From 3b684810d29fa0ff3918bad7f26d1c0b1ea58363 Mon Sep 17 00:00:00 2001 From: beorn7 Date: Tue, 29 Nov 2022 15:34:11 +0100 Subject: [PATCH] Cut v1.5.1 To address CVE-2022-46146. Signed-off-by: beorn7 --- CHANGELOG.md | 4 ++++ VERSION | 2 +- go.mod | 2 +- go.sum | 4 ++-- 4 files changed, 8 insertions(+), 4 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 76c8237e..664ab2fc 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.5.1 / 2022-11-29 + +* [SECURITY] Fix basic authentication bypass vulnerability (CVE-2022-46146). #516 + ## 1.5.0 / 2022-11-24 * [FEATURE] Add multiple listeners and systemd socket support. #512 diff --git a/VERSION b/VERSION index bc80560f..26ca5946 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -1.5.0 +1.5.1 diff --git a/go.mod b/go.mod index fad7eab2..677e6163 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,7 @@ require ( github.com/prometheus/client_golang v1.14.0 github.com/prometheus/client_model v0.3.0 github.com/prometheus/common v0.37.0 - github.com/prometheus/exporter-toolkit v0.8.1 + github.com/prometheus/exporter-toolkit v0.8.2 github.com/shurcooL/vfsgen v0.0.0-20200824052919-0d455de96546 gopkg.in/alecthomas/kingpin.v2 v2.2.6 ) diff --git a/go.sum b/go.sum index 5fc07667..52e34677 100644 --- a/go.sum +++ b/go.sum @@ -262,8 +262,8 @@ github.com/prometheus/common v0.26.0/go.mod h1:M7rCNAaPfAosfx8veZJCuw84e35h3Cfd9 github.com/prometheus/common v0.32.1/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls= github.com/prometheus/common v0.37.0 h1:ccBbHCgIiT9uSoFY0vX8H3zsNR5eLt17/RQLUvn8pXE= github.com/prometheus/common v0.37.0/go.mod h1:phzohg0JFMnBEFGxTDbfu3QyL5GI8gTQJFhYO5B3mfA= -github.com/prometheus/exporter-toolkit v0.8.1 h1:TpKt8z55q1zF30BYaZKqh+bODY0WtByHDOhDA2M9pEs= -github.com/prometheus/exporter-toolkit v0.8.1/go.mod h1:00shzmJL7KxcsabLWcONwpyNEuWhREOnFqZW7vadFS0= +github.com/prometheus/exporter-toolkit v0.8.2 h1:sbJAfBXQFkG6sUkbwBun8MNdzW9+wd5YfPYofbmj0YM= +github.com/prometheus/exporter-toolkit v0.8.2/go.mod h1:00shzmJL7KxcsabLWcONwpyNEuWhREOnFqZW7vadFS0= github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU=