Security update for golang-github-prometheus-node_exporter
| Announcement ID: | SUSE-SU-2022:2137-1 |
|---|---|
| Rating: | important |
| References: | |
| Cross-References: | |
| CVSS scores: |
|
| Affected Products: |
|
An update that solves one vulnerability, contains two features and has two security fixes can now be installed.
Description:
This update for golang-github-prometheus-node_exporter fixes the following issues:
-
CVE-2022-21698: Update vendor tarball with prometheus/client_golang 1.11.1 (bsc#1196338, jsc#SLE-24238, jsc#SLE-24239)
-
Update to 1.3.0
- [CHANGE] Add path label to rapl collector #2146
- [CHANGE] Exclude filesystems under /run/credentials #2157
- [CHANGE] Add TCPTimeouts to netstat default filter #2189
- [FEATURE] Add lnstat collector for metrics from /proc/net/stat/ #1771
- [FEATURE] Add darwin powersupply collector #1777
- [FEATURE] Add support for monitoring GPUs on Linux #1998
- [FEATURE] Add Darwin thermal collector #2032
- [FEATURE] Add os release collector #2094
- [FEATURE] Add netdev.address-info collector #2105
- [FEATURE] Add clocksource metrics to time collector #2197
- [ENHANCEMENT] Support glob textfile collector directories #1985
- [ENHANCEMENT] ethtool: Expose node_ethtool_info metric #2080
- [ENHANCEMENT] Use include/exclude flags for ethtool filtering #2165
- [ENHANCEMENT] Add flag to disable guest CPU metrics #2123
- [ENHANCEMENT] Add DMI collector #2131
- [ENHANCEMENT] Add threads metrics to processes collector #2164
- [ENHANCMMENT] Reduce timer GC delays in the Linux filesystem collector #2169
- [ENHANCMMENT] Add TCPTimeouts to netstat default filter #2189
- [ENHANCMMENT] Use SysctlTimeval for boottime collector on BSD #2208
- [BUGFIX] ethtool: Sanitize metric names #2093
- [BUGFIX] Fix ethtool collector for multiple interfaces #2126
- [BUGFIX] Fix possible panic on macOS #2133
- [BUGFIX] Collect flag_info and bug_info only for one core #2156
-
[BUGFIX] Prevent duplicate ethtool metric names #2187
-
Update to 1.2.2
-
Bug fixes Fix processes collector long int parsing #2112
-
Update to 1.2.1
- Removed Remove obsolete capture permission denied error patch that was already included upstream.
-
Bug fixes Fix zoneinfo parsing prometheus/procfs#386 Fix nvme collector log noise #2091 Fix rapl collector log noise #2092
-
Update to 1.2.0
- Changes Rename filesystem collector flags to match other collectors #2012 Make node_exporter print usage to STDOUT #203
- Features Add conntrack statistics metrics #1155 Add ethtool stats collector #1832 Add flag to ignore network speed if it is unknown #1989 Add tapestats collector for Linux #2044 Add nvme collector #2062
- Enhancements Add ErrorLog plumbing to promhttp #1887 Add more Infiniband counters #2019 netclass: retrieve interface names and filter before parsing #2033 Add time zone offset metric #2060
-
Bug fixes Handle errors from disabled PSI subsystem #1983 Fix panic when using backwards compatible flags #2000 Fix wrong value for OpenBSD memory buffer cache #2015 Only initiate collectors once #2048 Handle small backwards jumps in CPU idle #2067
-
Capture permission denied error for "energy_uj" file (bsc#1190535)
-
Update to 1.1.2
-
Bug fixes
- Handle errors from disabled PSI subsystem #1983
- Sanitize strings from /sys/class/power_supply #1984
- Silence missing netclass errors #1986
-
Trim old specfile constructs
-
Migrate to obs_scm
- Migrate to go_modules
- Update to 1.1.1
- Bug fixes
- Fix ineffassign issue #1957
- Fix some noisy log lines #1962
- Update to 1.1.0
- Changes
- Improve filter flag names #1743
- Add btrfs and powersupplyclass to list of exporters enabled by default #1897
- Features
- Add fibre channel collector #1786
- Expose cpu bugs and flags as info metrics. #1788
- Add network_route collector #1811
- Add zoneinfo collector #1922
- Enhancements
- Add more InfiniBand counters #1694
- Add flag to aggr ipvs metrics to avoid high cardinality metrics #1709
- Adding backlog/current queue length to qdisc collector #1732
- Include TCP OutRsts in netstat metrics #1733
- Add pool size to entropy collector #1753
- Remove CGO dependencies for OpenBSD amd64 #1774
- bcache: add writeback_rate_debug stats #1658
- Add check state for mdadm arrays via node_md_state metric #1810
- Expose XFS inode statistics #1870
- Expose zfs zpool state #1878
- Added an ability to pass collector.supervisord.url via SUPERVISORD_URL environment variable #1947
-
Bug fixes
- filesystem_freebsd: Fix label values #1728
- Fix various procfs parsing errors #1735
- Handle no data from powersupplyclass #1747
- udp_queues_linux.go: change upd to udp in two error strings #1769
- Fix node_scrape_collector_success behaviour #1816
- Fix NodeRAIDDegraded to not use a string rule expressions #1827
- Fix node_md_disks state label from fail to failed #1862
- Handle EPERM for syscall in timex collector #1938
- bcache: fix typo in a metric name #1943
- Fix XFS read/write stats (https://github.com/prometheus/procfs/pull/343)
-
Do not include sources (bsc#1151558)
- Remove rc symlink
Patch Instructions:
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
-
SUSE Linux Enterprise Server ESPOS 15
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-2137=1 -
SUSE Linux Enterprise High Performance Computing 15 LTSS 15
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-2137=1 -
SUSE Linux Enterprise Server 15 LTSS 15
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-2137=1 -
SUSE Linux Enterprise Server for SAP Applications 15
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-2137=1
Package List:
-
SUSE Linux Enterprise Server ESPOS 15 (aarch64 x86_64)
- golang-github-prometheus-node_exporter-1.3.0-150000.3.12.1
-
SUSE Linux Enterprise High Performance Computing 15 LTSS 15 (aarch64 x86_64)
- golang-github-prometheus-node_exporter-1.3.0-150000.3.12.1
-
SUSE Linux Enterprise Server 15 LTSS 15 (aarch64 ppc64le s390x x86_64)
- golang-github-prometheus-node_exporter-1.3.0-150000.3.12.1
-
SUSE Linux Enterprise Server for SAP Applications 15 (ppc64le x86_64)
- golang-github-prometheus-node_exporter-1.3.0-150000.3.12.1