[ALSA-2024:6947] Important: grafana security update
Type:
security
Severity:
important
Release date:
2024-09-24
Description:
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fix(es): * encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 grafana-selinux-9.2.10-17.el9_4.aarch64.rpm 06d241f7b0ae6e30f410ed67ea2802469410019dda663794e33756abf68c29a1
aarch64 grafana-9.2.10-17.el9_4.aarch64.rpm 3e2040a26742aa866dd7809d76cdb3910492eb83f54c88e14b055233d9c9b125
ppc64le grafana-9.2.10-17.el9_4.ppc64le.rpm d2553e91ae73c2064ff445619146558ac992147632790ebd0c80dd01307d120b
ppc64le grafana-selinux-9.2.10-17.el9_4.ppc64le.rpm e3d4015c276731dea74b12cecbcb9e514e8ee20f2ec8a4014ddfebe2e2d74b9d
s390x grafana-9.2.10-17.el9_4.s390x.rpm 1e0a53bf59fcb5a60b32983f59a6de004f91a87455e5a96b2c834f869f7ce251
s390x grafana-selinux-9.2.10-17.el9_4.s390x.rpm 248976cac47d24d275f15801b41e013cb839e64c4dfde36cc78069a4cc268306
x86_64 grafana-9.2.10-17.el9_4.x86_64.rpm 2978b27a4f9f4dc011de098d7cc361a7e332f83fda12fb2d2586a806564747de
x86_64 grafana-selinux-9.2.10-17.el9_4.x86_64.rpm 2c7737188110c60f498ad09edee22ea0c11b6076d990c11ba29829a6ed04d426
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.