Security update for node_exporter (important)

An update that solves one vulnerability, contains two
features and has one errata is now available.

Description:

This security update for golang-github-prometheus-node_exporter provides:

Update golang-github-prometheus-node_exporter from version 1.1.2 to
version 1.3.0 (bsc#1196338, jsc#SLE-24238, jsc#SLE-24239)

• CVE-2022-21698: Denial of service using InstrumentHandlerCounter
• Update vendor tarball with prometheus/client_golang 1.11.1
• Update to 1.3.0
  • [CHANGE] Add path label to rapl collector #2146
  • [CHANGE] Exclude filesystems under /run/credentials #2157
  • [CHANGE] Add TCPTimeouts to netstat default filter #2189
  • [FEATURE] Add lnstat collector for metrics from /proc/net/stat/ #1771
  • [FEATURE] Add darwin powersupply collector #1777
  • [FEATURE] Add support for monitoring GPUs on Linux #1998
  • [FEATURE] Add Darwin thermal collector #2032
  • [FEATURE] Add os release collector #2094
  • [FEATURE] Add netdev.address-info collector #2105
  • [FEATURE] Add clocksource metrics to time collector #2197
  • [ENHANCEMENT] Support glob textfile collector directories #1985
  • [ENHANCEMENT] ethtool: Expose node_ethtool_info metric #2080
  • [ENHANCEMENT] Use include/exclude flags for ethtool filtering #2165
  • [ENHANCEMENT] Add flag to disable guest CPU metrics #2123
  • [ENHANCEMENT] Add DMI collector #2131
  • [ENHANCEMENT] Add threads metrics to processes collector #2164
  • [ENHANCMMENT] Reduce timer GC delays in the Linux filesystem collector
    #2169
  • [ENHANCMMENT] Add TCPTimeouts to netstat default filter #2189
  • [ENHANCMMENT] Use SysctlTimeval for boottime collector on BSD #2208
  • [BUGFIX] ethtool: Sanitize metric names #2093
  • [BUGFIX] Fix ethtool collector for multiple interfaces #2126
  • [BUGFIX] Fix possible panic on macOS #2133
  • [BUGFIX] Collect flag_info and bug_info only for one core #2156
  • [BUGFIX] Prevent duplicate ethtool metric names #2187
• Update to 1.2.2
  • Bug fixes Fix processes collector long int parsing #2112
• Update to 1.2.1
  • Removed Remove obsolete capture permission denied error fix already
    included upstream
  • Bug fixes Fix zoneinfo parsing prometheus/procfs#386 Fix nvme
    collector log noise #2091 Fix rapl collector log noise #2092
• Update to 1.2.0
  • Changes Rename filesystem collector flags to match other collectors
    #2012 Make node_exporter print usage to STDOUT #203
  • Features Add conntrack statistics metrics #1155 Add ethtool stats
    collector #1832 Add flag to ignore network speed if it is unknown
    #1989 Add tapestats collector for Linux #2044 Add nvme collector #2062
  • Enhancements Add ErrorLog plumbing to promhttp #1887 Add more
    Infiniband counters #2019 netclass: retrieve interface names and
    filter before parsing #2033 Add time zone offset metric #2060
  • Bug fixes Handle errors from disabled PSI subsystem #1983 Fix panic
    when using backwards compatible flags #2000 Fix wrong value for
    OpenBSD memory buffer cache #2015 Only initiate collectors once #2048
    Handle small backwards jumps in CPU idle #2067
• Capture permission denied error for “energy_uj” file (bsc#1190535)

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

• openSUSE Leap 15.4:

  zypper in -t patch openSUSE-SLE-15.4-2022-2140=1

• openSUSE Leap 15.3:

  zypper in -t patch openSUSE-SLE-15.3-2022-2140=1

• SUSE Manager Server 4.1:

  zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-2140=1

• SUSE Manager Retail Branch Server 4.1:

  zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-2140=1

• SUSE Manager Proxy 4.1:

  zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-2140=1

• SUSE Linux Enterprise Server for SAP 15-SP2:

  zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-2140=1

• SUSE Linux Enterprise Server for SAP 15-SP1:

  zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-2140=1

• SUSE Linux Enterprise Server 15-SP2-LTSS:

  zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-2140=1

• SUSE Linux Enterprise Server 15-SP2-BCL:

  zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-2140=1

• SUSE Linux Enterprise Server 15-SP1-LTSS:

  zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-2140=1

• SUSE Linux Enterprise Server 15-SP1-BCL:

  zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-2140=1

• SUSE Linux Enterprise Module for Basesystem 15-SP4:

  zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-2140=1

• SUSE Linux Enterprise Module for Basesystem 15-SP3:

  zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-2140=1

• SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:

  zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-2140=1

• SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:

  zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-2140=1

• SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:

  zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-2140=1

• SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:

  zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-2140=1

• SUSE Enterprise Storage 7:

  zypper in -t patch SUSE-Storage-7-2022-2140=1

• SUSE Enterprise Storage 6:

  zypper in -t patch SUSE-Storage-6-2022-2140=1

• SUSE CaaS Platform 4.0:

  To install this update, use the SUSE CaaS Platform ‘skuba’ tool. It
  will inform you if it detects new updates and let you then trigger
  updating of the complete cluster in a controlled way.