openSUSE Build Service

Marina Latini (deneb_alpha) accepted request 1166248 from

Witek Bedyk (witekbedyk) about 1 month ago (revision 35)

Marina Latini (deneb_alpha) accepted request 1156424 from

Witek Bedyk (witekbedyk) 2 months ago (revision 34)

Marina Latini (deneb_alpha) accepted request 1151166 from

Witek Bedyk (witekbedyk) 3 months ago (revision 33)

Raúl Osuna (raulosuna) accepted request 1139949 from

Witek Bedyk (witekbedyk) 4 months ago (revision 32)

Add and clean up Bugzilla references in the changelog.
In most cases Bugzilla references for CVEs have just been missing and have been
added.  
Some CVEs were referenced multiple times for several maintained upstream stable
branches. These redundunt CVE references have been cleaned up.  
CVE-2022-29170 affects Grafana Enterprise only and has been removed from the
changelog.

Marina Latini (deneb_alpha) accepted request 1106245 from

Witek Bedyk (witekbedyk) 8 months ago (revision 31)

Marina Latini (deneb_alpha) accepted request 1095361 from

Witek Bedyk (witekbedyk) 11 months ago (revision 30)

Marina Latini (deneb_alpha) accepted request 1083557 from

Witek Bedyk (witekbedyk) about 1 year ago (revision 29)

Julio González Gil (juliogonzalezgil) accepted request 1079075 from

Witek Bedyk (witekbedyk) about 1 year ago (revision 28)

Julio González Gil (juliogonzalezgil) accepted request 1071116 from

Witek Bedyk (witekbedyk) about 1 year ago (revision 27)

- Update to version 8.5.21:
  * Apply attribute sanitation to GeomapPanel
    (bsc#1208821, CVE-2023-0507)
  * Login: Fix panic when UpsertUser is called without ReqContext

Julio González Gil (juliogonzalezgil) accepted request 1067145 from

Witek Bedyk (witekbedyk) about 1 year ago (revision 26)

Update changelog (bsc#1208293, CVE-2022-41723)

Julio González Gil (juliogonzalezgil) accepted request 1066407 from

Witek Bedyk (witekbedyk) about 1 year ago (revision 25)

- Fix basic authentication bypass by updating the exporter toolkit
  to version 0.7.3 (bsc#1208065, CVE-2022-46146).
- Add:
  * 0002-Update-exporter-toolkit-to-version-0.7.3.patch
- Require Go 1.19 or newer

Julio González Gil (juliogonzalezgil) accepted request 1063753 from

Witek Bedyk (witekbedyk) over 1 year ago (revision 24)

- Update to version 8.5.20:
  * Security: SVG: Add dompurify preprocessor step
    (bsc#1207749, CVE-2022-23552)
  * Security: Snapshots: Fix originalUrl spoof security issue
    (bsc#1207750, CVE-2022-39324)
  * Security: Omit error from http response 
  * Bug fix: Email and username trimming and invitation validation

Julio González Gil (juliogonzalezgil) accepted request 1043336 from

Witek Bedyk (witekbedyk) over 1 year ago (revision 23)

Fix CVE reference in changelog

Julio González Gil (juliogonzalezgil) accepted request 1037466 from

Witek Bedyk (witekbedyk) over 1 year ago (revision 22)

Update to version 8.5.15 (jsc#PED-2617):

Julio González Gil (juliogonzalezgil) accepted request 1010462 from

Witek Bedyk (witekbedyk) over 1 year ago (revision 21)

Add ECO reference (jsc#PED-2145)

Julio González Gil (juliogonzalezgil) accepted request 998009 from

Witek Bedyk (witekbedyk) over 1 year ago (revision 20)

- Update to version 8.3.10
  + Security:
    * Fixes XSS vulnerability in the Unified Alerting
      (bsc#1201535, CVE-2022-31097)
    * Fixes OAuth account takeover vulnerability
      (bsc#1201539, CVE-2022-31107)
- Update to version 8.3.9
  + Bug fixes:
    * Geomap: Display legend
    * Prometheus: Fix timestamp truncation
- Update to version 8.3.7
  + Bug fix:
    * Provisioning: Ensure that the default value for orgID is set
      when provisioning datasources to be deleted.
- Update to version 8.3.6
  + Features and enhancements:
    * Cloud Monitoring: Reduce request size when listing labels.
    * Explore: Show scalar data result in a table instead of graph.
    * Snapshots: Updates the default external snapshot server URL.
    * Table: Makes footer not overlap table content.
    * Tempo: Add request histogram to service graph datalink.
    * Tempo: Add time range to tempo search query behind a feature flag.
    * Tempo: Auto-clear results when changing query type.
    * Tempo: Display start time in search results as relative time.
  + Bug fixes:
    * CloudMonitoring: Fix resource labels in query editor.
    * Cursor sync: Apply the settings without saving the dashboard.
    * LibraryPanels: Fix for Error while cleaning library panels.
    * Logs Panel: Fix timestamp parsing for string dates without timezone.
    * Prometheus: Fix some of the alerting queries that use reduce/math operation.

Julio González Gil (juliogonzalezgil) accepted request 953745 from

Witek Bedyk (witekbedyk) over 2 years ago (revision 19)

- Update to version 8.3.5 (jsc#SLE-23439, jsc#SLE-23422)

Jordi Massaguer (jordimassaguerpla) accepted request 942200 from

Witek Bedyk (witekbedyk) over 2 years ago (revision 18)

- Update to version 7.5.12:
  * Fix markdown path traversal (#42969, bsc#1193688, CVE-2021-43813)

Julio González Gil (juliogonzalezgil) accepted request 927460 from

Witek Bedyk (witekbedyk) over 2 years ago (revision 17)

- Add patch 0001-Add-source-code-reference.patch
  * Add URL to package source code in the login page footer

Julio González Gil (juliogonzalezgil) accepted request 904150 from

Witek Bedyk (witekbedyk) almost 3 years ago (revision 16)

- Update to version 7.5.7:
  * Updated relref to "Configuring exemplars" section (#34240) (#34243)
  * Added exemplar topic (#34147) (#34226)
  * Quota: Do not count folders towards dashboard quota (#32519) (#34025)
  * Instructions to separate emails with semicolons (#32499) (#34138)
  * Docs: Remove documentation of v8 generic OAuth feature (#34018)
  * Annotations: Prevent orphaned annotation tags cleanup when no annotations were cleaned (#33957) (#33975)
  * [GH-33898] Add missing --no-cache to Dockerfile. (#33906) (#33935)
  * ReleaseNotes: Updated changelog and release notes for 7.5.6 (#33932) (#33936)
  * Stop hoisting @icons/material (#33922)
  * Chore: fix react-color version in yarn.lock (#33914)
  * "Release: Updated versions in package to 7.5.6" (#33909)
  * Loki: fix label browser crashing when + typed (#33900) (#33901)
  * Document `hide_version` flag (#33670) (#33881)
  * Add isolation level db configuration parameter (#33830) (#33878)
  * Sanitize PromLink button (#33874) (#33876)
  * Removed content as per MarcusE's suggestion in https://github.com/grafana/grafana/issues/33822. (#33870) (#33872)
  * Docs feedback: /administration/provisioning.md (#33804) (#33842)
  * Docs: delete from high availability docs references to removed configurations related to session storage (#33827) (#33851)
  * Docs: Update _index.md (#33797) (#33799)
  * Docs: Update installation.md (#33656) (#33703)
  * GraphNG: uPlot 1.6.9 (#33598) (#33612)
  * dont consider invalid email address a failed email (#33671) (#33681)
  * InfluxDB: Improve measurement-autocomplete behavior in query editor (#33494) (#33625)
  * add template for dashboard url parameters  (#33549) (#33588)
  * Add note to Snapshot API doc to specify that user has to provide the entire dashboard model  (#33572) (#33586)
  * Update team.md (#33454) (#33536)
  * Removed duplicate file "dashboard_folder_permissions.md (#33497)
  * Document customQueryParameters for prometheus datasource provisioning (#33440) (#33495)
  * ReleaseNotes: Updated changelog and release notes for 7.5.5 (#33473) (#33492)

Places

Revisions of grafana

Places