[ALSA-2024:5291] Moderate: grafana security update
Type:
security
Severity:
moderate
Release date:
2024-08-21
Description:
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fix(es): * golang: net: malformed DNS message can cause infinite loop (CVE-2024-24788) * golang: archive/zip: Incorrect handling of certain ZIP files (CVE-2024-24789) * golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses (CVE-2024-24790) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 grafana-selinux-9.2.10-17.el8_10.aarch64.rpm 8376e9db9b5dc31bc79c859cac329ecbdcc3676af2e33409e33e3563f98d0f70
aarch64 grafana-9.2.10-17.el8_10.aarch64.rpm ef8ee4944bd25f6313f51fe76e1c71e04f156dec06e5b9f0a77b1a745374f627
ppc64le grafana-selinux-9.2.10-17.el8_10.ppc64le.rpm 4cd4a3d69d59e943e82ebf7f93c192438d18915be8d3825050d8e60a73e4b96c
ppc64le grafana-9.2.10-17.el8_10.ppc64le.rpm c6e6e7389f323cb06e7e115533c2c40acbfbbce3a4f137687027be95b37fea4a
s390x grafana-selinux-9.2.10-17.el8_10.s390x.rpm 72a7df974126f5933bc7e00b9a10513701c694325f15a85bad5d62267c4cb27d
s390x grafana-9.2.10-17.el8_10.s390x.rpm 86539f9daa74ed60f3be6c721c9b388eea31c6bb428f9bffbc549be8e37a283c
x86_64 grafana-selinux-9.2.10-17.el8_10.x86_64.rpm 9bf26fe89637cbb13ae4297c209020de01a4a3e62e882eb02233433d4b740ad9
x86_64 grafana-9.2.10-17.el8_10.x86_64.rpm e38b0965cffa5fb3b304b8cd418007b70289fc17ea1665d591f436958149f98e
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.