[ALSA-2024:3265] Important: grafana security update
Type:
security
Severity:
important
Release date:
2024-05-29
Description:
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fix(es): * golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads (CVE-2024-1394) * grafana: vulnerable to authorization bypass (CVE-2024-1313) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 grafana-selinux-9.2.10-16.el8_10.aarch64.rpm 1ab012787d918f04e0546b41a9e8902eaf144cc098a95e229fc8f098be7582e5
aarch64 grafana-9.2.10-16.el8_10.aarch64.rpm f7eddc98d657a1e117505eb05b4b6d7ea049a761f64ca7ffb99c6cde8fab96e9
ppc64le grafana-9.2.10-16.el8_10.ppc64le.rpm 2a04515e14b6471102fd61c62fcd032d70721ddf4620c6fc41d6f31b65814e4f
ppc64le grafana-selinux-9.2.10-16.el8_10.ppc64le.rpm b84149af24f1e31619528ef0091eaa58ba2fad9b4e4658f16c41319dbfb513e9
s390x grafana-selinux-9.2.10-16.el8_10.s390x.rpm 5e03e0705e8bc51c2d8b0ba6c3a37c6fba705e4737b0c1c14699a96acc0466d6
s390x grafana-9.2.10-16.el8_10.s390x.rpm c2ae82d57742bffce825de91f52ef7b7dd1bd92d0de6f168f529965f87e8389f
x86_64 grafana-9.2.10-16.el8_10.x86_64.rpm 5382374dfbe160aacbb44af708331e99f1b88091f96cf9e32d6ec4c48b34a7d9
x86_64 grafana-selinux-9.2.10-16.el8_10.x86_64.rpm a6423bc4e0b0bef493b2768534f7e9f81ce35ab4a149e1db291a4b35ce2bb382
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.