[ALSA-2026:2914] Important: grafana security update
Type:
security
Severity:
important
Release date:
2026-02-19
Description:
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fix(es): * crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729) * grafana/grafana/pkg/services/dashboards: Grafana Dashboard Permissions Scope Bypass Enables Cross?Dashboard Privilege Escalation (CVE-2026-21721) * golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip (CVE-2025-61728) * golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726) * crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 grafana-10.2.6-22.el10_1.aarch64.rpm 2500e670f685b421ab1818b0b1cf55746cd3ca4d8d5eec56e8b08507e84ac09f
aarch64 grafana-selinux-10.2.6-22.el10_1.aarch64.rpm f49b1f4de6fee3902298878e3f736f709b985b781b352858e7b1be4ad023b2bf
ppc64le grafana-selinux-10.2.6-22.el10_1.ppc64le.rpm 4d17dfecc9c98c2e78a25c21c0eec2ccf390f45b18c93b02c1e4ef72192fcbca
ppc64le grafana-10.2.6-22.el10_1.ppc64le.rpm c5ff0b7cc38942d37e34e770e9ecac1244467f4c06c8053e4713e91892291056
s390x grafana-10.2.6-22.el10_1.s390x.rpm 464b99144ec4e9806490a163919661d0813e279b3e38794c550ad96161f967c8
s390x grafana-selinux-10.2.6-22.el10_1.s390x.rpm f6d80d703f18aa6062a0ed8cb3d050bb270443bdc6897aff835ce90d0ddeaceb
x86_64 grafana-10.2.6-22.el10_1.x86_64.rpm af5613c82f3dd77e97b00dc80901b250a8e5a34ed0a124ccf3860a7ccacf3b30
x86_64 grafana-selinux-10.2.6-22.el10_1.x86_64.rpm c7e5f93609b393e11678bd44c089e64db9275bb2889bc8f6ea1ca6fefec3fd33
x86_64_v2 grafana-10.2.6-22.el10_1.x86_64_v2.rpm a67dbec71766eed49f84e4c5f66119644c5983a62274ef24f28c9b4785b10e9d
x86_64_v2 grafana-selinux-10.2.6-22.el10_1.x86_64_v2.rpm a77c1483eace69c304d66c41b2287d883ce79e1dbb4aebe2f360791aad5f3ee4
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.