[ALSA-2024:8327] Important: grafana security update
Type:
security
Severity:
important
Release date:
2024-10-23
Description:
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fix(es): * golang-fips: Golang FIPS zeroed buffer (CVE-2024-9355) * dompurify: nesting-based mutation XSS vulnerability (CVE-2024-47875) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 grafana-9.2.10-20.el8_10.aarch64.rpm 1210f7e24000961ba938875ea77c52b889435afefd5b3850a78fbb06545214d6
aarch64 grafana-selinux-9.2.10-20.el8_10.aarch64.rpm d8df415178e30188c2dc9e0ab0167ff7fc1c11148e114090f76376495153f4d2
ppc64le grafana-9.2.10-20.el8_10.ppc64le.rpm 0358e2a73b0a62a9c42d27f6e45290eb0ac06a63c9ded96a19c30898481a95d4
ppc64le grafana-selinux-9.2.10-20.el8_10.ppc64le.rpm 92abd7b8fceb3fefe20a3b83ad2da950b7b8d07282431fbf5e0a753455bd6ee1
s390x grafana-selinux-9.2.10-20.el8_10.s390x.rpm 7892968866fcd0285541baaa413fbd808e3be44a7e8e8f02e07c1efceaef8d7a
s390x grafana-9.2.10-20.el8_10.s390x.rpm a787ce5932dbc2b66c85b6a6943b3379e9fd86b054944ab4c83eba6322e7ae2a
x86_64 grafana-9.2.10-20.el8_10.x86_64.rpm 800a0f0a086a0aa1f6d6637f4e6221bb898322a8bf708c25b0feb9d4b484604a
x86_64 grafana-selinux-9.2.10-20.el8_10.x86_64.rpm c6bf1682c8cd0df230570948d936928416eaaeec098722b28fc1610346bd1ede
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.