Stay Informed
This week, read about:
- Alpine Linux 3.21: Lean, Mean, and LoongArch-Ready.
- Cheat Codes for LLM Performance: An Introduction to SpeculativeDecoding
- 2025 Trend of Short Life Certificates.
- AWS-LC FIPS 3.0: First Cryptographic Library To Include ML-KEM in FIPS140–3 Validation.
- OpenLogic's Long-Term Support for End-of-Life Software.
- OpenLogic OpenJDK 2024 Release Downloads for Versions 8, 11, 17, 21 and 22 Are Now Available.
Security Based Updates
- No News
Non-Security Based Updates
Prometheus v3.1.0
What's Changed:
- [SECURITY] upgrade golang.org/x/crypto to address reported CVE-2024-45337. #15691
- [CHANGE] Notifier: Increment prometheus_notifications_errors_total by the number of affected alerts rather than per batch. #15428
- [CHANGE] API: list rules field "groupNextToken:omitempty" renamed to "groupNextToken". #15400
- [ENHANCEMENT] OTLP translate: keep identifying attributes in target_info. #15448
- [ENHANCEMENT] Paginate rule groups, add infinite scroll to rules within groups. #15677
- [ENHANCEMENT] TSDB: Improve calculation of space used by labels. #13880
- [ENHANCEMENT] Rules: new metric rule_group_last_rule_duration_sum_seconds. #15672
- [ENHANCEMENT] Observability: Export 'go_sync_mutex_wait_total_seconds_total' metric. #15339
- [ENHANCEMEN] Remote-Write: optionally use a DNS resolver that picks a random IP. #15329
- [PERF] Optimize `l=~".+"` matcher. #15474, #15684
- [PERF] TSDB: Cache all symbols for compaction . #15455
- [PERF] TSDB: MemPostings: keep a map of label values slices. #15426
- [PERF] Remote-Write: Remove interning hook. #15456
- [PERF] Scrape: optimize string manipulation for experimental native histograms with custom buckets. #15453
- [PERF] TSDB: reduce memory allocations. #15465, #15427
- [PERF] Storage: Implement limit in mergeGenericQuerier. #14489
- [PERF] TSDB: Optimize inverse matching. #14144
- [PERF] Regex: use stack memory for lowercase copy of string. #15210
- [PERF] TSDB: When deleting from postings index, pause to unlock and let readers read. #15242
- [BUGFIX] Main: Avoid possible segfault at exit. (#15724)
- [BUGFIX] Rules: Do not run rules concurrently if uncertain about dependencies. #15560
- [BUGFIX] PromQL: Adds test for `absent`, `absent_over_time` and `deriv` func with histograms. #15667
- [BUGFIX] PromQL: Fix various bugs related to quoting UTF-8 characters. #15531
- [BUGFIX] Scrape: fix nil panic after scrape loop reload. #15563
- [BUGFIX] Remote-write: fix panic on repeated log message. #15562
- [BUGFIX] Scrape: reload would ignore always_scrape_classic_histograms and convert_classic_histograms_to_nhcb configs. #15489
- [BUGFIX] TSDB: fix data corruption in experimental native histograms. #15482
- [BUGFIX] PromQL: Ignore histograms in all time related functions. #15479
- [BUGFIX] OTLP receiver: Convert metric metadata. #15416
- [BUGFIX] PromQL: Fix `resets` function for histograms. #15527
- [BUGFIX] PromQL: Fix behaviour of `changes()` for mix of histograms and floats. #15469
- [BUGFIX] PromQL: Fix behaviour of some aggregations with histograms. #15432
- [BUGFIX] allow quoted exemplar keys in openmetrics text format. #15260
- [BUGFIX] TSDB: fixes for rare conditions when loading write-behind-log (WBL). #15380
- [BUGFIX] `round()` function did not remove `__name__` label. #15250
- BUGFIX] Promtool: analyze block shows metric name with 0 cardinality. #15438
- [BUGFIX] PromQL: Fix `count_values` for histograms. #15422
- [BUGFIX] PromQL: fix issues with comparison binary operations with `bool` modifier and native histograms. #15413
- [BUGFIX] PromQL: fix incorrect "native histogram ignored in aggregation" annotations. #15414
- [BUGFIX] PromQL: Corrects the behaviour of some operator and aggregators with Native Histograms. #15245
- [BUGFIX] TSDB: Always return unknown hint for first sample in non-gauge histogram chunk. #15343
- [BUGFIX] PromQL: Clamp functions: Ignore any points with native histograms. #15169
- [BUGFIX] TSDB: Fix race on stale values in headAppender. #15322
- [BUGFIX] UI: Fix selector / series formatting for empty metric names. #15340
- [BUGFIX] OTLP receiver: Allow colons in non-standard units. #15710
Redis 7.2.7
Upgrade urgency SECURITY: See security fixes below.
Security fixes:
- (CVE-2024-46981) Lua script commands may lead to remote code execution
- (CVE-2024-51741) Denial-of-service due to malformed ACL selectors
Bug fixes:
- #13380 Possible crash due to OOM panic on invalid command
- #13338 Streams: `XINFO` lag field is wrong when tombstone is after the `last_id` of the consume group
- #13473 Streams: `XTRIM` does not update the maximal tombstone, leading to an incorrect lag
- #13311 Cluster: crash due to unblocking client during slot migration
- #13443 Cluster: crash when loading cluster config
- #13422 Cluster: `CLUSTER SHARDS` returns empty array
- #13465 Cluster: incompatibility with older node versions
Redis 7.4.2
Upgrade urgency SECURITY: See security fixes below.
Security fixes:
- (CVE-2024-46981) Lua script commands may lead to remote code execution
- (CVE-2024-51741) Denial-of-service due to malformed ACL selectors
Bug fixes:
- #13627 Crash on module memory defragmentation
- #13338 Streams: `XINFO` lag field is wrong when tombstone is after the `last_id` of the consume group
- #13473 Streams: `XTRIM` does not update the maximal tombstone, leading to an incorrect lag
- #13470 `INFO` after `HDEL` show wrong number of hash keys with expiration
- #13476 Fix a race condition in the `cache_memory` of `functionsLibCtx`
- #13626 Memory leak on failed RDB loading
- #13539 Hash: fix key ref for a hash that no longer has fields with expiration on `RENAME`/`MOVE`/`SWAPDB`/`RESTORE`
- #13443 Cluster: crash when loading cluster config
- #13422 Cluster: `CLUSTER SHARDS` returns empty array
- #13465 Cluster: incompatibility with older node versions
- #13608 Cluster: `SORT ... GET #`: incorrect error message
Redis 6.2.17
Upgrade urgency SECURITY: See security fixes below.
Security fixes:
- (CVE-2024-46981) Lua script commands may lead to remote code execution