This update fixes the following issues:
golang-github-lusitaniae-apache_exporter:
- Security issues fixed:
- CVE-2022-32149: Fix denial of service vulnerability (bsc#1204501)
- CVE-2022-41723: Fix uncontrolled resource consumption (bsc#1208270)
- CVE-2022-46146: Fix authentication bypass vulnarability (bsc#1208046)
- Changes and bugs fixed:
- Updated to 1.0.0 (jsc#PED-5405)
- Improved flag parsing
- Added support for custom headers
- Changes from 0.13.1
- Fix panic caused by missing flagConfig options
- Changes from 0.11.0 (jsc#SLE-24791)
- Add TLS support
- Switch to logger, please check --log.level and --log.format flags
- Changes from 0.10.1
- Bugfix: Reset ProxyBalancer metrics on each scrape to
remove stale data
- Changes from 0.10.0
- Add Apache Proxy and other metrics
- Changes from 0.8.0
- Change commandline flags
- Add metrics: Apache version, request duration total
- Changes from 0.7.0
- Changes from 0.6.0
- Add option to override host name
- Added support for Red Hat Enterprise Linux
- Added AppArmor profile
- Added sandboxing options to systemd service unit
- Build using promu
- Build with Go 1.19
- Exclude s390 architecture
golang-github-prometheus-node_exporter:
- CVE-2023-29409: Restrict RSA keys in certificates to less than or equal to 8192 bits to avoid DoSing client/server
while validating signatures for extremely large RSA keys. (bsc#1213880)
There are no direct source changes. The CVE is fixed rebuilding the sources with the patched Go version.
golang-github-QubitProducts-exporter_exporter:
- CVE-2023-29409: Restrict RSA keys in certificates to less than or equal to 8192 bits to avoid DoSing client/server
while validating signatures for extremely large RSA keys. (bsc#1213880)
There are no direct source changes. The CVE is fixed rebuilding the sources with the patched Go version.
prometheus-postgres_exporter:
-...