|
| 1 | +--- |
| 2 | +features: |
| 3 | + - | |
| 4 | + Bumped pulp repo versions for Q2 2024 |
| 5 | + Bumped Kolla image tags for Q2 2024 |
| 6 | + Bumped prometheus server from 2.38.0 to 2.51.1 |
| 7 | + Bumped prometheus alertmanager from 0.24.0 to 0.26.0 |
| 8 | + Bumped prometheus blackbox exporter from 0.23.0 to 0.25.0 |
| 9 | + Bumped prometheus cadvisor exporter from 0.48.0 to 0.49.1 |
| 10 | + Bumped prometheus haproxy exporter from 0.13.0 to 0.15.0 |
| 11 | + Bumped prometheus memcached exporter from 0.10.0 to 0.14.3 |
| 12 | + Bumped prometheus msteams from 1.5.1 to 1.5.2 |
| 13 | + Bumped prometheus mtail from 3.0.0-rc50 to 3.0.0-rc53 |
| 14 | + Bumped prometheus mysqld exporter from 0.15.0 to 0.15.1 |
| 15 | + Bumped prometheus node exporter from 1.4.0 to 1.7.0 |
| 16 | + Bumped prometheus openstack exporter from 1.6.0 to 1.7.0 |
| 17 | + Bumped prometheus ovn exporter from 1.0.6 to 1.0.7 |
| 18 | + Bumped opensearch from 2.11.1-1 to 2.13.0-1 (Rocky Linux 9) |
| 19 | + Bumped opensearch from 2.12.0 to 2.13.0 (Ubuntu Jammy) |
| 20 | + Bumped grafana from 10.1.5-1 to 10.4.2-1 (Rocky Linux 9) |
| 21 | + Bumped grafana from 10.4.0 to 10.4.2 (Ubuntu Jammy) |
| 22 | +security: |
| 23 | + - | |
| 24 | + Fixed CVE-2023-31047, CVE-2023-23969, CVE-2023-24580, CVE-2023-36053, |
| 25 | + CVE-2023-46695, CVE-2023-30861, CVE-2022-4899. CVE-2024-1135, |
| 26 | + GHSA-2m57-hf25-phgg, CVE-2023-0286, CVE-2023-50782, CVE-2024-26130 |
| 27 | + for openstack services. |
| 28 | +
|
| 29 | + Fixed CVE-2022-41723, CVE-2023-39325 (except prometheus-alertmanager, |
| 30 | + prometheus-msteams-exporter, prometheus-haproxy-exporter, |
| 31 | + prometheus-openstack-exporter. No patch available.), CVE-2021-43565, |
| 32 | + CVE-2022-27191, CVE-2022-27664, CVE-2021-38561, CVE-2022-21698, |
| 33 | + CVE-2021-4238, CVE-2022-40083, CVE-2022-41721, CVE-2021-33194, |
| 34 | + CVE-2023-2253, CVE-2023-27561, CVE-2023-28840, CVE-2024-21626, |
| 35 | + CVE-2022-32149, CVE-2023-45142, GHSA-m425-mq94-257g |
| 36 | + for prometheus server and exporters except prometheus-libvirt-exporter |
| 37 | + and prometheus-haproxy-exporter. (Source repository of each are archived |
| 38 | + and no longer maintained) |
| 39 | +
|
| 40 | + Fixed CVE-2023-39325, CVE-2023-45142, CVE-2023-47108, CVE-2023-49568, |
| 41 | + CVE-2023-49569, GHSA-9763-4f94-gfch, GHSA-m425-mq94-257g |
| 42 | + for grafana. |
| 43 | +
|
| 44 | + It is advised to redeploy service with current version of images from |
| 45 | + StackHPC Release Train. |
0 commit comments