[RLSA-2024:3265] grafana security update
Severity
Important
Affected Packages
4
CVEs
2
An update is available for grafana. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
Grafana is an open source, feature rich metrics dashboard and graph editor for
Graphite, InfluxDB & OpenTSDB.
Security Fix(es):
golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads (CVE-2024-1394)
grafana: vulnerable to authorization bypass (CVE-2024-1313)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Package | Affected Version |
---|---|
pkg:rpm/rockylinux/grafana?arch=x86_64&distro=rockylinux-8.10 | < 9.2.10-16.el8_10 |
pkg:rpm/rockylinux/grafana?arch=aarch64&distro=rockylinux-8.10 | < 9.2.10-16.el8_10 |
pkg:rpm/rockylinux/grafana-selinux?arch=x86_64&distro=rockylinux-8.10 | < 9.2.10-16.el8_10 |
pkg:rpm/rockylinux/grafana-selinux?arch=aarch64&distro=rockylinux-8.10 | < 9.2.10-16.el8_10 |
- ID
- RLSA-2024:3265
- Severity
- important
- URL
- https://errata.rockylinux.org/RLSA-2024:3265
- Published
-
2024-06-14T13:59:30
(3 months ago) - Modified
-
2024-06-14T14:02:38
(3 months ago) - Rights
- Copyright 2024 Rocky Enterprise Software Foundation
- Other Advisories
-
- ALSA-2024:1462
- ALSA-2024:1472
- ALSA-2024:1501
- ALSA-2024:1502
- ALSA-2024:1644
- ALSA-2024:1646
- ALSA-2024:2562
- ALSA-2024:2568
- ALSA-2024:2569
- ALSA-2024:3265
- ALSA-2024:4371
- ALSA-2024:4378
- ALSA-2024:4379
- ALSA-2024:4502
- ALSA-2024:4761
- ALSA-2024:4762
- ALSA-2024:5258
- ELSA-2024-1462
- ELSA-2024-1472
- ELSA-2024-1501
- ELSA-2024-1502
- ELSA-2024-1644
- ELSA-2024-1646
- ELSA-2024-2562
- ELSA-2024-2568
- ELSA-2024-2569
- ELSA-2024-3265
- ELSA-2024-4371
- ELSA-2024-4378
- ELSA-2024-4379
- ELSA-2024-4502
- ELSA-2024-4761
- ELSA-2024-4762
- ELSA-2024-5258
- GO-2024-2660
- GO-2024-2697
- RHSA-2024:1462
- RHSA-2024:1472
- RHSA-2024:1501
- RHSA-2024:1502
- RHSA-2024:1644
- RHSA-2024:1646
- RHSA-2024:2562
- RHSA-2024:2568
- RHSA-2024:2569
- RHSA-2024:3265
- RHSA-2024:4371
- RHSA-2024:4378
- RHSA-2024:4379
- RHSA-2024:4502
- RHSA-2024:4761
- RHSA-2024:4762
- RHSA-2024:5258
- RLSA-2024:1502
- RLSA-2024:1644
- RLSA-2024:1646
- RLSA-2024:2562
- RLSA-2024:2568
- RLSA-2024:2569
- RLSA-2024:4502
- SUSE-SU-2024:1508-1
- SUSE-SU-2024:1509-1
- SUSE-SU-2024:1530-1
- SUSE-SU-2024:1530-2
- SUSE-SU-2024:1814-1
- SUSE-SU-2024:1815-1
Source | # ID | Name | URL |
---|---|---|---|
CVE | CVE-2024-1313 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1313 | |
CVE | CVE-2024-1394 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 | |
Bugzilla | 2262921 | https://bugzilla.redhat.com/show_bug.cgi?id=2262921 | |
Bugzilla | 2271903 | https://bugzilla.redhat.com/show_bug.cgi?id=2271903 | |
Self | RLSA-2024:3265 | https://errata.rockylinux.org/RLSA-2024:3265 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/rockylinux/grafana?arch=x86_64&distro=rockylinux-8.10 | rockylinux | grafana | < 9.2.10-16.el8_10 | rockylinux-8.10 | x86_64 | |
Affected | pkg:rpm/rockylinux/grafana?arch=aarch64&distro=rockylinux-8.10 | rockylinux | grafana | < 9.2.10-16.el8_10 | rockylinux-8.10 | aarch64 | |
Affected | pkg:rpm/rockylinux/grafana-selinux?arch=x86_64&distro=rockylinux-8.10 | rockylinux | grafana-selinux | < 9.2.10-16.el8_10 | rockylinux-8.10 | x86_64 | |
Affected | pkg:rpm/rockylinux/grafana-selinux?arch=aarch64&distro=rockylinux-8.10 | rockylinux | grafana-selinux | < 9.2.10-16.el8_10 | rockylinux-8.10 | aarch64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |