ELSA-2023-2167

Опубликовано: 15 мая 2023

Источник: oracle-oval

Платформа: Oracle Linux 9

Описание

ELSA-2023-2167: grafana security and enhancement update (MODERATE)

[9.0.9-2]

resolve CVE-2022-39229 grafana: Using email as a username can prevent other users from signing in
resolve CVE-2022-2880 CVE-2022-41715 grafana: various flaws

[9.0.9-1]

update to 9.0.9 tagged upstream community sources, see CHANGELOG
resolve CVE-2022-35957 grafana: Escalation from admin to server admin when auth proxy is used (rhbz#2125530)

[9.0.8-2]

bump NVR

[9.0.8-1]

update to 9.0.8 tagged upstream community sources, see CHANGELOG
do not list /usr/share/grafana/conf twice
drop makefile in favor of create_bundles.sh script
sync provides/obsoletes with CentOS versions
drop husky patch

Обновленные пакеты

Oracle Linux 9

Oracle Linux aarch64

grafana

9.0.9-2.el9

Oracle Linux x86_64

grafana

9.0.9-2.el9

Связанные CVE

Ссылки на источники

Связанные уязвимости

ELSA-2023-2784

oracle-oval

около 2 лет назад

ELSA-2023-2784: grafana security update (MODERATE)

ELSA-2023-2780

oracle-oval

около 2 лет назад

ELSA-2023-2780: Image Builder security, bug fix, and enhancement update (MODERATE)

ELSA-2023-2204

oracle-oval

около 2 лет назад

ELSA-2023-2204: Image Builder security, bug fix, and enhancement update (MODERATE)

SUSE-SU-2022:3669-1

suse-cvrf

больше 2 лет назад

Security update for go1.19

SUSE-SU-2022:3668-1

suse-cvrf

больше 2 лет назад

Security update for go1.18