diff --git a/core/prometheus/1.1.67/CHANGELOG.md b/core/prometheus/1.1.68/CHANGELOG.md similarity index 88% rename from core/prometheus/1.1.67/CHANGELOG.md rename to core/prometheus/1.1.68/CHANGELOG.md index 45ab1f100c7..272d443ae76 100644 --- a/core/prometheus/1.1.67/CHANGELOG.md +++ b/core/prometheus/1.1.68/CHANGELOG.md @@ -1,6 +1,19 @@ # Changelog
+ +### [prometheus-1.1.68](https://github.com/truecharts/apps/compare/prometheus-1.1.67...prometheus-1.1.68) (2022-02-26) + +#### Chore + +* rename `web_portal` to `open` ([#1957](https://github.com/truecharts/apps/issues/1957)) + +#### Fix + +* don't export node-exporter on host + + + ### [prometheus-1.1.67](https://github.com/truecharts/apps/compare/prometheus-1.1.66...prometheus-1.1.67) (2022-02-22) @@ -84,16 +97,3 @@ ### [prometheus-1.1.58](https://github.com/truecharts/apps/compare/uptimerobot-prometheus-2.0.18...prometheus-1.1.58) (2022-02-06) - -#### Chore - -* update helm chart common to v8.15.0 ([#1859](https://github.com/truecharts/apps/issues/1859)) -* update docker general non-major ([#1855](https://github.com/truecharts/apps/issues/1855)) - - - - -### [prometheus-1.1.57](https://github.com/truecharts/apps/compare/prometheus-1.1.56...prometheus-1.1.57) (2022-02-05) - -#### Chore - diff --git a/core/prometheus/1.1.67/CONFIG.md b/core/prometheus/1.1.68/CONFIG.md similarity index 100% rename from core/prometheus/1.1.67/CONFIG.md rename to core/prometheus/1.1.68/CONFIG.md diff --git a/core/prometheus/1.1.67/Chart.lock b/core/prometheus/1.1.68/Chart.lock similarity index 88% rename from core/prometheus/1.1.67/Chart.lock rename to core/prometheus/1.1.68/Chart.lock index cb0c69e41f0..4ca6b86d9a6 100644 --- a/core/prometheus/1.1.67/Chart.lock +++ b/core/prometheus/1.1.68/Chart.lock @@ -9,4 +9,4 @@ dependencies: repository: https://charts.bitnami.com/bitnami version: 2.2.8 digest: sha256:ca8f0dcdbea7bdadafbb5caef58b2dab8c9b1d94284fbddec30e9b1da9c91562 -generated: "2022-02-22T14:57:05.734295589Z" +generated: "2022-02-26T00:10:36.975277248Z" diff --git a/core/prometheus/1.1.67/Chart.yaml b/core/prometheus/1.1.68/Chart.yaml similarity index 98% rename from core/prometheus/1.1.67/Chart.yaml rename to core/prometheus/1.1.68/Chart.yaml index dc3873f1c18..fcfa980b742 100644 --- a/core/prometheus/1.1.67/Chart.yaml +++ b/core/prometheus/1.1.68/Chart.yaml @@ -28,7 +28,7 @@ sources: - https://github.com/prometheus-community/helm-charts - https://github.com/prometheus-operator/kube-prometheus type: application -version: 1.1.67 +version: 1.1.68 annotations: truecharts.org/catagories: | - metrics diff --git a/core/prometheus/1.1.67/README.md b/core/prometheus/1.1.68/README.md similarity index 100% rename from core/prometheus/1.1.67/README.md rename to core/prometheus/1.1.68/README.md diff --git a/core/prometheus/1.1.67/app-readme.md b/core/prometheus/1.1.68/app-readme.md similarity index 100% rename from core/prometheus/1.1.67/app-readme.md rename to core/prometheus/1.1.68/app-readme.md diff --git a/core/prometheus/1.1.67/charts/common-8.16.0.tgz b/core/prometheus/1.1.68/charts/common-8.16.0.tgz similarity index 100% rename from core/prometheus/1.1.67/charts/common-8.16.0.tgz rename to core/prometheus/1.1.68/charts/common-8.16.0.tgz diff --git a/core/prometheus/1.1.67/charts/kube-state-metrics-2.2.8.tgz b/core/prometheus/1.1.68/charts/kube-state-metrics-2.2.8.tgz similarity index 100% rename from core/prometheus/1.1.67/charts/kube-state-metrics-2.2.8.tgz rename to core/prometheus/1.1.68/charts/kube-state-metrics-2.2.8.tgz diff --git a/core/prometheus/1.1.67/charts/node-exporter-2.4.3.tgz b/core/prometheus/1.1.68/charts/node-exporter-2.4.3.tgz similarity index 100% rename from core/prometheus/1.1.67/charts/node-exporter-2.4.3.tgz rename to core/prometheus/1.1.68/charts/node-exporter-2.4.3.tgz diff --git a/core/prometheus/1.1.67/crds/crd-alertmanager-config.yaml b/core/prometheus/1.1.68/crds/crd-alertmanager-config.yaml similarity index 100% rename from core/prometheus/1.1.67/crds/crd-alertmanager-config.yaml rename to core/prometheus/1.1.68/crds/crd-alertmanager-config.yaml diff --git a/core/prometheus/1.1.67/crds/crd-alertmanager.yaml b/core/prometheus/1.1.68/crds/crd-alertmanager.yaml similarity index 100% rename from core/prometheus/1.1.67/crds/crd-alertmanager.yaml rename to core/prometheus/1.1.68/crds/crd-alertmanager.yaml diff --git a/core/prometheus/1.1.67/crds/crd-podmonitor.yaml b/core/prometheus/1.1.68/crds/crd-podmonitor.yaml similarity index 100% rename from core/prometheus/1.1.67/crds/crd-podmonitor.yaml rename to core/prometheus/1.1.68/crds/crd-podmonitor.yaml diff --git a/core/prometheus/1.1.67/crds/crd-probes.yaml b/core/prometheus/1.1.68/crds/crd-probes.yaml similarity index 100% rename from core/prometheus/1.1.67/crds/crd-probes.yaml rename to core/prometheus/1.1.68/crds/crd-probes.yaml diff --git a/core/prometheus/1.1.67/crds/crd-prometheus.yaml b/core/prometheus/1.1.68/crds/crd-prometheus.yaml similarity index 100% rename from core/prometheus/1.1.67/crds/crd-prometheus.yaml rename to core/prometheus/1.1.68/crds/crd-prometheus.yaml diff --git a/core/prometheus/1.1.67/crds/crd-prometheusrules.yaml b/core/prometheus/1.1.68/crds/crd-prometheusrules.yaml similarity index 100% rename from core/prometheus/1.1.67/crds/crd-prometheusrules.yaml rename to core/prometheus/1.1.68/crds/crd-prometheusrules.yaml diff --git a/core/prometheus/1.1.67/crds/crd-servicemonitor.yaml b/core/prometheus/1.1.68/crds/crd-servicemonitor.yaml similarity index 100% rename from core/prometheus/1.1.67/crds/crd-servicemonitor.yaml rename to core/prometheus/1.1.68/crds/crd-servicemonitor.yaml diff --git a/core/prometheus/1.1.67/crds/crd-thanosrulers.yaml b/core/prometheus/1.1.68/crds/crd-thanosrulers.yaml similarity index 100% rename from core/prometheus/1.1.67/crds/crd-thanosrulers.yaml rename to core/prometheus/1.1.68/crds/crd-thanosrulers.yaml diff --git a/core/prometheus/1.1.67/helm-values.md b/core/prometheus/1.1.68/helm-values.md similarity index 99% rename from core/prometheus/1.1.67/helm-values.md rename to core/prometheus/1.1.68/helm-values.md index 8c699b6d050..62d19cd2ab4 100644 --- a/core/prometheus/1.1.67/helm-values.md +++ b/core/prometheus/1.1.68/helm-values.md @@ -151,6 +151,7 @@ You will, however, be able to use all values referenced in the common chart here | kubelet.serviceMonitor.relabelings | list | `[]` | | | node-exporter.extraArgs."collector.filesystem.ignored-fs-types" | string | `"^(autofs|binfmt_misc|cgroup|configfs|debugfs|devpts|devtmpfs|fusectl|hugetlbfs|mqueue|overlay|proc|procfs|pstore|rpc_pipefs|securityfs|sysfs|tracefs)$"` | | | node-exporter.extraArgs."collector.filesystem.ignored-mount-points" | string | `"^/(dev|proc|sys|var/lib/docker/.+)($|/)"` | | +| node-exporter.hostNetwork | bool | `false` | | | node-exporter.service.labels.jobLabel | string | `"node-exporter"` | | | node-exporter.serviceMonitor.enabled | bool | `true` | | | node-exporter.serviceMonitor.jobLabel | string | `"jobLabel"` | | diff --git a/core/prometheus/1.1.67/ix_values.yaml b/core/prometheus/1.1.68/ix_values.yaml similarity index 99% rename from core/prometheus/1.1.67/ix_values.yaml rename to core/prometheus/1.1.68/ix_values.yaml index dafea407e5f..6c3a108611d 100644 --- a/core/prometheus/1.1.67/ix_values.yaml +++ b/core/prometheus/1.1.68/ix_values.yaml @@ -1147,6 +1147,7 @@ exporters: ## @param node-exporter [object] Node Exporter deployment configuration ## node-exporter: + hostNetwork: false service: labels: jobLabel: node-exporter diff --git a/core/prometheus/1.1.67/questions.yaml b/core/prometheus/1.1.68/questions.yaml similarity index 99% rename from core/prometheus/1.1.67/questions.yaml rename to core/prometheus/1.1.68/questions.yaml index da828b593c7..e18c829bbf5 100644 --- a/core/prometheus/1.1.67/questions.yaml +++ b/core/prometheus/1.1.68/questions.yaml @@ -26,7 +26,7 @@ groups: - name: "Advanced" description: "Advanced Configuration" portals: - web_portal: + open: protocols: - "$kubernetes-resource_configmap_portal_protocol" host: diff --git a/core/prometheus/1.1.67/security.md b/core/prometheus/1.1.68/security.md similarity index 98% rename from core/prometheus/1.1.67/security.md rename to core/prometheus/1.1.68/security.md index 9f339f5232f..883498dba91 100644 --- a/core/prometheus/1.1.67/security.md +++ b/core/prometheus/1.1.68/security.md @@ -52,7 +52,6 @@ hide: |:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------| | Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM |
Expand... A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.

Container 'node-exporter' of DaemonSet 'RELEASE-NAME-node-exporter' should set 'securityContext.allowPrivilegeEscalation' to false
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv001
| | Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW |
Expand... The container should drop all default capabilities and add only those that are needed for its execution.

Container 'node-exporter' of DaemonSet 'RELEASE-NAME-node-exporter' should add 'ALL' to 'securityContext.capabilities.drop'
|
Expand...https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/appshield/ksv003
| -| Kubernetes Security Check | KSV009 | Access to host network | HIGH |
Expand... Sharing the host’s network namespace permits processes in the pod to communicate with processes bound to the host’s loopback adapter.

DaemonSet 'RELEASE-NAME-node-exporter' should not set 'spec.template.spec.hostNetwork' to true
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline
https://avd.aquasec.com/appshield/ksv009
| | Kubernetes Security Check | KSV010 | Access to host PID | HIGH |
Expand... Sharing the host’s PID namespace allows visibility on host processes, potentially leaking information such as environment variables and configuration.

DaemonSet 'RELEASE-NAME-node-exporter' should not set 'spec.template.spec.hostPID' to true
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline
https://avd.aquasec.com/appshield/ksv010
| | Kubernetes Security Check | KSV011 | CPU not limited | LOW |
Expand... Enforcing CPU limits prevents DoS via resource exhaustion.

Container 'node-exporter' of DaemonSet 'RELEASE-NAME-node-exporter' should set 'resources.limits.cpu'
|
Expand...https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits
https://avd.aquasec.com/appshield/ksv011
| | Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW |
Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.

Container 'node-exporter' of DaemonSet 'RELEASE-NAME-node-exporter' should set 'securityContext.readOnlyRootFilesystem' to true
|
Expand...https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
| @@ -370,6 +369,8 @@ hide: | libpcre3 | CVE-2017-7245 | LOW | 2:8.39-12 | |
Expand...http://www.securityfocus.com/bid/97067
https://access.redhat.com/errata/RHSA-2018:2486
https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/
https://security.gentoo.org/glsa/201710-25
| | libpcre3 | CVE-2017-7246 | LOW | 2:8.39-12 | |
Expand...http://www.securityfocus.com/bid/97067
https://access.redhat.com/errata/RHSA-2018:2486
https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/
https://security.gentoo.org/glsa/201710-25
| | libpcre3 | CVE-2019-20838 | LOW | 2:8.39-12 | |
Expand...http://seclists.org/fulldisclosure/2020/Dec/32
http://seclists.org/fulldisclosure/2021/Feb/14
https://bugs.gentoo.org/717920
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838
https://linux.oracle.com/cve/CVE-2019-20838.html
https://linux.oracle.com/errata/ELSA-2021-4373.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/kb/HT211931
https://support.apple.com/kb/HT212147
https://www.pcre.org/original/changelog.txt
| +| libsasl2-2 | CVE-2022-24407 | CRITICAL | 2.1.27+dfsg-1+deb10u1 | |
Expand...http://www.openwall.com/lists/oss-security/2022/02/23/4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24407
https://github.com/cyrusimap/cyrus-sasl/blob/fdcd13ceaef8de684dc69008011fa865c5b4a3ac/docsrc/sasl/release-notes/2.1/index.rst
https://linux.oracle.com/cve/CVE-2022-24407.html
https://linux.oracle.com/errata/ELSA-2022-0666.html
https://ubuntu.com/security/notices/USN-5301-1
https://ubuntu.com/security/notices/USN-5301-2
https://www.cyrusimap.org/sasl/sasl/release-notes/2.1/index.html#new-in-2-1-28
| +| libsasl2-modules-db | CVE-2022-24407 | CRITICAL | 2.1.27+dfsg-1+deb10u1 | |
Expand...http://www.openwall.com/lists/oss-security/2022/02/23/4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24407
https://github.com/cyrusimap/cyrus-sasl/blob/fdcd13ceaef8de684dc69008011fa865c5b4a3ac/docsrc/sasl/release-notes/2.1/index.rst
https://linux.oracle.com/cve/CVE-2022-24407.html
https://linux.oracle.com/errata/ELSA-2022-0666.html
https://ubuntu.com/security/notices/USN-5301-1
https://ubuntu.com/security/notices/USN-5301-2
https://www.cyrusimap.org/sasl/sasl/release-notes/2.1/index.html#new-in-2-1-28
| | libseccomp2 | CVE-2019-9893 | LOW | 2.3.3-4 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00022.html
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00027.html
http://www.paul-moore.com/blog/d/2019/03/libseccomp_v240.html
https://access.redhat.com/errata/RHSA-2019:3624
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9893
https://github.com/seccomp/libseccomp/issues/139
https://linux.oracle.com/cve/CVE-2019-9893.html
https://linux.oracle.com/errata/ELSA-2019-3624.html
https://seclists.org/oss-sec/2019/q1/179
https://security.gentoo.org/glsa/201904-18
https://ubuntu.com/security/notices/USN-4001-1
https://ubuntu.com/security/notices/USN-4001-2
https://usn.ubuntu.com/4001-1/
https://usn.ubuntu.com/4001-2/
https://www.openwall.com/lists/oss-security/2019/03/15/1
| | libsepol1 | CVE-2021-36084 | LOW | 2.8-1 | |
Expand...https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084
https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml
https://linux.oracle.com/cve/CVE-2021-36084.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
| | libsepol1 | CVE-2021-36085 | LOW | 2.8-1 | |
Expand...https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085
https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml
https://linux.oracle.com/cve/CVE-2021-36085.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
| @@ -560,6 +561,8 @@ hide: | libpcre3 | CVE-2017-7245 | LOW | 2:8.39-12 | |
Expand...http://www.securityfocus.com/bid/97067
https://access.redhat.com/errata/RHSA-2018:2486
https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/
https://security.gentoo.org/glsa/201710-25
| | libpcre3 | CVE-2017-7246 | LOW | 2:8.39-12 | |
Expand...http://www.securityfocus.com/bid/97067
https://access.redhat.com/errata/RHSA-2018:2486
https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/
https://security.gentoo.org/glsa/201710-25
| | libpcre3 | CVE-2019-20838 | LOW | 2:8.39-12 | |
Expand...http://seclists.org/fulldisclosure/2020/Dec/32
http://seclists.org/fulldisclosure/2021/Feb/14
https://bugs.gentoo.org/717920
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838
https://linux.oracle.com/cve/CVE-2019-20838.html
https://linux.oracle.com/errata/ELSA-2021-4373.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/kb/HT211931
https://support.apple.com/kb/HT212147
https://www.pcre.org/original/changelog.txt
| +| libsasl2-2 | CVE-2022-24407 | CRITICAL | 2.1.27+dfsg-1+deb10u1 | |
Expand...http://www.openwall.com/lists/oss-security/2022/02/23/4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24407
https://github.com/cyrusimap/cyrus-sasl/blob/fdcd13ceaef8de684dc69008011fa865c5b4a3ac/docsrc/sasl/release-notes/2.1/index.rst
https://linux.oracle.com/cve/CVE-2022-24407.html
https://linux.oracle.com/errata/ELSA-2022-0666.html
https://ubuntu.com/security/notices/USN-5301-1
https://ubuntu.com/security/notices/USN-5301-2
https://www.cyrusimap.org/sasl/sasl/release-notes/2.1/index.html#new-in-2-1-28
| +| libsasl2-modules-db | CVE-2022-24407 | CRITICAL | 2.1.27+dfsg-1+deb10u1 | |
Expand...http://www.openwall.com/lists/oss-security/2022/02/23/4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24407
https://github.com/cyrusimap/cyrus-sasl/blob/fdcd13ceaef8de684dc69008011fa865c5b4a3ac/docsrc/sasl/release-notes/2.1/index.rst
https://linux.oracle.com/cve/CVE-2022-24407.html
https://linux.oracle.com/errata/ELSA-2022-0666.html
https://ubuntu.com/security/notices/USN-5301-1
https://ubuntu.com/security/notices/USN-5301-2
https://www.cyrusimap.org/sasl/sasl/release-notes/2.1/index.html#new-in-2-1-28
| | libseccomp2 | CVE-2019-9893 | LOW | 2.3.3-4 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00022.html
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00027.html
http://www.paul-moore.com/blog/d/2019/03/libseccomp_v240.html
https://access.redhat.com/errata/RHSA-2019:3624
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9893
https://github.com/seccomp/libseccomp/issues/139
https://linux.oracle.com/cve/CVE-2019-9893.html
https://linux.oracle.com/errata/ELSA-2019-3624.html
https://seclists.org/oss-sec/2019/q1/179
https://security.gentoo.org/glsa/201904-18
https://ubuntu.com/security/notices/USN-4001-1
https://ubuntu.com/security/notices/USN-4001-2
https://usn.ubuntu.com/4001-1/
https://usn.ubuntu.com/4001-2/
https://www.openwall.com/lists/oss-security/2019/03/15/1
| | libsepol1 | CVE-2021-36084 | LOW | 2.8-1 | |
Expand...https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084
https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml
https://linux.oracle.com/cve/CVE-2021-36084.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
| | libsepol1 | CVE-2021-36085 | LOW | 2.8-1 | |
Expand...https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085
https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml
https://linux.oracle.com/cve/CVE-2021-36085.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
| @@ -743,6 +746,8 @@ hide: | libpcre3 | CVE-2017-7245 | LOW | 2:8.39-12 | |
Expand...http://www.securityfocus.com/bid/97067
https://access.redhat.com/errata/RHSA-2018:2486
https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/
https://security.gentoo.org/glsa/201710-25
| | libpcre3 | CVE-2017-7246 | LOW | 2:8.39-12 | |
Expand...http://www.securityfocus.com/bid/97067
https://access.redhat.com/errata/RHSA-2018:2486
https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/
https://security.gentoo.org/glsa/201710-25
| | libpcre3 | CVE-2019-20838 | LOW | 2:8.39-12 | |
Expand...http://seclists.org/fulldisclosure/2020/Dec/32
http://seclists.org/fulldisclosure/2021/Feb/14
https://bugs.gentoo.org/717920
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838
https://linux.oracle.com/cve/CVE-2019-20838.html
https://linux.oracle.com/errata/ELSA-2021-4373.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/kb/HT211931
https://support.apple.com/kb/HT212147
https://www.pcre.org/original/changelog.txt
| +| libsasl2-2 | CVE-2022-24407 | CRITICAL | 2.1.27+dfsg-1+deb10u1 | |
Expand...http://www.openwall.com/lists/oss-security/2022/02/23/4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24407
https://github.com/cyrusimap/cyrus-sasl/blob/fdcd13ceaef8de684dc69008011fa865c5b4a3ac/docsrc/sasl/release-notes/2.1/index.rst
https://linux.oracle.com/cve/CVE-2022-24407.html
https://linux.oracle.com/errata/ELSA-2022-0666.html
https://ubuntu.com/security/notices/USN-5301-1
https://ubuntu.com/security/notices/USN-5301-2
https://www.cyrusimap.org/sasl/sasl/release-notes/2.1/index.html#new-in-2-1-28
| +| libsasl2-modules-db | CVE-2022-24407 | CRITICAL | 2.1.27+dfsg-1+deb10u1 | |
Expand...http://www.openwall.com/lists/oss-security/2022/02/23/4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24407
https://github.com/cyrusimap/cyrus-sasl/blob/fdcd13ceaef8de684dc69008011fa865c5b4a3ac/docsrc/sasl/release-notes/2.1/index.rst
https://linux.oracle.com/cve/CVE-2022-24407.html
https://linux.oracle.com/errata/ELSA-2022-0666.html
https://ubuntu.com/security/notices/USN-5301-1
https://ubuntu.com/security/notices/USN-5301-2
https://www.cyrusimap.org/sasl/sasl/release-notes/2.1/index.html#new-in-2-1-28
| | libseccomp2 | CVE-2019-9893 | LOW | 2.3.3-4 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00022.html
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00027.html
http://www.paul-moore.com/blog/d/2019/03/libseccomp_v240.html
https://access.redhat.com/errata/RHSA-2019:3624
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9893
https://github.com/seccomp/libseccomp/issues/139
https://linux.oracle.com/cve/CVE-2019-9893.html
https://linux.oracle.com/errata/ELSA-2019-3624.html
https://seclists.org/oss-sec/2019/q1/179
https://security.gentoo.org/glsa/201904-18
https://ubuntu.com/security/notices/USN-4001-1
https://ubuntu.com/security/notices/USN-4001-2
https://usn.ubuntu.com/4001-1/
https://usn.ubuntu.com/4001-2/
https://www.openwall.com/lists/oss-security/2019/03/15/1
| | libsepol1 | CVE-2021-36084 | LOW | 2.8-1 | |
Expand...https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084
https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml
https://linux.oracle.com/cve/CVE-2021-36084.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
| | libsepol1 | CVE-2021-36085 | LOW | 2.8-1 | |
Expand...https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085
https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml
https://linux.oracle.com/cve/CVE-2021-36085.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
| diff --git a/core/prometheus/1.1.67/templates/_helpers.tpl b/core/prometheus/1.1.68/templates/_helpers.tpl similarity index 100% rename from core/prometheus/1.1.67/templates/_helpers.tpl rename to core/prometheus/1.1.68/templates/_helpers.tpl diff --git a/core/prometheus/1.1.67/templates/alertmanager/_alertmanager.tpl b/core/prometheus/1.1.68/templates/alertmanager/_alertmanager.tpl similarity index 100% rename from core/prometheus/1.1.67/templates/alertmanager/_alertmanager.tpl rename to core/prometheus/1.1.68/templates/alertmanager/_alertmanager.tpl diff --git a/core/prometheus/1.1.67/templates/alertmanager/secrets.yaml b/core/prometheus/1.1.68/templates/alertmanager/secrets.yaml similarity index 100% rename from core/prometheus/1.1.67/templates/alertmanager/secrets.yaml rename to core/prometheus/1.1.68/templates/alertmanager/secrets.yaml diff --git a/core/prometheus/1.1.67/templates/alertmanager/serviceaccount.yaml b/core/prometheus/1.1.68/templates/alertmanager/serviceaccount.yaml similarity index 100% rename from core/prometheus/1.1.67/templates/alertmanager/serviceaccount.yaml rename to core/prometheus/1.1.68/templates/alertmanager/serviceaccount.yaml diff --git a/core/prometheus/1.1.67/templates/alertmanager/servicemonitor.yaml b/core/prometheus/1.1.68/templates/alertmanager/servicemonitor.yaml similarity index 100% rename from core/prometheus/1.1.67/templates/alertmanager/servicemonitor.yaml rename to core/prometheus/1.1.68/templates/alertmanager/servicemonitor.yaml diff --git a/core/prometheus/1.1.67/templates/common.yaml b/core/prometheus/1.1.68/templates/common.yaml similarity index 100% rename from core/prometheus/1.1.67/templates/common.yaml rename to core/prometheus/1.1.68/templates/common.yaml diff --git a/core/prometheus/1.1.67/templates/exporters/core-dns/service.yaml b/core/prometheus/1.1.68/templates/exporters/core-dns/service.yaml similarity index 100% rename from core/prometheus/1.1.67/templates/exporters/core-dns/service.yaml rename to core/prometheus/1.1.68/templates/exporters/core-dns/service.yaml diff --git a/core/prometheus/1.1.67/templates/exporters/core-dns/servicemonitor.yaml b/core/prometheus/1.1.68/templates/exporters/core-dns/servicemonitor.yaml similarity index 100% rename from core/prometheus/1.1.67/templates/exporters/core-dns/servicemonitor.yaml rename to core/prometheus/1.1.68/templates/exporters/core-dns/servicemonitor.yaml diff --git a/core/prometheus/1.1.67/templates/exporters/kube-apiserver/servicemonitor.yaml b/core/prometheus/1.1.68/templates/exporters/kube-apiserver/servicemonitor.yaml similarity index 100% rename from core/prometheus/1.1.67/templates/exporters/kube-apiserver/servicemonitor.yaml rename to core/prometheus/1.1.68/templates/exporters/kube-apiserver/servicemonitor.yaml diff --git a/core/prometheus/1.1.67/templates/exporters/kube-controller-manager/endpoints.yaml b/core/prometheus/1.1.68/templates/exporters/kube-controller-manager/endpoints.yaml similarity index 100% rename from core/prometheus/1.1.67/templates/exporters/kube-controller-manager/endpoints.yaml rename to core/prometheus/1.1.68/templates/exporters/kube-controller-manager/endpoints.yaml diff --git a/core/prometheus/1.1.67/templates/exporters/kube-controller-manager/service.yaml b/core/prometheus/1.1.68/templates/exporters/kube-controller-manager/service.yaml similarity index 100% rename from core/prometheus/1.1.67/templates/exporters/kube-controller-manager/service.yaml rename to core/prometheus/1.1.68/templates/exporters/kube-controller-manager/service.yaml diff --git a/core/prometheus/1.1.67/templates/exporters/kube-controller-manager/servicemonitor.yaml b/core/prometheus/1.1.68/templates/exporters/kube-controller-manager/servicemonitor.yaml similarity index 100% rename from core/prometheus/1.1.67/templates/exporters/kube-controller-manager/servicemonitor.yaml rename to core/prometheus/1.1.68/templates/exporters/kube-controller-manager/servicemonitor.yaml diff --git a/core/prometheus/1.1.67/templates/exporters/kube-scheduler/endpoints.yaml b/core/prometheus/1.1.68/templates/exporters/kube-scheduler/endpoints.yaml similarity index 100% rename from core/prometheus/1.1.67/templates/exporters/kube-scheduler/endpoints.yaml rename to core/prometheus/1.1.68/templates/exporters/kube-scheduler/endpoints.yaml diff --git a/core/prometheus/1.1.67/templates/exporters/kube-scheduler/service.yaml b/core/prometheus/1.1.68/templates/exporters/kube-scheduler/service.yaml similarity index 100% rename from core/prometheus/1.1.67/templates/exporters/kube-scheduler/service.yaml rename to core/prometheus/1.1.68/templates/exporters/kube-scheduler/service.yaml diff --git a/core/prometheus/1.1.67/templates/exporters/kube-scheduler/servicemonitor.yaml b/core/prometheus/1.1.68/templates/exporters/kube-scheduler/servicemonitor.yaml similarity index 100% rename from core/prometheus/1.1.67/templates/exporters/kube-scheduler/servicemonitor.yaml rename to core/prometheus/1.1.68/templates/exporters/kube-scheduler/servicemonitor.yaml diff --git a/core/prometheus/1.1.67/templates/exporters/kubelet/servicemonitor.yaml b/core/prometheus/1.1.68/templates/exporters/kubelet/servicemonitor.yaml similarity index 100% rename from core/prometheus/1.1.67/templates/exporters/kubelet/servicemonitor.yaml rename to core/prometheus/1.1.68/templates/exporters/kubelet/servicemonitor.yaml diff --git a/core/prometheus/1.1.67/templates/operator/_args.tpl b/core/prometheus/1.1.68/templates/operator/_args.tpl similarity index 100% rename from core/prometheus/1.1.67/templates/operator/_args.tpl rename to core/prometheus/1.1.68/templates/operator/_args.tpl diff --git a/core/prometheus/1.1.67/templates/operator/configmap.yaml b/core/prometheus/1.1.68/templates/operator/configmap.yaml similarity index 100% rename from core/prometheus/1.1.67/templates/operator/configmap.yaml rename to core/prometheus/1.1.68/templates/operator/configmap.yaml diff --git a/core/prometheus/1.1.67/templates/operator/servicemonitor.yaml b/core/prometheus/1.1.68/templates/operator/servicemonitor.yaml similarity index 100% rename from core/prometheus/1.1.67/templates/operator/servicemonitor.yaml rename to core/prometheus/1.1.68/templates/operator/servicemonitor.yaml diff --git a/core/prometheus/1.1.67/templates/prometheus/_additionalPrometheusRules.tpl b/core/prometheus/1.1.68/templates/prometheus/_additionalPrometheusRules.tpl similarity index 100% rename from core/prometheus/1.1.67/templates/prometheus/_additionalPrometheusRules.tpl rename to core/prometheus/1.1.68/templates/prometheus/_additionalPrometheusRules.tpl diff --git a/core/prometheus/1.1.67/templates/prometheus/_additionalScrapeJobs.tpl b/core/prometheus/1.1.68/templates/prometheus/_additionalScrapeJobs.tpl similarity index 100% rename from core/prometheus/1.1.67/templates/prometheus/_additionalScrapeJobs.tpl rename to core/prometheus/1.1.68/templates/prometheus/_additionalScrapeJobs.tpl diff --git a/core/prometheus/1.1.67/templates/prometheus/_prometheus.tpl b/core/prometheus/1.1.68/templates/prometheus/_prometheus.tpl similarity index 100% rename from core/prometheus/1.1.67/templates/prometheus/_prometheus.tpl rename to core/prometheus/1.1.68/templates/prometheus/_prometheus.tpl diff --git a/core/prometheus/1.1.67/templates/prometheus/_servicemonitor.tpl b/core/prometheus/1.1.68/templates/prometheus/_servicemonitor.tpl similarity index 100% rename from core/prometheus/1.1.67/templates/prometheus/_servicemonitor.tpl rename to core/prometheus/1.1.68/templates/prometheus/_servicemonitor.tpl diff --git a/core/prometheus/1.1.67/templates/prometheus/clusterrole.yaml b/core/prometheus/1.1.68/templates/prometheus/clusterrole.yaml similarity index 100% rename from core/prometheus/1.1.67/templates/prometheus/clusterrole.yaml rename to core/prometheus/1.1.68/templates/prometheus/clusterrole.yaml diff --git a/core/prometheus/1.1.67/templates/prometheus/clusterrolebinding.yaml b/core/prometheus/1.1.68/templates/prometheus/clusterrolebinding.yaml similarity index 100% rename from core/prometheus/1.1.67/templates/prometheus/clusterrolebinding.yaml rename to core/prometheus/1.1.68/templates/prometheus/clusterrolebinding.yaml diff --git a/core/prometheus/1.1.67/templates/prometheus/serviceaccount.yaml b/core/prometheus/1.1.68/templates/prometheus/serviceaccount.yaml similarity index 100% rename from core/prometheus/1.1.67/templates/prometheus/serviceaccount.yaml rename to core/prometheus/1.1.68/templates/prometheus/serviceaccount.yaml diff --git a/core/prometheus/1.1.67/values.yaml b/core/prometheus/1.1.68/values.yaml similarity index 100% rename from core/prometheus/1.1.67/values.yaml rename to core/prometheus/1.1.68/values.yaml