RepoMirrors
/
alertmanager
mirror of https://github.com/prometheus/alertmanager
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add a `[SECURITY]` to the changelog and update CVE-2023-40577 

Some users have been vocal about the security fix not visible enough in the changelog, it seems like prometheus uses [SECURITY] to disclose these and I think it's a good practice.

A copy of #3487 but for the release branch of 0.25

Signed-off-by: gotjosh <josue.abreu@gmail.com>
This commit is contained in:
gotjosh 2023-08-25 11:23:06 +01:00
parent c0a6992c21
commit a4e8574be7
No known key found for this signature in database
GPG Key ID: A6E1DDE38FF3C74E
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGELOG.md
View File

@ -1,6 +1,6 @@
## 0.25.1 / 2023-08-23 ## 0.25.1 / 2023-08-23
* [BUGFIX] Fix stored XSS via the /api/v1/alerts endpoint in the Alertmanager UI. * [SECURITY] Fix stored XSS via the /api/v1/alerts endpoint in the Alertmanager UI. CVE-2023-40577
## 0.25.0 / 2022-12-22 ## 0.25.0 / 2022-12-22