Описание
ELSA-2023-2177: grafana-pcp security and enhancement update (MODERATE)
[5.1.1-1]
- update to 5.1.1 tagged upstream community sources, see CHANGELOG
- resolve CVE-2022-27664 golang: net/http: handle server errors after sending GOAWAY
[5.0.0-4]
- update to 5.0.0 tagged upstream community sources, see CHANGELOG
- install plugin in /usr/share and create symlink from /var using systemd-tmpfiles to work on rpm-ostree based distributions
- revert the breaking change (change of internal plugin IDs) of upstream v5.0.0, i.e. there are no breaking changes when performing this upgrade
- enable Go modules in build process
- make vendor and webpack tarballs reproducible
- drop makefile in favor of create_bundles.sh script
Обновленные пакеты
Oracle Linux 9
Oracle Linux aarch64
grafana-pcp
5.1.1-1.el9
Oracle Linux x86_64
grafana-pcp
5.1.1-1.el9
Связанные CVE
Связанные уязвимости
In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.
In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.
In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.
In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers ca ...