[ALSA-2023:6972] Moderate: grafana security and enhancement update
Type:
security
Severity:
moderate
Release date:
2023-11-23
Description:
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fix(es): * grafana: account takeover possible when using Azure AD OAuth (CVE-2023-3128) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 grafana-9.2.10-7.el8_9.alma.1.aarch64.rpm 528b44738e0dcd35850a7932b093cc049eb205a38900482093b19616c52bad82
ppc64le grafana-9.2.10-7.el8_9.alma.1.ppc64le.rpm 8827917dde0387a4f33b24edbf5b195f864ad9b7610e219e131b65fc00d04d81
s390x grafana-9.2.10-7.el8_9.alma.1.s390x.rpm 932fa49326e6bb5128c627d2c0b216edb6031cf74ec04d4fb05901e6b78a7067
x86_64 grafana-9.2.10-7.el8_9.alma.1.x86_64.rpm 1875ab5b7f9f2d50060acc505d34884fcbda3ac86779a12575c4103f86222bf9
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.