{"affected":[{"ecosystem_specific":{"binaries":[{"golang-github-prometheus-prometheus":"2.53.3-150100.4.23.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Package Hub 15 SP6","name":"golang-github-prometheus-prometheus","purl":"pkg:rpm/suse/golang-github-prometheus-prometheus&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.53.3-150100.4.23.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"golang-github-prometheus-prometheus":"2.53.3-150100.4.23.1"}]},"package":{"ecosystem":"SUSE:Manager Proxy Module 4.3","name":"golang-github-prometheus-prometheus","purl":"pkg:rpm/suse/golang-github-prometheus-prometheus&distro=SUSE%20Manager%20Proxy%20Module%204.3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.53.3-150100.4.23.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"firewalld-prometheus-config":"0.1-150100.4.23.1","golang-github-prometheus-prometheus":"2.53.3-150100.4.23.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.6","name":"golang-github-prometheus-prometheus","purl":"pkg:rpm/opensuse/golang-github-prometheus-prometheus&distro=openSUSE%20Leap%2015.6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.53.3-150100.4.23.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"\n\ngolang-github-prometheus-prometheus was updated from version 2.45.6 to 2.53.3 (jsc#PED-11649):\n\n- Security issues fixed:\n  * CVE-2024-51744: Updated golang-jwt to version 5.0 to fix bad error\n    handling (bsc#1232970)\n\n- Highlights of other changes:\n  * Performance: \n    + Significant enhancements to PromQL execution speed, TSDB operations (especially querying and compaction) and \n      remote write operations.\n    + Default GOGC value lowered to 75 for better memory management. \n    + Option to limit memory usage from dropped targets added.\n  * New Features:\n    + Experimental OpenTelemetry ingestion.\n    + Automatic memory limit handling.\n    + Native histogram support, including new functions, UI enhancements, and improved scraping.\n    + Improved alerting features, such as relabeling rules for AlertmanagerConfig and a new query_offset option.\n    + Expanded service discovery options with added metadata and support for new services.\n    + New promtool commands for PromQL formatting, label manipulation, metric pushing, and OpenMetrics dumping.\n  * Bug Fixes: \n    + Numerous fixes across scraping, API, TSDB, PromQL, and service discovery.\n  * For a detailed list of changes consult the package changelog or \n    https://github.com/prometheus/prometheus/compare/v2.45.6...v2.53.3\n","id":"SUSE-SU-2025:0546-1","modified":"2025-02-14T07:24:38Z","published":"2025-02-14T07:24:38Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2025/suse-su-20250546-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1232970"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-51744"}],"related":["CVE-2024-51744"],"summary":"Security update golang-github-prometheus-prometheus","upstream":["CVE-2024-51744"]}