[9.2.10-7] – bump release number for rebuild with fixed gating.yaml file [9.2.10-6] – resolve RHEL-12665 – resolve CVE-2023-39325 CVE-2023-44487 rapid stream resets can cause excessive work – testing is turned off due to test failures caused by testing date mismatch [9.2.10-5] – resolve CVE-2023-3128 grafana: account takeover possible when using Azure AD OAuth [9.2.10-3] – bumps exporter-toolkit to v0.7.3, sanitize-url@npm to 6.0.2, skip problematic s390 tests, License AGPL-3.0-only. [9.2.10-2] – Update to 9.2.10 [9.2.10-1] – Update to 9.2.10 [9.0.9-2] – resolve CVE-2022-39229 grafana: Using email as a username can prevent other users from signing in – resolve CVE-2022-2880 CVE-2022-41715 grafana: various flaws [9.0.9-1] – update to 9.0.9 tagged upstream community sources, see CHANGELOG – resolve CVE-2022-35957 grafana: Escalation from admin to server admin when auth proxy is used (rhbz#2125530) [9.0.8-2] – bump NVR [9.0.8-1] – update to 9.0.8 tagged upstream community sources, see CHANGELOG – do not list /usr/share/grafana/conf twice – drop makefile in favor of create_bundles.sh script – sync provides/obsoletes with CentOS versions – drop husky patch [7.5.15-3] – resolve CVE-2022-1962 golang: go/parser: stack exhaustion in all Parse functions – resolve CVE-2022-1705 golang: net/https: improper sanitization of Transfer-Encoding header – resolve CVE-2022-32148 golang: net/http/httputil: NewSingleHostReverseProxy – omit X-Forwarded-For not working – resolve CVE-2022-30631…Read More
References
Back to Main