File _patchinfo of Package patchinfo.37102

<patchinfo incident="37102">
  <issue tracker="ijsc" id="MSQA-914"/>
  <issue tracker="jsc" id="PED-11649"/>
  <issue tracker="cve" id="2024-51744"/>
  <issue tracker="bnc" id="1232970">VUL-0: CVE-2024-51744: golang-github-prometheus-prometheus: github.com/golang-jwt/jwt/v4: Bad documentation of error handling in ParseWithClaims can lead to potentially dangerous situations in golang-jwt</issue>
  <packager>raulosuna</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update golang-github-prometheus-prometheus</summary>
  <description>

golang-github-prometheus-prometheus was updated from version 2.45.6 to 2.53.3 (jsc#PED-11649):

- Security issues fixed:
  * CVE-2024-51744: Updated golang-jwt to version 5.0 to fix bad error
    handling (bsc#1232970)

- Highlights of other changes:
  * Performance: 
    + Significant enhancements to PromQL execution speed, TSDB operations (especially querying and compaction) and 
      remote write operations.
    + Default GOGC value lowered to 75 for better memory management. 
    + Option to limit memory usage from dropped targets added.
  * New Features:
    + Experimental OpenTelemetry ingestion.
    + Automatic memory limit handling.
    + Native histogram support, including new functions, UI enhancements, and improved scraping.
    + Improved alerting features, such as relabeling rules for AlertmanagerConfig and a new query_offset option.
    + Expanded service discovery options with added metadata and support for new services.
    + New promtool commands for PromQL formatting, label manipulation, metric pushing, and OpenMetrics dumping.
  * Bug Fixes: 
    + Numerous fixes across scraping, API, TSDB, PromQL, and service discovery.
  * For a detailed list of changes consult the package changelog or 
    https://github.com/prometheus/prometheus/compare/v2.45.6...v2.53.3
</description>
</patchinfo>