ELSA-2026-2920

ELSA-2026-2920 - grafana security update

Type:SECURITY
Impact:IMPORTANT
Release Date:2026-02-18

Description


[10.2.6-17]
- Resolves RHEL-144959: CVE-2026-21721
- Resolves RHEL-146863: CVE-2025-61726
- Resolves RHEL-147081: CVE-2025-61729
- Resolves RHEL-147370: CVE-2025-61728
- Resolves RHEL-149621: CVE-2025-68121

[10.2.6-17]
- Resolves RHEL-125692: CVE-2025-58183
- Resolves RHEL-120426: Grafana-selinux prevents plugins from searching cgroups

[10.2.6-15]
- Resolves RHEL-97518: Rework grafana-selinux spec file sections
- Resolves RHEL-87861: Add additional SELinux rules for grafana-selinux package to allow LDAP connections

[10.2.6-13]
- Resolves RHEL-89953: CVE-2025-4123

[10.2.6-12]
- Resolves RHEL-85419: Move grafana home directory to /var/lib/grafana

[10.2.6-11]
- Resolves RHEL-84636: CVE-2025-30204

[10.2.6-10]
- Resolves RHEL-75919: grafana selinux issue with autofs_t

[10.2.6-9]
- Resolves RHEL-69939: allow mssql datasource in selinux policy

[10.2.6-8]
- Resolves RHEL-62312: CVE-2024-47875

[10.2.6-5]
- Resolves RHEL-47185


Related CVEs


CVE-2025-61726
CVE-2025-61728
CVE-2025-61729
CVE-2025-68121
CVE-2026-21721

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 9 (aarch64) grafana-10.2.6-18.el9_7.src.rpm4a2a2480d704275ea3a2a3321a889fc6306c1f8056a1e67519ff16b1341d4165-ol9_aarch64_appstream
grafana-10.2.6-18.el9_7.aarch64.rpm67c95f97a835c8ceec1bd11555e9e1cf99e52c287d50320a27be25b5e2bf9d56-ol9_aarch64_appstream
grafana-selinux-10.2.6-18.el9_7.aarch64.rpmb320915419634750fcd5cc57445f3bd3e7dd917522cd807713745cae9f3ded00-ol9_aarch64_appstream
Oracle Linux 9 (x86_64) grafana-10.2.6-18.el9_7.src.rpm4a2a2480d704275ea3a2a3321a889fc6306c1f8056a1e67519ff16b1341d4165-ol9_x86_64_appstream
grafana-10.2.6-18.el9_7.x86_64.rpm723209922cb15217d78e90d0c14edef945e19fa3f8e4c15b370981d71652a00e-ol9_x86_64_appstream
grafana-selinux-10.2.6-18.el9_7.x86_64.rpmecf6750396ffa861ccbce79857a0160c514ae3147783246e267bb17a076e398a-ol9_x86_64_appstream



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete