openSUSE-SU-2025:0003-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2025:0003-1.json
JSON Data
https://api.test.osv.dev/v1/vulns/openSUSE-SU-2025:0003-1
Related
Published
2025-01-07T15:04:12Z
Modified
2025-01-07T15:04:12Z
Summary
Security update for etcd
Details

This update for etcd fixes the following issues:

Update to version 3.5.12:

  • Bump golang.org/x/crypto to v0.17+ to address CVE-2023-48795
  • test: fix TestHashKVWhenCompacting: ensure all goroutine finished
  • print error log when creating peer listener failed
  • mvcc: Printing etcd backend database related metrics inside scheduleCompaction function
  • dependency: update go version to 1.20.13
  • commit bbolt transaction if there is any pending deleting operations
  • add tests to test tx delete consistency.
  • Don't flock snapshot files
  • Backport adding digest for etcd base image.
  • Add a unit tests and missing flags in etcd help.
  • Add missing flag in etcd help.
  • Backport testutils.ExecuteUntil to 3.5 branch
  • member replace e2e test
  • Check if be is nil to avoid panic when be is overriden with nil by recoverSnapshotBackend on line 517
  • Don't redeclare err and snapshot variable, fixing validation of consistent index and closing database on defer
  • test: enable gofail in release e2e test.
  • [3.5] backport health check e2e tests.
  • tests: Extract e2e cluster setup to separate package

    • Update to version 3.5.11:
  • etcdserver: add linearizable_read check to readyz.

  • etcd: Update go version to 1.20.12
  • server: disable redirects in peer communication
  • etcdserver: add metric counters for livez/readyz health checks.
  • etcdserver: add livez and ready http endpoints for etcd.
  • http health check bug fixes
  • server: Split metrics and health code
  • server: Cover V3 health with tests
  • server: Refactor health checks
  • server: Run health check tests in subtests
  • server: Rename test case expect fields
  • server: Use named struct initialization in healthcheck test
  • Backport server: Don't follow redirects when checking peer urls.
  • Backport embed: Add tracing integration test.
  • Backport server: Have tracingExporter own resources it initialises.
  • Backport server: Add sampling rate to distributed tracing.
  • upgrade github.com/stretchr/testify,google.golang.org/genproto/googleapis/api,google.golang.org/grpc to make it consistent
  • CVE-2023-47108: Backport go.opentelemetry.io/otel@v1.20.0 and go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.46.0
  • github workflow: run arm64 tests on every push
  • etcd: upgrade go version from 1.20.10 to 1.20.11
  • bump bbolt to 1.3.8 for etcd 3.5
  • 3.5: upgrade gRPC-go to 1.58.3
  • Backport corrupt check test fix 'etcd server shouldn't wait for the ready notification infinitely on startup'
  • etcdserver: add cluster id check for hashKVHandler
  • [release-3.5]: upgrade gRPC-go to v1.52.0
  • backport #14125 to release-3.5: Update to grpc-1.47 (and fix the connection-string format)
  • Return to default write scheduler since golang.org/x/net@v0.11.0 started using round robin
  • Bump go to v1.20.10 Part of https://github.com/etcd-io/etcd/issues/16740
  • bump golang.org/x/net to 0.17.0 Part of https://github.com/etcd-io/etcd/issues/16740
  • etcd: upgrade go version to 1.20.9
  • Remove obsolete http 1.0 version.
  • fix:Ensure that go version is only defined in one file for release-3.5
  • Fix panic in etcd validate secure endpoints
  • dependency: bump golang to 1.20.8
  • Backport redirect metrics data into file to reduce output.
  • test.sh: increase timeout for grpcproxy test
  • test: add v3 curl test to cover maintenance hash/hashkv REST API
  • api: fix duplicate gateway url issue
  • pkg: add a verification on the pagebytes which must be > 0
  • tests: Backport deflake for TestWatchDelay
  • tests: Backport deflake for TestPageWriterRandom
  • Backport adding unit test for socket options.
  • Backport export reuse-port and reuse-address
  • Fix goword failure in rafthttp/transport.go.
  • Backport update to golang 1.20 minor release.
  • bump go version to 1.19.12
  • Update workflows to use makefile recipes for unit, integration & e2e-release.
  • Backport Makefile recipes for common test commands.
  • pkg/flags: fix UniqueURLs'Set to remove duplicates in UniqueURLs'uss
  • Backport fix to e2e release version identifcation.
  • Backport #14368 to v3.5
  • Follow up https://github.com/etcd-io/etcd/pull/16068#discussion_r1263667496
  • etcdserver: backport check scheduledCompactKeyName and finishedCompactKeyName before writing hash to release-3.5.
  • Backport #13577 Disable auth gracefully without impacting existing watchers.
  • bump go version to 1.19.11 to fix CVE GO-2023-1878
  • clientv3: create keepAliveCtxCloser goroutine only if ctx can be canceled
  • [3.5] etcdutl: fix db double closed
  • clientv3: remove v3.WithFirstKey() in Barrier.Wait()
  • update etcdctl flag description for snapshot restores
  • etcdutl: update description for --mark-compacted and --bump-revision flags in snapshot restore command
  • Adding optional revision bump and mark compacted to snapshot restore
  • Revert 'Merge pull request #16119 from natusameer/release-3.5'
  • Add e2e-arm64.yaml and tests-arm64.yaml to release-3.5 scheduled at 1.30
  • Backport .github/workflows: Read .go-version as a step and not separate workflow.
  • Add first unit test for authApplierV3
  • Early exit auth check on lease puts
  • remove stack log when etcdutl restore
  • etcdserver: fix corruption check when server has just been compacted
  • replace gobin with go install
  • [3.5] Backport updating go to latest patch release 1.19.10
  • add compact hash check to help
  • Fix test of clientv3/naming
  • clientv3/naming/endpoints: fix endpoints prefix bug fixes bug with multiple endpoints with same prefix
  • grpcproxy: fix memberlist results not update when proxy node down

    • Update to version 3.5.9:
  • Move go version to dedicated .go-version file

  • tests: e2e and integration test for timetolive
  • etcdserver: protect lease timetilive with auth
  • Backport go update to latest patch release 1.19.9.
  • Backport centralising go version for actions workflows.
  • server: backport 15743, improved description of --initial-cluster-state flag

    • Update to version 3.5.8:
  • etcdserver: Guarantee order of requested progress notifications

  • etcdserver: verify field 'username' and 'revision' present when decoding a JWT token
  • set zap logging to wsproxy
  • security: remove password after authenticating the user
  • test: add an e2e test to reproduce https://nvd.nist.gov/vuln/detail/CVE-2021-28235
  • bump golang to 1.19.8
  • server/auth: disallow creating empty permission ranges
  • chore: enable strict mode for test CI
  • Fixes: #15266 All docker images of Architecture show amd64
  • scripts: Add testing of etcd in local image in release workflow.
  • server: Fix defer function closure escape
  • tests: Test separate http port connection multiplexing
  • server: Add --listen-client-http-urls flag to allow running grpc server separate from http server
  • server: Pick one address that all grpc gateways connect to
  • server: Extract resolveUrl helper function
  • server: Separate client listener grouping from serving
  • refactor: Use proper variable names for urls
  • sever/auth: fix addUserWithNoOption of store_test
  • server/auth: fix auth panic bug when user changes password
  • Automated cherry-pick of #14860: Trigger release in current branch for github workflow case
  • server/embed: fix data race when start insecure grpc
  • server: Test watch restore
  • mvcc: update minRev when watcher stays synced
  • tests: Add v2 API to connection multiplexing test
  • tests: Add connection muiltiplexer testing
  • tests: Backport RunUtilCompletion
  • tests: Backport tls for etcdctl
  • tests: Extract e2e test utils
  • tests: Allow specifying http version in curl
  • tests: Refactor newClient args
  • tests: Refactor CURLPrefixArgs
  • Backport tls 1.3 support.
  • server: Switch back to random scheduler to improve resilience to watch starvation
  • test: Test etcd watch stream starvation under high read response load when sharing the same connection
  • tests: Allow configuring progress notify interval in e2e tests
  • Run go mod tidy
  • Updated go to 1.19.7.
  • Backport gosrcsin_module changes and fix goword failures.
  • Formatted source code for go 1.19.6.
  • Bump to go 1.19.6
  • Bump golang.org/x/net to v0.7.0 to address CVE GO-2023-1571.
  • test:enhance the test case TestV3WatchProgressOnMemberRestart
  • clientv3: correct the nextRev on receving progress notification response
  • etcdserver: add failpoints walBeforeSync and walAfterSync
  • Fix regression in timestamp resolution
  • upgrade cockroachdb/datadriven to v1.0.2 to remove archived dependencies
  • bump github.com/stretchr/testify to v1.8.1
  • bump bbolt to v1.3.7 for release-3.5
  • netutil: consistently format ipv6 addresses
  • docker: remove nsswitch.conf

    • Update to version 3.5.7:
  • etcdserver: return membership.ErrIDNotFound when the memberID not found

  • etcdserver: process the scenaro of the last WAL record being partially synced to disk
  • update nsswitch.conf for 3.5
  • 3.5: remove the dependency on busybox
  • Remove dependency on gobin
  • resolve build error: parameter may not start with quote character '
  • remove .travis.yml
  • format the source code and tidy the dependencies using go 1.17.13
  • bump go version to 1.17.13
  • deps: bump golang.org/x/net to v0.4.0 to address CVEs
  • security: use distroless base image to address critical Vulnerabilities
  • cidc: specify the correct branch name of release-3.5 in workflow for trivy nightly scan
  • Add trivy nightly scan for release-3.5
  • clientv3: revert the client side change in 14547
  • client/pkg/v3: fixes Solaris build of transport
  • etcdserver: fix nil pointer panic for readonly txn
  • Fix go fmt error
  • [3.5] Backport: non mutating requests pass through quotaKVServer when NOSPACE
  • etcdserver: intentionally set the memberID as 0 in corruption alarm

    • Update to version 3.5.6:
  • release: build with consistent paths

  • client/pkg/fileutil: add missing logger to {Create,Touch}DirAll
  • test: add test case to cover the CommonName based authentication
  • test: add certificate with root CommonName
  • clientv3: do not refresh token when using TLS CommonName based authentication
  • etcdserver: call the OnPreCommitUnsafe in unsafeCommit
  • add range flag for delete in etcdctl
  • server: add more context to panic message
  • fix:close conn
  • clientv3: fix the design & implementation of double barrier
  • test: added e2e test case for issue 14571: etcd doesn't load auth info when recovering from a snapshot
  • etcdserver: call refreshRangePermCache on Recover() in AuthStore. #14574
  • server: add a unit test case for authStore.Reocver() with empty rangePermCache
  • Backport #14591 to 3.5.
  • client/v3: Add backoff before retry when watch stream returns unavailable
  • etcdserver: added more debug log for the purgeFile goroutine
  • netutil: make a raw URL comparison part of the urlsEqual function
  • Apply suggestions from code review
  • netutil: add url comparison without resolver to URLStringsEqual
  • tests/Dockerfile: Switch to ubuntu 22.04 base
  • Makefile: Additional logic fix
  • *: avoid closing a watch with ID 0 incorrectly
  • tests: a test case for watch with auth token expiration
  • *: handle auth invalid token and old revision errors in watch
  • server/etcdmain: add configurable cipher list to gRPC proxy listener
  • Replace github.com/form3tech-oss/jwt-go with https://github.com/golang-jwt/jwt/v4

    • Update to version 3.5.5:
  • fix the flaky test fixTestV3AuthRestartMember20220913 for 3.5

  • etcdctl: fix move-leader for multiple endpoints
  • testing: fix TestOpenWithMaxIndex cleanup
  • server,test: refresh cache on each NewAuthStore
  • server/etcdmain: add build support for Apple M1
  • tests: Fix member id in CORRUPT alarm
  • server: Make corrtuption check optional and period configurable
  • server: Implement compaction hash checking
  • tests: Cover periodic check in tests
  • server: Refactor compaction checker
  • tests: Move CorruptBBolt to testutil
  • tests: Rename corruptHash to CorruptBBolt
  • tests: Unify TestCompactionHash and extend it to also Delete keys and Defrag
  • tests: Add tests for HashByRev HTTP API
  • tests: Add integration tests for compact hash
  • server: Cache compaction hash for HashByRev API
  • server: Extract hasher to separate interface
  • server: Remove duplicated compaction revision
  • server: Return revision range that hash was calcualted for
  • server: Store real rv range in hasher
  • server: Move adjusting revision to hasher
  • server: Pass revision as int
  • server: Calculate hash during compaction
  • server: Fix range in mock not returning same number of keys and values
  • server: Move reading KV index inside scheduleCompaction function
  • server: Return error from scheduleCompaction
  • server: Refactor hasher
  • server: Extract kvHash struct
  • server: Move unsafeHashByRev to new hash.go file
  • server: Extract unsafeHashByRev function
  • server: Test HashByRev values to make sure they don't change
  • server: Cover corruptionMonitor with tests
  • server: Extract corruption detection to dedicated struct
  • server: Extract triggerCorruptAlarm to function
  • move consistent_index forward when executing alarmList operation
  • fix the potential data loss for clusters with only one member
  • [backport 3.5] server: don't panic in readonly serializable txn
  • Backport of pull/14354 to 3.5.5
  • Refactor the keepAliveListener and keepAliveConn
  • clientv3: close streams after use in lessor keepAliveOnce method
  • Change default sampling rate from 100% to 0%
  • Fix the failure in TestEndpointSwitchResolvesViolation
  • update all related dependencies
  • move setupTracing into a separate file config_tracing.go
  • etcdserver: bump OpenTelemetry to 1.0.1
  • Change default sampling rate from 100% to 0%
  • server/auth: protect rangePermCache with a RW lock
  • Improve error message for incorrect values of ETCDCLIENTDEBUG
  • add e2e test cases to cover the maxConcurrentStreams
  • Add flag --max-concurrent-streams to set the max concurrent stream each client can open at a time
  • add the uint32Value data type
  • Client: fix check for WithPrefix op
  • client/v3: do not overwrite authTokenBundle on dial
  • restrict the max size of each WAL entry to the remaining size of the file
  • Add FileReader and FileBufReader utilities
  • Backport two lease related bug fixes to 3.5
  • scripts: Detect staged files before building release
  • scripts: Avoid additional repo clone
  • Make DRY_RUN explicit
  • scripts: Add tests for release scripts
  • server/auth: enable tokenProvider if recoved store enables auth
  • Update golang.org/x/crypto to latest

    • Update to version 3.5.4:
  • Update conssitent_index when applying fails

  • Add unit test for canonical SRV records
  • Revert 'trim the suffix dot from the srv.Target for etcd-client DNS lookup'

    • add variable ETCD_OPTIONS to both service unit and configuration file this allows the user to easily add things like '--enable-v2=true'

    • Update to version 3.5.3:

    https://github.com/etcd-io/etcd/compare/v3.5.2...v3.5.3

  • clientv3: disable mirror auth test with proxy
  • cv3/mirror: Fetch the most recent prefix revision
  • set backend to cindex before recovering the lessor in applySnapshot
  • support linearizable renew lease
  • clientv3: filter learners members during autosync
  • etcdserver: upgrade the golang.org/x/crypto dependency
  • fix the data inconsistency issue by adding a txPostLockHook into the backend
  • server: Save consistency index and term to backend even when they decrease
  • server: Add verification of whether lock was called within out outside of apply
  • go.mod: Upgrade to prometheus/client_golang v1.11.1
  • server: Use default logging configuration instead of zap production one
  • Fix offline defrag
  • backport 3.5: #13676 load all leases from backend
  • server/storage/backend: restore original bolt db options after defrag
  • always print raft term in decimal when displaying member list in json
  • enhance health check endpoint to support serializable request
  • trim the suffix dot from the srv.Target for etcd-client DNS lookup

    • Drop ETCDUNSUPPORTEDARCH=arm64 from sysconfig as ARM64 is now officially supported
    • Update etcd.conf variables
    • Add the new etcdutl into separate subpackage

    • Update to version 3.5.2:

  • Update dep: require gopkg.in/yaml.v2 v2.2.8 -> v2.4.0 due to: CVE-2019-11254.

  • fix runlock bug
  • server: Require either cluster version v3.6 or --experimental-enable-lease-checkpoint-persist to persist lease remainingTTL
  • etcdserver,integration: Store remaining TTL on checkpoint
  • lease,integration: add checkpoint scheduling after leader change
  • set the backend again after recovering v3 backend from snapshot
  • *: implement a retry logic for auth old revision in the client
  • client/v3: refresh the token when ErrUserEmpty is received while retrying
  • server/etcdserver/api/etcdhttp: exclude the same alarm type activated by multiple peers
  • storage/backend: Add a gauge to indicate if defrag is active (backport from 3.6)

    • Update to version 3.5.1:
  • version: 3.5.1

  • Dockerfile: bump debian bullseye-20210927
  • client: Use first endpoint as http2 authority header
  • tests: Add grpc authority e2e tests
  • client: Add grpc authority header integration tests
  • tests: Allow configuring integration tests to use TCP
  • test: Use unique number for grpc port
  • tests: Cleanup member interface by exposing Bridge directly
  • tests: Make using bridge optional
  • tests: Rename grpcAddr to grpcURL to imply that it includes schema
  • tests: Remove bridge dependency on unix
  • Decouple prefixArgs from os.Env dependency
  • server: Ensure that adding and removing members handle storev2 and backend out of sync
  • Stop using tip golang version in CI
  • fix self-signed-cert-validity parameter cannot be specified in the config file
  • fix health endpoint not usable when authentication is enabled
  • workflows: remove ARM64 job for maintenance

    • Update to version 3.5.0:
  • See link below, diff is too big https://github.com/etcd-io/etcd/compare/v3.4.16...v3.5.0

    • Added hardening to systemd service(s) (boo#1181400)

    • Change to sysuser-tools to create system user

    • Update to version 3.4.16:

  • Backport-3.4 exclude alarms from health check conditionally

  • etcdserver/mvcc: update trace.Step condition
  • Backport-3.4 etcdserver/util.go: reduce memory when logging range requests
  • .travis,Makefile,functional: Bump go 1.12 version to v1.12.17
  • integration: Fix 'go test --tags cluster_proxy --timeout=30m -v ./integration/...'
  • pkg/tlsutil: Adjust cipher suites for go 1.12
  • Fix pkg/tlsutil (test) to not fail on 386.
  • bill-of-materials.json: Update golang.org/x/sys
  • .travis,test: Turn race off in Travis for go version 1.15
  • integration : fix TestTLSClientCipherSuitesMismatch in go1.13
  • vendor: Run go mod vendor
  • go.mod,go.sum: Bump github.com/creack/pty that includes patch
  • go.mod,go.sum: Comply with go v1.15
  • etcdserver,wal: Convert int to string using rune()
  • integration,raft,tests: Comply with go v1.15 gofmt
  • .travis.yml: Test with go v1.15.11
  • pkpkg/testutil/leak.go: Allowlist created by testing.runTests.func1
  • vendor: Run go mod vendor
  • go.sum, go.mod: Run go mod tidy with go 1.12
  • go.mod: Pin go to 1.12 version
  • etcdserver: fix incorrect metrics generated when clients cancel watches
  • integration: relax leader timeout from 3s to 4s
  • etcdserver: when using --unsafe-no-fsync write data
  • server: Added config parameter experimental-warning-apply-duration
  • etcdserver: Fix PeerURL validation

    • update etcd.service: avoid args from commandline and environment as it leads to start failure (boo#1183703)

    • Update to version 3.4.15:

  • [Backport-3.4] etcdserver/api/etcdhttp: log successful etcd server side health check in debug level

  • etcdserver: Fix 64 KB websocket notification message limit
  • vendor: bump gorilla/websocket
  • pkg/fileutil: fix FOFD constants

    • Update to version 3.4.14:
  • pkg/netutil: remove unused 'iptables' wrapper

  • tools/etcd-dump-metrics: validate exec cmd args
  • clientv3: get AuthToken automatically when clientConn is ready.
  • etcdserver: add ConfChangeAddLearnerNode to the list of config changes
  • integration: add flag WatchProgressNotifyInterval in integration test

    • Update to version 3.4.13:
  • pkg: file stat warning

  • Automated cherry pick of #12243 on release 3.4
  • version: 3.4.12
  • etcdserver: Avoid panics logging slow v2 requests in integration tests
  • version: 3.4.11
  • Revert 'etcdserver/api/v3rpc: 'MemberList' never return non-empty ClientURLs'
  • *: fix backport of PR12216
  • *: add experimental flag for watch notify interval
  • clientv3: remove excessive watch cancel logging
  • etcdserver: add OS level FD metrics
  • pkg/runtime: optimize FDUsage by removing sort
  • clientv3: log warning in case of error sending request
  • etcdserver/api/v3rpc: 'MemberList' never return non-empty ClientURLs

    • Update to version 3.4.10 [CVE-2020-15106][boo#1174951]:
  • Documentation: note on data encryption

  • etcdserver: change protobuf field type from int to int64 (#12000)
  • pkg: consider umask when use MkdirAll
  • etcdmain: let grpc proxy warn about insecure-skip-tls-verify
  • etcdmain: fix shadow error
  • pkg/fileutil: print desired file permission in error log
  • pkg: Fix dir permission check on Windows
  • auth: Customize simpleTokenTTL settings.
  • mvcc: chanLen 1024 is to biger,and it used more memory. 128 seems to be enough. Sometimes the consumption speed is more than the production speed.
  • auth: return incorrect result 'ErrUserNotFound' when client request without username or username was empty.
  • etcdmain: fix shadow error
  • doc: add TLS related warnings
  • etcdserver:FDUsage set ticker to 10 minute from 5 seconds. This ticker will check File Descriptor Requirements ,and count all fds in used. And recorded some logs when in used >= limit/5*4. Just recorded message. If fds was more than 10K,It's low performance due to FDUsage() works. So need to increase it.
  • clientv3: cancel watches proactively on client context cancellation
  • wal: check out of range slice in 'ReadAll', 'decoder'
  • etcdctl, etcdmain: warn about --insecure-skip-tls-verify options
  • Documentation: note on the policy of insecure by default
  • etcdserver: don't let InternalAuthenticateRequest have password
  • auth: a new error code for the case of password auth against no password user
  • Documentation: note on password strength
  • etcdmain: best effort detection of self pointing in tcp proxy
  • Discovery: do not allow passing negative cluster size
  • wal: fix panic when decoder not set
  • embed: fix compaction runtime err
  • pkg: check file stats
  • etcdserver, et al: add --unsafe-no-fsync flag
  • wal: add TestValidSnapshotEntriesAfterPurgeWal testcase
  • wal: fix crc mismatch crash bug
  • rafthttp: log snapshot download duration
  • rafthttp: improve snapshot send logging
  • *: make sure snapshot save downloads SHA256 checksum
  • etcdserver/api/snap: exclude orphaned defragmentation files in snapNames
  • etcdserver: continue releasing snap db in case of error
  • etcdserver,wal: fix inconsistencies in WAL and snapshot
  • cherry pick of #11564 (#11880)
  • mvcc: fix deadlock bug
  • auth: optimize lock scope for CheckPassword
  • auth: ensure RoleGrantPermission is compatible with older versions
  • etcdserver: print warn log when failed to apply request
  • auth: cleanup saveConsistentIndex in NewAuthStore
  • auth: print warning log when error is ErrAuthOldRevision
  • auth: add new metric 'etcddebuggingauth_revision'
  • tools/etcd-dump-db: add auth decoder, optimize print format
  • *: fix auth revision corruption bug
  • etcdserver: watch stream got closed once one request is not permitted (#11708)
  • version: 3.4.7
  • wal: add 'etcdwalwritesbytestotal'
  • pkg/ioutil: add 'FlushN'
  • test: auto detect branch when finding merge base
  • mvcc/kvstore:when the number key-value is greater than one million, compact take too long and blocks other requests
  • version: 3.4.6
  • lease: fix memory leak in LeaseGrant when node is follower
  • version: 3.4.5
  • words: whitelist 'racey'
  • Revert 'version: 3.4.5'
  • words: whitelist 'hasleader'
  • version: 3.4.5
  • etcdserver/api/v3rpc: handle api version metadata, add metrics
  • clientv3: embed api version in metadata
  • etcdserver/api/etcdhttp: log server-side /health checks
  • proxy/grpcproxy: add return on error for metrics handler
  • etcdctl: fix member add command
  • etcdserver: fix quorum calculation when promoting a learner member
  • etcdserver: corruption check via http
  • mvcc/backend: check for nil boltOpenOptions
  • mvcc/backend: Delete orphaned db.tmp files before defrag
  • auth: correct logging level
  • e2e: test curl auth on onoption user
  • auth: fix NoPassWord check when add user
  • auth: fix user.Options nil pointer
  • mvcc/kvstore:fixcompactbug
  • mvcc: update to 'etcddebuggingmvcctotalputsizein_bytes'
  • mvcc: add 'etcdmvccputsizein_bytes' to monitor the throughput of put request.
  • clientv3: fix retry/streamer error message
  • etcdserver: wait purge file loop during shutdown
  • integration: disable TestV3AuthOldRevConcurrent
  • etcdserver: remove auth validation loop
  • scripts/release: list GPG key only when tagging is needed
References

Affected packages

SUSE:Package Hub 15 SP6 / etcd

Package

Name
etcd
Purl
pkg:rpm/suse/etcd&distro=SUSE%20Package%20Hub%2015%20SP6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.5.12-bp156.4.3.1

Ecosystem specific

{
    "binaries": [
        {
            "etcdctl": "3.5.12-bp156.4.3.1",
            "etcd": "3.5.12-bp156.4.3.1",
            "etcdutl": "3.5.12-bp156.4.3.1"
        }
    ]
}

openSUSE:Leap 15.6 / etcd

Package

Name
etcd
Purl
pkg:rpm/opensuse/etcd&distro=openSUSE%20Leap%2015.6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.5.12-bp156.4.3.1

Ecosystem specific

{
    "binaries": [
        {
            "etcdctl": "3.5.12-bp156.4.3.1",
            "etcd": "3.5.12-bp156.4.3.1",
            "etcdutl": "3.5.12-bp156.4.3.1"
        }
    ]
}