[ALSA-2026:19351] Important: grafana-pcp security update
Type:
security
Severity:
important
Release date:
2026-05-26
Description:
The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fix(es): * golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282) * crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 grafana-pcp-5.1.1-15.el9_8.aarch64.rpm 5a6f3738763e45e957774237a2ed5d0581680735e33579575415197f34d72c5b
ppc64le grafana-pcp-5.1.1-15.el9_8.ppc64le.rpm 0bdd267aa3030e58af4b28f0ad0db9a5f84a6f3b5cb144e25cda164b153f24b9
s390x grafana-pcp-5.1.1-15.el9_8.s390x.rpm 91c54ff04e893d038802a96493a7046e793d758ba2a9970cf7fc15a4c10b0fae
x86_64 grafana-pcp-5.1.1-15.el9_8.x86_64.rpm 4b98aaf905a71deda119a3df6a33ee1f836011dcfd88a1018c78b72f49643dc4
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.