[ALSA-2026:3188] Important: grafana security update
Type:
security
Severity:
important
Release date:
2026-02-24
Description:
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fix(es): * golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip (CVE-2025-61728) * golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726) * crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 grafana-selinux-9.2.10-28.el8_10.aarch64.rpm 8b5ab739f72d6dbdf4cc716bd107fa7c420608899ce69c0f6d14a4552e056d9b
aarch64 grafana-9.2.10-28.el8_10.aarch64.rpm d4169b4b344453195e1b872f898029231b5c79601c67a6aaa48fb15789e1b05f
ppc64le grafana-9.2.10-28.el8_10.ppc64le.rpm 47ae0d123c03063f1316426fd085bbe785fa0f88f0fb0b69c779858bfffa3c0b
ppc64le grafana-selinux-9.2.10-28.el8_10.ppc64le.rpm 795a3de2e84c27464be7ec0e17b3ae49448e3f29c80ed06af83751ae2ffd0cc4
s390x grafana-9.2.10-28.el8_10.s390x.rpm 4f4c0670509c9485c3d0a51d4706e3d545ee1486beef079a1937ebbee0946d86
s390x grafana-selinux-9.2.10-28.el8_10.s390x.rpm a43e1ad4621888a63d8531ed7acb0fea4c92cd4745f4fddf8589f7e901d07058
x86_64 grafana-9.2.10-28.el8_10.x86_64.rpm 5039e51580bc124c73ac81c815c5661b92ba892915d644ce2313aba926f9affa
x86_64 grafana-selinux-9.2.10-28.el8_10.x86_64.rpm 5b8fb0b9cf9e6ea6c4409799d4634980998a8a6a101fe844d95540ae83d70c38
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.