ALSA-2022:1781

[ALSA-2022:1781] Low: grafana security, bug fix, and enhancement update

Type:

security

Severity:

low

Release date:

2022-05-10

Description:

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. 

The following packages have been upgraded to a later upstream version: grafana (7.5.11). (BZ#1993214)

Security Fix(es):

* grafana: directory traversal vulnerability (CVE-2021-43813)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	grafana-7.5.11-2.el8.aarch64.rpm	8187b35a583ad5e631687c2d398eb8ac7a34eeec425ff75219c0e0c9c3a40198
ppc64le	grafana-7.5.11-2.el8.ppc64le.rpm	a354ea585d194f474e60d41c4c37179a6f8903c49bfa20671a44a3045ece29e3
x86_64	grafana-7.5.11-2.el8.x86_64.rpm	77b55d269a4fa12cb4725176ee5458aee8c9ce7cfffdd5dd3fdf3da64af3e532

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.