[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2021:2664-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":16,"duplicates":17,"related":18,"reserved_at":9,"published_at":20,"modified_at":21,"state":9,"summary":22,"references_raw":24,"kevs":41,"epss":9,"epss_history":42,"metrics":43,"affected":44},"SUSE-SU-2021:2664-1","Security update for golang-github-prometheus-prometheus\n\nThis update for golang-github-prometheus-prometheus fixes the following issues:\n\n- Provide and reload firewalld configuration only for:\n  + openSUSE Leap 15.0, 15.1, 15.2\n  + SUSE SLE15, SLE15 SP1, SLE15 SP2\n- Upgrade to upstream version 2.27.1 (jsc#SLE-18254)\n  + Bugfix:\n   * SECURITY: Fix arbitrary redirects under the /new endpoint (CVE-2021-29622, bsc#1186242)\n  + Features:\n    * Promtool: Retroactive rule evaluation functionality. #7675\n    * Configuration: Environment variable expansion for external labels. Behind --enable-feature=expand-external-labels flag. #8649\n    * TSDB: Add a flag(--storage.tsdb.max-block-chunk-segment-size) to control the max chunks file size of the blocks \n      for small Prometheus instances.\n    * UI: Add a dark theme. #8604\n    * AWS Lightsail Discovery: Add AWS Lightsail Discovery. #8693\n    * Docker Discovery: Add Docker Service Discovery. #8629\n    * OAuth: Allow OAuth 2.0 to be used anywhere an HTTP client is used. #8761\n    * Remote Write: Send exemplars via remote write. Experimental and disabled by default. #8296\n  + Enhancements:\n    * Digital Ocean Discovery: Add __meta_digitalocean_vpc label. #8642\n    * Scaleway Discovery: Read Scaleway secret from a file. #8643\n    * Scrape: Add configurable limits for label size and count. #8777\n    * UI: Add 16w and 26w time range steps. #8656\n    * Templating: Enable parsing strings in humanize functions. #8682\n  + Bugfixes:\n    * UI: Provide errors instead of blank page on TSDB Status Page. #8654 #8659\n    * TSDB: Do not panic when writing very large records to the WAL. #8790\n    * TSDB: Avoid panic when mmaped memory is referenced after the file is closed. #8723\n    * Scaleway Discovery: Fix nil pointer dereference. #8737\n    * Consul Discovery: Restart no longer required after config update with no targets. #8766\n- Add tarball with vendor modules and web assets\n- Uyuni: Read formula data from exporters map\n- Uyuni: Add support for TLS targets\n- Upgrade to upstream version 2.26.0\n  + Changes\n    * Alerting: Using Alertmanager v2 API by default. #8626\n    * Prometheus/Promtool: Binaries are now printing help and usage to stdout instead of stderr. #8542\n  + Features\n    * Remote: Add support for AWS SigV4 auth method for remote_write. #8509\n    * PromQL: Allow negative offsets. Behind --enable-feature=promql-negative-offset flag. #8487\n    * UI: Add advanced auto-completion, syntax highlighting and linting to graph page query input. #8634\n  + Enhancements\n    * PromQL: Add last_over_time, sgn, clamp functions. #8457\n    * Scrape: Add support for specifying type of Authorization header credentials with Bearer by default. #8512\n    * Scrape: Add follow_redirects option to scrape configuration. #8546\n    * Remote: Allow retries on HTTP 429 response code for remote_write. #8237 #8477\n    * Remote: Allow configuring custom headers for remote_read. #8516\n    * UI: Hitting Enter now triggers new query. #8581\n    * UI: Better handling of long rule and names on the /rules and /targets pages. #8608 #8609\n    * UI: Add collapse/expand all button on the /targets page. #8486\n- Upgrade to upstream version 2.25.0\n  + Features\n    * Include a new `--enable-feature=` flag that enables experimental features.\n  + Enhancements\n    * Add optional name property to testgroup for better test failure output. #8440\n    * Add warnings into React Panel on the Graph page. #8427\n    * TSDB: Increase the number of buckets for the compaction duration metric. #8342\n    * Remote: Allow passing along custom remote_write HTTP headers. #8416\n    * Mixins: Scope grafana configuration. #8332\n    * Kubernetes SD: Add endpoint labels metadata. #8273\n    * UI: Expose total number of label pairs in head in TSDB stats page. #8343\n    * TSDB: Reload blocks every minute, to detect new blocks and enforce retention more often. #8343\n  + Bug fixes\n    * API: Fix global URL when external address has no port. #8359\n    * Deprecate unused flag --alertmanager.timeout. #8407\n- Upgrade to upstream version 2.24.1\n  + Enhancements\n    * Cache basic authentication results to significantly improve performance of HTTP endpoints.\n- Upgrade to upstream version 2.24.0\n  + Features\n    * Add TLS and basic authentication to HTTP endpoints. #8316\n    * promtool: Add check web-config subcommand to check web config files. #8319\n    * promtool: Add tsdb create-blocks-from openmetrics subcommand to backfill metrics data from an OpenMetrics file.\n  + Enhancements\n    * HTTP API: Fast-fail queries with only empty matchers. #8288\n    * HTTP API: Support matchers for labels API. #8301\n    * promtool: Improve checking of URLs passed on the command line. #7956\n    * SD: Expose IPv6 as a label in EC2 SD. #7086\n    * SD: Reuse EC2 client, reducing frequency of requesting credentials. #8311\n    * TSDB: Add logging when compaction takes more than the block time range. #8151\n    * TSDB: Avoid unnecessary GC runs after compaction. #8276\n- Upgrade to upstream version 2.23.0\n  + Changes\n    * UI: Make the React UI default. #8142\n    * Remote write: The following metrics were removed/renamed in remote write. #6815\n      > prometheus_remote_storage_succeeded_samples_total was removed and prometheus_remote_storage_samples_total \n      was introduced for all the samples attempted to send.\n      > prometheus_remote_storage_sent_bytes_total was removed and replaced with \n      prometheus_remote_storage_samples_bytes_total and prometheus_remote_storage_metadata_bytes_total.\n      > prometheus_remote_storage_failed_samples_total -> prometheus_remote_storage_samples_failed_total .\n      > prometheus_remote_storage_retried_samples_total -> prometheus_remote_storage_samples_retried_total.\n      > prometheus_remote_storage_dropped_samples_total -> prometheus_remote_storage_samples_dropped_total.\n      > prometheus_remote_storage_pending_samples -> prometheus_remote_storage_samples_pending.\n    * Remote: Do not collect non-initialized timestamp metrics. #8060\n  + Enhancements\n    * Remote write: Added a metric prometheus_remote_storage_max_samples_per_send for remote write. #8102\n    * TSDB: Make the snapshot directory name always the same length. #8138\n    * TSDB: Create a checkpoint only once at the end of all head compactions. #8067\n    * TSDB: Avoid Series API from hitting the chunks. #8050\n    * TSDB: Cache label name and last value when adding series during compactions making compactions faster. #8192\n    * PromQL: Improved performance of Hash method making queries a bit faster. #8025\n    * promtool: tsdb list now prints block sizes. #7993\n    * promtool: Calculate mint and maxt per test avoiding unnecessary calculations. #8096\n    * SD: Add filtering of services to Docker Swarm SD. #8074\n- Uyuni: `hostname` label is now set to FQDN instead of IP\n- Update to upstream version 2.22.1\n- Update packaging\n  * Remove systemd and shadow hard requirements\n  * use systemd-sysusers to configure the user in a dedicated 'system-user-prometheus' subpackage\n  * add 'prometheus' package alias\n  + Add support for Prometheus exporters proxy\n- Remove prometheus.firewall.xml source file\n- Remove firewalld files. They are installed in the main firewalld\n  package.\n  ",null,[],[],[],[14],{"_key":15},"CVE-2021-29622",[],[],[19],{"_key":15},"2021-08-12T10:02:35Z","2026-02-04T02:34:02.255120Z",{"cisa_kev":23,"cisa_ransomware":23,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[25,31,36],{"url":26,"sources":27,"tags":29},"https://www.suse.com/support/update/announcement/2021/suse-su-20212664-1/",[28],"osv_suse",[30],"Advisory",{"url":32,"sources":33,"tags":34},"https://bugzilla.suse.com/1186242",[28],[35],"REPORT",{"url":37,"sources":38,"tags":39},"https://www.suse.com/security/cve/CVE-2021-29622",[28],[40],"WEB",[],[],[],[45],{"ecosystem":46,"name":47,"vendor":48,"product":49,"cpe_part":9,"purl_type":50,"purl_namespace":48,"purl_name":49,"source":9,"versions":51},"SUSE Linux Enterprise","golang-github-prometheus-prometheus","suse","golang-github-prometheus-prometheus&distro=SUSE Enterprise Storage 6","rpm",[52],{"version":53,"is_range":54,"range_type":55,"version_start":9,"version_start_type":9,"version_end":56,"version_end_type":57,"fixed_in":9},"lt2_27_1_3_8_1",true,"ecosystem","2.27.1-3.8.1","excluding"]