[ALSA-2023:4030] Critical: grafana security update
Type:
security
Severity:
critical
Release date:
2023-07-12
Description:
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fix(es): * grafana: account takeover possible when using Azure AD OAuth (CVE-2023-3128) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 grafana-9.0.9-3.el9_2.alma.aarch64.rpm 2687d7c952549f3bb147d93ff32a548d6f80f0a6bca7e7951d093b2d55d2189c
ppc64le grafana-9.0.9-3.el9_2.alma.ppc64le.rpm 71034d538a708dd1399e61d71e849dcd6996ea71a4b1f542358c81709c5727c4
s390x grafana-9.0.9-3.el9_2.alma.s390x.rpm bbd21492756d9835df22af3f096f8e62032c399573b109291e0e7373da2fe9ed
x86_64 grafana-9.0.9-3.el9_2.alma.x86_64.rpm 0e0bcbe51ac6acd258958f873b4ae8c01dc1458495f79f0d305ed8b719635742
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.