.
- TimeRangePicker: Improve accessibility.
- Annotations: Correct annotations that are displayed upon page refresh.
- Annotations: Fix Enabled button that disappeared from Grafana v8.0.6.
- Annotations: Fix data source template variable that was not available for annotations.
- AzureMonitor: Fix annotations query editor that does not load.
- Geomap: Fix scale calculations.
- GraphNG: Fix y-axis autosizing.
- Live: Display stream rate and fix duplicate channels in list
- Loki: Update labels in log browser when time range changes in dashboard.
- NGAlert: Send resolve signal to alertmanager on alerting -> Normal.
- PasswordField: Prevent a password from being displayed when you click the Enter button.
- Renderer: Remove debug.log file when Grafana is stopped.
- Security: Update dependencies to fix CVE-2021-36222.
Update to version 8.1.0-beta3
- Alerting: Support label matcher syntax in alert rule list filter.
- IconButton: Put tooltip text as aria-label.
- Live: Experimental HA with Redis.
- UI: FileDropzone component.
- CloudWatch: Add AWS LookoutMetrics.
- Docker: Fix builds by delaying go mod verify until all required files are copied over.
- Exemplars: Fix disable exemplars only on the query that failed.
- SQL: Fix SQL dataframe resampling (fill mode + time intervals).
Update to version 8.1.0-beta2
- Alerting: Expand the value string in alert annotations and
- Auth: Add Azure HTTP authentication middleware.
- Auth: Auth: Pass user role when using the authentication proxy.
- Gazetteer: Update countries.json file to allow for linking to 3-letter country codes.
- Config: Fix Docker builds by correcting formatting in sample.ini.
- Explore: Fix encoding of internal URLs.
Update to version 8.1.0-beta1
- Alerting: Add Alertmanager notifications tab.
- Alerting: Add button to deactivate current Alertmanager
- Alerting: Add toggle in Loki/Prometheus data source configuration to opt out of alerting UI.
- Alerting: Allow any "evaluate for" value >=0 in the alert rule form.
- Alerting: Load default configuration from status endpoint, if Cortex Alertmanager returns empty user configuration.
- Alerting: view to display alert rule and its underlying data.
- Annotation panel: Release the annotation panel.
- Annotations: Add typeahead support for tags in built-in annotations.
- AzureMonitor: Add curated dashboards for Azure services.
- AzureMonitor: Add support for deep links to Microsoft Azure portal for Metrics.
- AzureMonitor: Remove support for different credentials for Azure Monitor Logs.
- AzureMonitor: Support querying any Resource for Logs queries.
- Elasticsearch: Add frozen indices search support.
- Elasticsearch: Name fields after template variables values instead of their name.
- Elasticsearch: add rate aggregation.
- Email: Allow configuration of content types for email notifications.
- Explore: Add more meta information when line limit is hit.
- Explore: UI improvements to trace view.
- FieldOverrides: Added support to change display name in an override field and have it be matched by a later rule.
- HTTP Client: Introduce dataproxy_max_idle_connections config variable.
- InfluxDB: InfluxQL: adds tags to timeseries data.
- InfluxDB: InfluxQL: make measurement search case insensitive. Legacy Alerting: Replace simplejson with a struct in webhook notification channel.
- Legend: Updates display name for Last (not null) to just Last*.
- Logs panel: Add option to show common labels.
- Loki: Add $__range variable.
- Loki: Add support for "label_values(log stream selector, label)" in templating.
- Loki: Add support for ad-hoc filtering in dashboard.
- MySQL Datasource: Add timezone parameter.
- NodeGraph: Show gradient fields in legend.
- PanelOptions: Don't mutate panel options/field config object when updating.
- PieChart: Make pie gradient more subtle to match other charts.
- Prometheus: Update PromQL typeahead and highlighting.
- Prometheus: interpolate variable for step field.
- Provisioning: Improve validation by validating across all dashboard providers.
- SQL Datasources: Allow multiple string/labels columns with time series.
- Select: Portal select menu to document.body.
- Team Sync: Add group mapping to support team sync in the Generic OAuth provider.
- Tooltip: Make active series more noticeable.
- Tracing: Add support to configure trace to logs start and end time.
- Transformations: Skip merge when there is only a single data frame.
- ValueMapping: Added support for mapping text to color, boolean values, NaN and Null. Improved UI for value mapping.
- Visualizations: Dynamically set any config (min, max, unit, color, thresholds) from query results.
- live: Add support to handle origin without a value for the port when matching with root_url.
- Alerting: Handle marshaling Inf values.
- AzureMonitor: Fix macro resolution for template variables.
- AzureMonitor: Fix queries with Microsoft.NetApp/../../volumes resources.
- AzureMonitor: Request and concat subsequent resource pages.
- Bug: Fix parse duration for day.
- Datasources: Improve error handling for error messages.
- Explore: Correct the functionality of shift-enter shortcut