ELSA-2023-2177 - grafana-pcp security and enhancement update
| Type: | SECURITY |
| Severity: | MODERATE |
| Release Date: | 2023-05-15 |
Description
[5.1.1-1]
- update to 5.1.1 tagged upstream community sources, see CHANGELOG
- resolve CVE-2022-27664 golang: net/http: handle server errors after sending GOAWAY
[5.0.0-4]
- update to 5.0.0 tagged upstream community sources, see CHANGELOG
- install plugin in /usr/share and create symlink from /var using
systemd-tmpfiles to work on rpm-ostree based distributions
- revert the breaking change (change of internal plugin IDs) of upstream v5.0.0,
i.e. there are no breaking changes when performing this upgrade
- enable Go modules in build process
- make vendor and webpack tarballs reproducible
- drop makefile in favor of create_bundles.sh script
Related CVEs
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
|
| Oracle Linux 9 (aarch64) | grafana-pcp-5.1.1-1.el9.src.rpm | 3e5efb1bc452a1815a2db2bde84c519c | - |
| grafana-pcp-5.1.1-1.el9.aarch64.rpm | f43d1e1e26d9af2bb5273c346cbed5dd | - |
|
| Oracle Linux 9 (x86_64) | grafana-pcp-5.1.1-1.el9.src.rpm | 3e5efb1bc452a1815a2db2bde84c519c | - |
| grafana-pcp-5.1.1-1.el9.x86_64.rpm | 73c03b5c016ce7660374913668484077 | - |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
