-
Notifications
You must be signed in to change notification settings - Fork 21
/
Copy path2023.1-update-packages-and-containers-q2-2024-02ed375b9c73ac75.yaml
45 lines (42 loc) · 2.15 KB
/
2023.1-update-packages-and-containers-q2-2024-02ed375b9c73ac75.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
---
features:
- |
Bumped pulp repo versions for Q2 2024
Bumped Kolla image tags for Q2 2024
Bumped prometheus server from 2.38.0 to 2.51.1
Bumped prometheus alertmanager from 0.24.0 to 0.26.0
Bumped prometheus blackbox exporter from 0.23.0 to 0.25.0
Bumped prometheus cadvisor exporter from 0.48.0 to 0.49.1
Bumped prometheus haproxy exporter from 0.13.0 to 0.15.0
Bumped prometheus memcached exporter from 0.10.0 to 0.14.3
Bumped prometheus msteams from 1.5.1 to 1.5.2
Bumped prometheus mtail from 3.0.0-rc50 to 3.0.0-rc53
Bumped prometheus mysqld exporter from 0.15.0 to 0.15.1
Bumped prometheus node exporter from 1.4.0 to 1.7.0
Bumped prometheus openstack exporter from 1.6.0 to 1.7.0
Bumped prometheus ovn exporter from 1.0.6 to 1.0.7
Bumped opensearch from 2.11.1-1 to 2.13.0-1 (Rocky Linux 9)
Bumped opensearch from 2.12.0 to 2.13.0 (Ubuntu Jammy)
Bumped grafana from 10.1.5-1 to 10.4.2-1 (Rocky Linux 9)
Bumped grafana from 10.4.0 to 10.4.2 (Ubuntu Jammy)
security:
- |
Fixed CVE-2023-31047, CVE-2023-23969, CVE-2023-24580, CVE-2023-36053,
CVE-2023-46695, CVE-2023-30861, CVE-2022-4899. CVE-2024-1135,
GHSA-2m57-hf25-phgg, CVE-2023-0286, CVE-2023-50782, CVE-2024-26130
for openstack services.
Fixed CVE-2022-41723, CVE-2023-39325 (except prometheus-alertmanager,
prometheus-msteams-exporter, prometheus-haproxy-exporter,
prometheus-openstack-exporter. No patch available.), CVE-2021-43565,
CVE-2022-27191, CVE-2022-27664, CVE-2021-38561, CVE-2022-21698,
CVE-2021-4238, CVE-2022-40083, CVE-2022-41721, CVE-2021-33194,
CVE-2023-2253, CVE-2023-27561, CVE-2023-28840, CVE-2024-21626,
CVE-2022-32149, CVE-2023-45142, GHSA-m425-mq94-257g
for prometheus server and exporters except prometheus-libvirt-exporter
and prometheus-haproxy-exporter. (Source repository of each are archived
and no longer maintained)
Fixed CVE-2023-39325, CVE-2023-45142, CVE-2023-47108, CVE-2023-49568,
CVE-2023-49569, GHSA-9763-4f94-gfch, GHSA-m425-mq94-257g
for grafana.
It is advised to redeploy service with current version of images from
StackHPC Release Train.