Dear Prometheans,

I have published a security bugfix release for the Pushgateway: v1.5.1

If you use HTTP basic auth, you should update ASAP.

Thanks to Lei Wan for the responsible disclosure of this bug. Find more
details about the bugfix in the announcement for the corresponding
Prometheus server release
1.5.1 / 2022-11-29

   - [SECURITY] Fix basic authentication bypass vulnerability
   (CVE-2022-46146). #516

Björn Rabenstein
[PGP-ID] 0x851C3DA17D748D03

You received this message because you are subscribed to the Google Groups 
"prometheus-announce" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
To view this discussion on the web, visit

Reply via email to