[ALSA-2025:0401] Important: grafana security update
Type:
security
Severity:
important
Release date:
2025-01-20
Description:
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fix(es): * go-git: argument injection via the URL field (CVE-2025-21613) * go-git: go-git clients vulnerable to DoS via maliciously crafted Git server replies (CVE-2025-21614) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 grafana-9.2.10-21.el8_10.aarch64.rpm 3b7320cf86e2868d06ef6ba573bfbce0fa53de971722a5cb1cee685621260e37
aarch64 grafana-selinux-9.2.10-21.el8_10.aarch64.rpm 56b3a56b67dabc01f807534d164ff7266c98c687e21daa84f73e4e5e2283d654
ppc64le grafana-9.2.10-21.el8_10.ppc64le.rpm 81641d44b507091c47250c1a457575daf6ca6e28b02e9570a4e709da64341950
ppc64le grafana-selinux-9.2.10-21.el8_10.ppc64le.rpm b9608d625d0ae7afa3f0f2ad1afe832cc3498c202816a2b18d96345a8bf40e44
s390x grafana-9.2.10-21.el8_10.s390x.rpm 350897d1ff267fad8639ce5e75059434f6bd5fa34356e28aefdb7535ef295132
s390x grafana-selinux-9.2.10-21.el8_10.s390x.rpm 8cfddcaa3a7d098aadd6b749dcfed34c63673d9eee376083433e451896d70aec
x86_64 grafana-9.2.10-21.el8_10.x86_64.rpm 26ea3cb93eb06676ca44d46ecf555bb4a1391cc1e58f94037f41f2bb6f537aa4
x86_64 grafana-selinux-9.2.10-21.el8_10.x86_64.rpm 3a2b216793621c70ec82bdea42f1ac2cf2667064ae18d424f3e16ab8815d845c
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.