[Security] Fix open redirect in Prometheus

Bump up Prometheus to the oldest non affected version as per security advisory [1]. [1] https://github.com/prometheus/prometheus/security/advisories/GHSA-vx57-7f4q-fpc7 Change-Id: I505b0645dc3331264c8fc6762df1c6cb8bb2f2ed
2021-05-19 10:01:45 +02:00 · 2021-05-19 10:01:45 +02:00 · 16b5a8c1c7
parent a93f171da3
commit 16b5a8c1c7
2 changed files with 5 additions and 1 deletions
--- a/docker/prometheus/prometheus-v2-server/Dockerfile.j2
+++ b/docker/prometheus/prometheus-v2-server/Dockerfile.j2
@ -6,7 +6,7 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build
 {% block prometheus_v2_server_header %}{% endblock %}

 {% block prometheus_v2_server_repository_version %}
-ENV prometheus_version=2.23.0
+ENV prometheus_version=2.26.1
 {% endblock %}

 {% block prometheus_v2_server_install %}
--- a/releasenotes/notes/security-fix-prometheus-v2.26.1-03e1410ad8ed4410.yaml
+++ b/releasenotes/notes/security-fix-prometheus-v2.26.1-03e1410ad8ed4410.yaml
@ -0,0 +1,4 @@
+---
+security:
+  - |
+    Fixes security issue in Prometheus as per `advisory <https://github.com/prometheus/prometheus/security/advisories/GHSA-vx57-7f4q-fpc7>`__.