Stay Connected:

ELSA-2023-2177

ELSA-2023-2177 - grafana-pcp security and enhancement update

Type:SECURITY
Impact:MODERATE
Release Date:2023-05-15

Description


[5.1.1-1]
- update to 5.1.1 tagged upstream community sources, see CHANGELOG
- resolve CVE-2022-27664 golang: net/http: handle server errors after sending GOAWAY

[5.0.0-4]
- update to 5.0.0 tagged upstream community sources, see CHANGELOG
- install plugin in /usr/share and create symlink from /var using
systemd-tmpfiles to work on rpm-ostree based distributions
- revert the breaking change (change of internal plugin IDs) of upstream v5.0.0,
i.e. there are no breaking changes when performing this upgrade
- enable Go modules in build process
- make vendor and webpack tarballs reproducible
- drop makefile in favor of create_bundles.sh script


Related CVEs


CVE-2022-27664

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 9 (aarch64) grafana-pcp-5.1.1-1.el9.src.rpm5fe05ef107271fddf3d33c4ba2eb7f203b2463f4e6b461e0bdecd3b789118a4a-ol9_aarch64_appstream
grafana-pcp-5.1.1-1.el9.src.rpm5fe05ef107271fddf3d33c4ba2eb7f203b2463f4e6b461e0bdecd3b789118a4a-ol9_aarch64_appstream_developer
grafana-pcp-5.1.1-1.el9.aarch64.rpmfd31fffd5bd9ca8e0e7b13f737cda1805f6916fc37fd5df3a80894f6cab17d36-ol9_aarch64_appstream
grafana-pcp-5.1.1-1.el9.aarch64.rpmfd31fffd5bd9ca8e0e7b13f737cda1805f6916fc37fd5df3a80894f6cab17d36-ol9_aarch64_appstream_developer
Oracle Linux 9 (x86_64) grafana-pcp-5.1.1-1.el9.src.rpm5fe05ef107271fddf3d33c4ba2eb7f203b2463f4e6b461e0bdecd3b789118a4a-ol9_x86_64_appstream
grafana-pcp-5.1.1-1.el9.src.rpm5fe05ef107271fddf3d33c4ba2eb7f203b2463f4e6b461e0bdecd3b789118a4a-ol9_x86_64_appstream_developer
grafana-pcp-5.1.1-1.el9.x86_64.rpmae8d14b1cdae90caa0c7c965d36111e709b7b295023ffb09ee40350e8122795f-ol9_x86_64_appstream
grafana-pcp-5.1.1-1.el9.x86_64.rpmae8d14b1cdae90caa0c7c965d36111e709b7b295023ffb09ee40350e8122795f-ol9_x86_64_appstream_developer



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights