Description:
This update for Golang Prometheus fixes the following issues:
golang-github-prometheus-alertmanager:
- CVE-2023-29409: Restrict RSA keys in certificates to less than or equal to 8192 bits to avoid DoSing client/server
while validating signatures for extremely large RSA keys. (bsc#1213880)
There are no direct source changes. The CVE is fixed rebuilding the sources with the patched Go version.
golang-github-prometheus-node_exporter:
- CVE-2023-29409: Restrict RSA keys in certificates to less than or equal to 8192 bits to avoid DoSing client/server
while validating signatures for extremely large RSA keys. (bsc#1213880)
There are no direct source changes. The CVE is fixed rebuilding the sources with the patched Go version.