ELSA-2023-2167
- ULN >
- Oracle Linux Errata repository >
- ELSA-2023-2167
ELSA-2023-2167 - grafana security and enhancement update
| Type: | SECURITY |
| Impact: | MODERATE |
| Release Date: | 2023-05-15 |
Description
[9.0.9-2]
- resolve CVE-2022-39229 grafana: Using email as a username can prevent other users from signing in
- resolve CVE-2022-2880 CVE-2022-41715 grafana: various flaws
[9.0.9-1]
- update to 9.0.9 tagged upstream community sources, see CHANGELOG
- resolve CVE-2022-35957 grafana: Escalation from admin to server admin when auth proxy is used (rhbz#2125530)
[9.0.8-2]
- bump NVR
[9.0.8-1]
- update to 9.0.8 tagged upstream community sources, see CHANGELOG
- do not list /usr/share/grafana/conf twice
- drop makefile in favor of create_bundles.sh script
- sync provides/obsoletes with CentOS versions
- drop husky patch
Related CVEs
| CVE-2022-41715 |
| CVE-2022-39229 |
| CVE-2022-2880 |
| CVE-2022-27664 |
| CVE-2022-35957 |
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 9 (aarch64) | grafana-9.0.9-2.el9.src.rpm | 8ad74ec37ffffbdfaef24772b74dde3b154fe915cf0217292fc80ad7600ae4fe | - | ol9_aarch64_appstream |
| grafana-9.0.9-2.el9.src.rpm | 8ad74ec37ffffbdfaef24772b74dde3b154fe915cf0217292fc80ad7600ae4fe | - | ol9_aarch64_appstream_developer | |
| grafana-9.0.9-2.el9.aarch64.rpm | d2a2bc108b9560457528a7b0f3c750d4a836b46aafe671ff192835b32d9eb1f6 | - | ol9_aarch64_appstream | |
| grafana-9.0.9-2.el9.aarch64.rpm | d2a2bc108b9560457528a7b0f3c750d4a836b46aafe671ff192835b32d9eb1f6 | - | ol9_aarch64_appstream_developer | |
| Oracle Linux 9 (x86_64) | grafana-9.0.9-2.el9.src.rpm | 8ad74ec37ffffbdfaef24772b74dde3b154fe915cf0217292fc80ad7600ae4fe | - | ol9_x86_64_appstream |
| grafana-9.0.9-2.el9.src.rpm | 8ad74ec37ffffbdfaef24772b74dde3b154fe915cf0217292fc80ad7600ae4fe | - | ol9_x86_64_appstream_developer | |
| grafana-9.0.9-2.el9.x86_64.rpm | cd643d0b68fa3868239d4ef40b6251f6c21cf7d6520fc8f271963426a82e65b8 | - | ol9_x86_64_appstream | |
| grafana-9.0.9-2.el9.x86_64.rpm | cd643d0b68fa3868239d4ef40b6251f6c21cf7d6520fc8f271963426a82e65b8 | - | ol9_x86_64_appstream_developer | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
