[ALSA-2024:8678] Important: grafana security update
Type:
security
Severity:
important
Release date:
2024-11-03
Description:
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fix(es): * golang-fips: Golang FIPS zeroed buffer (CVE-2024-9355) * dompurify: nesting-based mutation XSS vulnerability (CVE-2024-47875) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 grafana-9.2.10-19.el9_4.aarch64.rpm 342a32ba80a413bb30854d804a8f65d3f8962902b71a44400f58a983366d1a3a
aarch64 grafana-selinux-9.2.10-19.el9_4.aarch64.rpm e7a355cb123cf512c6f4b848dcf0b6e06f421edd9d0de7db98dbbb1d2c64e148
ppc64le grafana-selinux-9.2.10-19.el9_4.ppc64le.rpm 5104ee7a76cf5c6d1eb35e5716f5f637b7a91fdbdbdf2e39e63aa0c4780ee40d
ppc64le grafana-9.2.10-19.el9_4.ppc64le.rpm b5de9dbbfa6722a78c3c4bf472f8a3550c0da4782841dfe2f1ef078d654baeca
s390x grafana-selinux-9.2.10-19.el9_4.s390x.rpm 7bf9a2a22ec68639023df04aecf83dd02943f67cb5a3cc8960a4ac153345fd5e
s390x grafana-9.2.10-19.el9_4.s390x.rpm 8585334261b83d1509ddb4f54e4fcf68062ea0e33ddb14b9c8696c7ebcdf9c48
x86_64 grafana-selinux-9.2.10-19.el9_4.x86_64.rpm 5adc044d6094fd56308198a8c6fd9f078723c700574c19acccc7aaa2abf3113e
x86_64 grafana-9.2.10-19.el9_4.x86_64.rpm 7345bb439a816204b5ac48b9e81d3ad278f15ee251cb4e3e5937adbc871dde4f
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.