[ALSA-2025:8915] Moderate: grafana-pcp security update
Type:
security
Severity:
moderate
Release date:
2025-07-28
Description:
The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fix(es): * net/[http:](http:) Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 grafana-pcp-5.2.2-3.el10_0.aarch64.rpm f7957da8ce83235c08ec451854967106b1f97eb0fe8a042b83a8fd1b470c9bae
ppc64le grafana-pcp-5.2.2-3.el10_0.ppc64le.rpm c5788308b2c025aa6ff16a240ae99aa32d122c90c59676c2017cd4aa280cfa40
s390x grafana-pcp-5.2.2-3.el10_0.s390x.rpm 3eb8bdba3557cebb7cdc4c72e825582a9e210b75816323d452fe7bf8a7fdc95f
x86_64 grafana-pcp-5.2.2-3.el10_0.x86_64.rpm 9e5f4a527609979ce3d60b01bcababdd060411797a28e4c4884bf1250d76c3f7
x86_64_v2 grafana-pcp-5.2.2-3.el10_0.x86_64_v2.rpm fa4c1ed7ba2906c223fc707be9a09776510b094cf09dad0aeb0ab5bd0cc078df
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.