[ALSA-2026:3187] Important: grafana-pcp security update
Type:
security
Severity:
important
Release date:
2026-02-24
Description:
The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fix(es): * golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726) * crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 grafana-pcp-5.1.1-12.el8_10.aarch64.rpm 0f79b15120d156384897a4f587fa30f44cd0daf56f475e542cb114fdeb377d81
ppc64le grafana-pcp-5.1.1-12.el8_10.ppc64le.rpm 40c9c773748fe4080867e331ffcb7f3beb2f9ebd30b00666ccee81ca84cc7f5d
s390x grafana-pcp-5.1.1-12.el8_10.s390x.rpm ce6568a354246006e0589715f0e1fe43bf36fbe6a7a86922e3602d121f2e0ae1
x86_64 grafana-pcp-5.1.1-12.el8_10.x86_64.rpm 70fe235e29cbb8be11663150b0bb2e9738695b716a008da1b5ca4fb24f7a99d7
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.