Bug 269153 - net-mgmt/prometheus2: Update to 2.41.0
Summary: net-mgmt/prometheus2: Update to 2.41.0
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Fernando Apesteguía
URL: https://github.com/prometheus/prometh...
Keywords: patch-ready, security
Depends on:
Blocks:
 
Reported: 2023-01-25 19:19 UTC by David O'Rourke
Modified: 2023-01-30 10:31 UTC (History)
1 user (show)

See Also:


Attachments
net-mgmt/prometheus2: Update to 2.41.0 (2.30 KB, patch)
2023-01-25 19:19 UTC, David O'Rourke
dor.bsd: maintainer-approval+
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description David O'Rourke 2023-01-25 19:19:49 UTC
Created attachment 239702 [details]
net-mgmt/prometheus2: Update to 2.41.0

This patch updates net-mgmt/prometheus2 to v2.41.0.

The changes from v2.39.1 until this version include multiple bugfixes and security fixes. A full changelog is available at: https://github.com/prometheus/prometheus/blob/main/CHANGELOG.md

Apologies for the time between updates. My build machine was unwell for a while and I was unable to test newer ports builds.

-David
Comment 1 Fernando Apesteguía freebsd_committer freebsd_triage 2023-01-29 18:50:16 UTC
^Triage: Security release, merge to quarterly branch.

Thanks!


Note to self: VuXML entry for CVE-2022-46146
Comment 2 commit-hook freebsd_committer freebsd_triage 2023-01-30 10:25:03 UTC
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=04ccf344372409a68d9293e5b02d3d5804b8591d

commit 04ccf344372409a68d9293e5b02d3d5804b8591d
Author:     David O'Rourke <dor.bsd@xm0.uk>
AuthorDate: 2023-01-29 18:43:29 +0000
Commit:     Fernando Apesteguía <fernape@FreeBSD.org>
CommitDate: 2023-01-30 10:20:13 +0000

    net-mgmt/prometheus2: update to 2.41.0

    ChangeLog: https://github.com/prometheus/prometheus/blob/main/CHANGELOG.md

    PR:             269153
    Reported by:    dor.bsd@xm0.uk (maintainer)
    MFH:            2023Q1 (security fixes)
    Security:       CVE-2022-46146

 net-mgmt/prometheus2/Makefile |  3 +--
 net-mgmt/prometheus2/distinfo | 14 +++++++-------
 2 files changed, 8 insertions(+), 9 deletions(-)
Comment 3 commit-hook freebsd_committer freebsd_triage 2023-01-30 10:29:05 UTC
A commit in branch 2023Q1 references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=d93d536bebdd86f952c38a2d68023215fdb43e8a

commit d93d536bebdd86f952c38a2d68023215fdb43e8a
Author:     David O'Rourke <dor.bsd@xm0.uk>
AuthorDate: 2023-01-29 18:43:29 +0000
Commit:     Fernando Apesteguía <fernape@FreeBSD.org>
CommitDate: 2023-01-30 10:23:01 +0000

    net-mgmt/prometheus2: update to 2.41.0

    ChangeLog: https://github.com/prometheus/prometheus/blob/main/CHANGELOG.md

    PR:             269153
    Reported by:    dor.bsd@xm0.uk (maintainer)
    MFH:            2023Q1 (security fixes)
    Security:       CVE-2022-46146

    (cherry picked from commit 04ccf344372409a68d9293e5b02d3d5804b8591d)

 net-mgmt/prometheus2/Makefile |  3 +--
 net-mgmt/prometheus2/distinfo | 14 +++++++-------
 2 files changed, 8 insertions(+), 9 deletions(-)
Comment 4 Fernando Apesteguía freebsd_committer freebsd_triage 2023-01-30 10:31:03 UTC
Committed and merged to 2023Q1,

Thanks!
Comment 5 commit-hook freebsd_committer freebsd_triage 2023-01-30 10:31:06 UTC
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=e4bc259a13130d5c9440ee6913b69baab43f48ff

commit e4bc259a13130d5c9440ee6913b69baab43f48ff
Author:     Fernando Apesteguía <fernape@FreeBSD.org>
AuthorDate: 2023-01-30 10:16:35 +0000
Commit:     Fernando Apesteguía <fernape@FreeBSD.org>
CommitDate: 2023-01-30 10:26:13 +0000

    security/vuxml: add net-mgmt/prometheus basic authentication bypass

    CVE-2022-46146

    PR:     269153
    Reported by:    dor.bsd@xm0.uk (maintainer)

 security/vuxml/vuln/2023.xml | 41 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 41 insertions(+)