ELSA-2023-2167 -- Oracle grafanaID: oval:org.secpod.oval:def:1506648 | Date: (C)2023-07-21 (M)2024-02-26 |
Class: PATCH | Family: unix |
[9.0.9-2] - resolve CVE-2022-39229 grafana: Using email as a username can prevent other users from signing in - resolve CVE-2022-2880 CVE-2022-41715 grafana: various flaws [9.0.9-1] - update to 9.0.9 tagged upstream community sources, see CHANGELOG - resolve CVE-2022-35957 grafana: Escalation from admin to server admin when auth proxy is used [9.0.8-2] - bump NVR [9.0.8-1] - update to 9.0.8 tagged upstream community sources, see CHANGELOG - do not list /usr/share/grafana/conf twice - drop makefile in favor of create_bundles.sh script - sync provides/obsoletes with CentOS versions - drop husky patch