Description:
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB.
Security Fix(es):
* golang: net: malformed DNS message can cause infinite loop (CVE-2024-24788)
* golang: archive/zip: Incorrect handling of certain ZIP files (CVE-2024-24789)
* golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses (CVE-2024-24790)
* go-retryable[http:](http:) url might write sensitive information to log file (CVE-2024-6104)
* net/[http:](http:) Denial of service due to improper 100-continue handling in net/http (CVE-2024-24791)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
Updated packages listed below:
| Architecture |
Package |
Checksum |
| aarch64 |
grafana-10.2.6-4.el9.aarch64.rpm |
61ece8f6d894c57eb104d0610bce6470c24b0562f0de97e99d82fea6f8ce88eb |
| aarch64 |
grafana-selinux-10.2.6-4.el9.aarch64.rpm |
fe23154a334abc9e76664ca6c83e20a4291d5034fe779421e6d112afe8d27869 |
| ppc64le |
grafana-selinux-10.2.6-4.el9.ppc64le.rpm |
0e4333f2bc91ebaa168896bd9b329f0b2599795ab0136cfad83a9251ed1075ae |
| ppc64le |
grafana-10.2.6-4.el9.ppc64le.rpm |
34cb1fce4f2459f5ce8a6cb1e63685d184b238cbd4c676631a1ac183b5d424ad |
| s390x |
grafana-10.2.6-4.el9.s390x.rpm |
3a0df0aeec9eb7c13cefaa6c518a1f5bbb2f16fe58c74359eafcdae80f740260 |
| s390x |
grafana-selinux-10.2.6-4.el9.s390x.rpm |
a3993476d7a2d1aca83bb0657ae730f0cc6f94542f42aed291057b91496170c6 |
| x86_64 |
grafana-selinux-10.2.6-4.el9.x86_64.rpm |
65889743a5986c96b25009ab78f4fbc96a5a92f82e183c50087b3338a12e6391 |
| x86_64 |
grafana-10.2.6-4.el9.x86_64.rpm |
c88153eb5fedd33df52de2d97180fd39acf5946152218713b461207d39d8e5f1 |
