{"affected":[{"ecosystem_specific":{"binaries":[{"grafana":"7.1.5-bp151.2.1"}]},"package":{"ecosystem":"SUSE:Package Hub 15 SP1","name":"grafana","purl":"pkg:rpm/suse/grafana&distro=SUSE%20Package%20Hub%2015%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"7.1.5-bp151.2.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for grafana fixes the following issues:\n\ngrafana was updated to version 7.1.5:\n\n  * Features / Enhancements\n\n    - Stats: Stop counting the same user multiple times.\n    - Field overrides: Filter by field name using regex.\n    - AzureMonitor: map more units.\n    - Explore: Don't run queries on datasource change.\n    - Graph: Support setting field unit & override data source (automatic) unit.\n    - Explore: Unification of logs/metrics/traces user interface\n    - Table: JSON Cell should try to convert strings to JSON\n    - Variables: enables cancel for slow query variables queries. \n    - TimeZone: unify the time zone pickers to one that can rule them all.\n    - Search: support URL query params.\n    - Grafana-UI: Add FileUpload.\n    - TablePanel: Sort numbers correctly.\n\n  * Bug fixes\n\n    - Alerting: remove LongToWide call in alerting.\n    - AzureMonitor: fix panic introduced in 7.1.4 when unit was unspecified and alias was used. \n    - Variables: Fixes issue with All variable not being resolved.\n    - Templating: Fixes so texts show in picker not the values.\n    - Templating: Templating: Fix undefined result when using raw interpolation format\n    - TextPanel: Fix content overflowing panel boundaries. \n    - StatPanel: Fix stat panel display name not showing when explicitly set.\n    - Query history: Fix search filtering if null value.\n    - Flux: Ensure connections to InfluxDB are closed.\n    - Dashboard: Fix for viewer can enter panel edit mode by modifying url (but cannot not save anything).\n    - Prometheus: Fix prom links in mixed mode.\n    - Sign In Use correct url for the Sign In button.\n    - StatPanel: Fixes issue with name showing for single series / field results\n    - BarGauge: Fix space bug in single series mode.\n    - Auth: Fix POST request failures with anonymous access\n    - Templating: Fix recursive loop of template variable queries when changing ad-hoc-variable\n    - Templating: Fixed recursive queries triggered when switching dashboard settings view\n    - GraphPanel: Fix annotations overflowing panels.\n    - Prometheus: Fix performance issue in processing of histogram labels.\n    - Datasources: Handle URL parsing error.\n    - Security: Use Header.Set and Header.Del for X-Grafana-User header.\n\n","id":"openSUSE-SU-2020:1611-1","modified":"2020-10-04T12:21:08Z","published":"2020-10-04T12:21:08Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/OKBMAHAY4QQ74KBHCRT4WZCTDLSNZWWW/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1044444"},{"type":"REPORT","url":"https://bugzilla.suse.com/1044933"},{"type":"REPORT","url":"https://bugzilla.suse.com/1115960"},{"type":"REPORT","url":"https://bugzilla.suse.com/1170557"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-19039"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-15043"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-12245"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-13379"}],"related":["CVE-2018-19039","CVE-2019-15043","CVE-2020-12245","CVE-2020-13379"],"summary":"Security update for grafana","upstream":["CVE-2018-19039","CVE-2019-15043","CVE-2020-12245","CVE-2020-13379"]}