grafana-9.0.9-2.el9 | Build Info

Information for build grafana-9.0.9-2.el9

24690

Package Name

grafana

Version

9.0.9

Release

2.el9

Epoch

Draft

False

Source

git+https://git.cclinux.org/stage/rpms/grafana.git#5493ccfbea2c8444137649a1c699b5a9a4f8acd3

Summary

Metrics dashboard and graph editor

Description

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB.

Built by

distrobuild

State

complete

Volume

DEFAULT

Started

Sat, 20 May 2023 18:06:16 CST

Completed

Sat, 20 May 2023 18:19:56 CST

Task

build (dist-circle9, /stage/rpms/grafana.git:5493ccfbea2c8444137649a1c699b5a9a4f8acd3)

Extra

{'source': {'original_url': 'git+https://git.cclinux.org/stage/rpms/grafana.git?#5493ccfbea2c8444137649a1c699b5a9a4f8acd3'}}

Tags

dist-circle9

dist-circle9-compose

RPMs

src
	grafana-9.0.9-2.el9.src.rpm (info) (download)
aarch64
	grafana-9.0.9-2.el9.aarch64.rpm (info) (download)
	grafana-debuginfo-9.0.9-2.el9.aarch64.rpm (info) (download)
	grafana-debugsource-9.0.9-2.el9.aarch64.rpm (info) (download)
ppc64le
	grafana-9.0.9-2.el9.ppc64le.rpm (info) (download)
	grafana-debuginfo-9.0.9-2.el9.ppc64le.rpm (info) (download)
	grafana-debugsource-9.0.9-2.el9.ppc64le.rpm (info) (download)
s390x
	grafana-9.0.9-2.el9.s390x.rpm (info) (download)
	grafana-debuginfo-9.0.9-2.el9.s390x.rpm (info) (download)
	grafana-debugsource-9.0.9-2.el9.s390x.rpm (info) (download)
x86_64
	grafana-9.0.9-2.el9.x86_64.rpm (info) (download)
	grafana-debuginfo-9.0.9-2.el9.x86_64.rpm (info) (download)
	grafana-debugsource-9.0.9-2.el9.x86_64.rpm (info) (download)

Logs

aarch64
	build.log
	hw_info.log
	installed_pkgs.log
	mock_output.log
	root.log
	state.log
ppc64le
	build.log
	hw_info.log
	installed_pkgs.log
	mock_output.log
	root.log
	state.log
s390x
	build.log
	hw_info.log
	installed_pkgs.log
	mock_output.log
	root.log
	state.log
x86_64
	build.log
	hw_info.log
	installed_pkgs.log
	mock_output.log
	root.log
	state.log

Changelog

* Tue Nov 01 2022 Stan Cox <scox@redhat.com> 9.0.9-2 - resolve CVE-2022-39229 grafana: Using email as a username can prevent other users from signing in - resolve CVE-2022-2880 CVE-2022-41715 grafana: various flaws * Wed Sep 21 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 9.0.9-1 - update to 9.0.9 tagged upstream community sources, see CHANGELOG - resolve CVE-2022-35957 grafana: Escalation from admin to server admin when auth proxy is used (rhbz#2125530) * Tue Sep 20 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 9.0.8-2 - bump NVR * Thu Sep 15 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 9.0.8-1 - update to 9.0.8 tagged upstream community sources, see CHANGELOG - do not list /usr/share/grafana/conf twice - drop makefile in favor of create_bundles.sh script - sync provides/obsoletes with CentOS versions - drop husky patch * Thu Aug 11 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 7.5.15-3 - resolve CVE-2022-1962 golang: go/parser: stack exhaustion in all Parse* functions - resolve CVE-2022-1705 golang: net/http: improper sanitization of Transfer-Encoding header - resolve CVE-2022-32148 golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working - resolve CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read - resolve CVE-2022-30630 golang: io/fs: stack exhaustion in Glob - resolve CVE-2022-30632 golang: path/filepath: stack exhaustion in Glob - resolve CVE-2022-30635 golang: encoding/gob: stack exhaustion in Decoder.Decode - resolve CVE-2022-28131 golang: encoding/xml: stack exhaustion in Decoder.Skip - resolve CVE-2022-30633 golang: encoding/xml: stack exhaustion in Unmarshal * Tue Jul 26 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 7.5.15-2 - resolve CVE-2022-31107 grafana: OAuth account takeover * Fri Apr 22 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 7.5.15-1 - update to 7.5.15 tagged upstream community sources, see CHANGELOG - resolve CVE-2022-21673 grafana: Forward OAuth Identity Token can allow users to access some data sources - resolve CVE-2022-21702 grafana: XSS vulnerability in data source handling - resolve CVE-2022-21703 grafana: CSRF vulnerability can lead to privilege escalation - resolve CVE-2022-21713 grafana: IDOR vulnerability can lead to information disclosure - resolve CVE-2021-23648 sanitize-url: XSS - resolve CVE-2022-21698 prometheus/client_golang: Denial of service using InstrumentHandlerCounter - declare Node.js dependencies of subpackages - make vendor and webpack tarballs reproducible * Tue Jan 18 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 7.5.11-3 - use HMAC-SHA-256 instead of SHA-1 to generate password reset tokens - update FIPS tests in check phase * Thu Dec 16 2021 Andreas Gerstmayr <agerstmayr@redhat.com> 7.5.11-2 - resolve CVE-2021-44716 golang: net/http: limit growth of header canonicalization cache - resolve CVE-2021-43813 grafana: directory traversal vulnerability for *.md files * Mon Oct 11 2021 Andreas Gerstmayr <agerstmayr@redhat.com> 7.5.11-1 - update to 7.5.11 tagged upstream community sources, see CHANGELOG - resolve CVE-2021-39226 * Thu Sep 30 2021 Andreas Gerstmayr <agerstmayr@redhat.com> 7.5.10-1 - update to 7.5.10 tagged upstream community sources, see CHANGELOG * Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 7.5.9-3 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags Related: rhbz#1991688 * Thu Jul 08 2021 Andreas Gerstmayr <agerstmayr@redhat.com> 7.5.9-2 - remove unused dependency property-information - always include FIPS patch in SRPM * Fri Jun 25 2021 Andreas Gerstmayr <agerstmayr@redhat.com> 7.5.9-1 - update to 7.5.9 tagged upstream community sources, see CHANGELOG * Tue Jun 22 2021 Mohan Boddu <mboddu@redhat.com> - 7.5.8-2 - Rebuilt for RHEL 9 BETA for openssl 3.0 Related: rhbz#1971065 * Mon Jun 21 2021 Andreas Gerstmayr <agerstmayr@redhat.com> 7.5.8-1 - update to 7.5.8 tagged upstream community sources, see CHANGELOG - remove unused dependencies selfsigned, http-signature and gofpdf * Fri Jun 11 2021 Andreas Gerstmayr <agerstmayr@redhat.com> 7.5.7-2 - remove unused cryptographic implementations - use cryptographic functions from OpenSSL if FIPS mode is enabled * Tue May 25 2021 Andreas Gerstmayr <agerstmayr@redhat.com> 7.5.7-1 - update to 7.5.7 tagged upstream community sources, see CHANGELOG * Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 7.3.6-4 - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937 * Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 7.3.6-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Fri Jan 22 2021 Andreas Gerstmayr <agerstmayr@redhat.com> 7.3.6-2 - change working dir to $GRAFANA_HOME in grafana-cli wrapper (fixes Red Hat BZ #1916083) - add pcp-redis-datasource to allow_loading_unsigned_plugins config option * Mon Dec 21 2020 Andreas Gerstmayr <agerstmayr@redhat.com> 7.3.6-1 - update to 7.3.6 tagged upstream community sources, see CHANGELOG - remove dependency on SAML (not supported in the open source version of Grafana) * Wed Nov 25 2020 Andreas Gerstmayr <agerstmayr@redhat.com> 7.3.4-1 - update to 7.3.4 tagged upstream community sources, see CHANGELOG * Tue Nov 10 2020 Andreas Gerstmayr <agerstmayr@redhat.com> 7.3.1-1 - update to 7.3.1 tagged upstream community sources, see CHANGELOG - optionally bundle node.js dependencies and build and test frontend as part of the specfile - change default provisioning path to /etc/grafana/provisioning (changed in version 7.1.1-1) - resolve https://bugzilla.redhat.com/show_bug.cgi?id=1843170

Main Site Links:

Information for build grafana-9.0.9-2.el9