openSUSE: Security Advisory for golang-github-prometheus-prometheus (openSUSE-SU-2021:2664-1)

The remote host is missing an update for the 'golang-github-prometheus-prometheus' package(s) announced via the openSUSE-SU-2021:2664-1 advisory.

This update for golang-github-prometheus-prometheus fixes the following issues: - Provide and reload firewalld configuration only for: + openSUSE Leap 15.0, 15.1, 15.2 + SUSE SLE15, SLE15 SP1, SLE15 SP2 - Upgrade to upstream version 2.27.1 (jsc#SLE-18254) + Bugfix: * SECURITY: Fix arbitrary redirects under the /new endpoint (CVE-2021-29622, bsc#1186242) + Features: * Promtool: Retroactive rule evaluation functionality. #7675 * Configuration: Environment variable expansion for external labels. Behind --enable-feature=expand-external-labels flag. #8649 * TSDB: Add a flag(--storage.tsdb.max-block-chunk-segment-size) to control the max chunks file size of the blocks for small Prometheus instances. * UI: Add a dark theme. #8604 * AWS Lightsail Discovery: Add AWS Lightsail Discovery. #8693 * Docker Discovery: Add Docker Service Discovery. #8629 * OAuth: Allow OAuth 2.0 to be used anywhere an HTTP client is used. #8761 * Remote Write: Send exemplars via remote write. Experimental and disabled by default. #8296 + Enhancements: * Digital Ocean Discovery: Add __meta_digitalocean_vpc label. #8642 * Scaleway Discovery: Read Scaleway secret from a file. #8643 * Scrape: Add configurable limits for label size and count. #8777 * UI: Add 16w and 26w time range steps. #8656 * Templating: Enable parsing strings in humanize functions. #8682 + Bugfixes: * UI: Provide errors instead of blank page on TSDB Status Page. #8654 #8659 * TSDB: Do not panic when writing very large records to the WAL. #8790 * TSDB: Avoid panic when mapped memory is referenced after the file is closed. #8723 * Scaleway Discovery: Fix nil pointer dereference. #8737 * Consul Discovery: Restart no longer required after config update with no targets. #8766 - Add tarball with vendor modules and web assets - Uyuni: Read formula data from exporters map - Uyuni: Add support for TLS targets - Upgrade to upstream version 2.26.0 + Changes * Alerting: Using Alertmanager v2 API by default. #8626 * Prometheus/Promtool: Binaries are now printing help and usage to stdout instead of stderr. #8542 + Features * Remote: Add support for AWS SigV4 auth method for remote_write. #8509 * PromQL: Allow negative offsets. Behind ... Description truncated. Please see the references for more information.

'golang-github-prometheus-prometheus' package(s) on openSUSE Leap 15.3.

Checks if a vulnerable package version is present on the target host.

Please install the updated package(s).