Site icon API Security Blog

grafana security update

image
[10.2.6-4] – Resolves RHEL-44874 [10.2.6-3] – Resolves RHEL-35937 [10.2.6-2] – Fixes patch 1002 for update to golang-fips – Remove unused code under apsl-1.1 and apsl-1.2 licenses – Resolves RHEL-33655 [10.2.6-1] – Rebase to grafana 10.2.6 [9.2.10-15] – Resolves RHEL-23468 – Allows for gid to be 0 – Allows for postgreSQL datasource in selinux policy [9.2.10-14] – Fixes postgresql AVC denial – Related RHEL-7505 [9.2.10-13] – Resolves RHEL-19296 – Fixes coredump issue introduced by selinux – Patches out call to panic when trying to walk '/' directory [9.2.10-12] – Resolves RHEL-7505 – Fixes additional selinux denials found when testing on certain architectures [9.2.10-11] – Resolves RHEL-7505 – Fixes selinux denials found when testing on certain architectures [9.2.10-10] – Resolves RHEL-7505 – Adds a selinux policy for grafana – Resolves RHEL-12666 – fix CVE-2023-39325 CVE-2023-44487 rapid stream resets can cause excessive work [9.2.10-5] – resolve CVE-2023-3128 grafana: account takeover possible when using Azure AD OAuth [9.2.10-3] – bumps exporter-toolkit to v0.7.3, sanitize-url@npm to 6.0.2, skip problematic s390 tests, License AGPL-3.0-only. [9.2.10-2] – Update to 9.2.10 [9.2.10-1] – Update to 9.2.10 [9.0.9-2] – resolve CVE-2022-39229 grafana: Using email as a username can prevent other users from signing in – resolve CVE-2022-2880 CVE-2022-41715 grafana: various flaws [9.0.9-1] – update to 9.0.9 tagged upstream community sources, see CHANGELOG – resolve CVE-2022-35957…Read More

Exit mobile version