SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for grafana-9.0.9-1.fc37.x86_64.rpm :

* Wed Sep 21 2022 Andreas Gerstmayr 9.0.9-1- update to 9.0.9 tagged upstream community sources, see CHANGELOG- resolve CVE-2022-35957 grafana: Escalation from admin to server admin when auth proxy is used (rhbz#2128565)
* Thu Sep 15 2022 Andreas Gerstmayr 9.0.8-1- update to 9.0.8 tagged upstream community sources, see CHANGELOG- do not list /usr/share/grafana/conf twice- drop makefile in favor of create_bundles.sh script- sync provides/obsoletes with CentOS versions- drop husky patch
* Wed Jul 27 2022 Andreas Gerstmayr 9.0.5-1- update to 9.0.5 tagged upstream community sources, see CHANGELOG (rhbz#2107413)- run integration tests in check phase- remove conditional around go-rpm-macros- resolve CVE-2022-31107 grafana: OAuth account takeover (rhbz#2107435)- resolve CVE-2022-31097 grafana: stored XSS vulnerability (rhbz#2107436)
* Thu Jul 21 2022 Fedora Release Engineering - 9.0.2-4- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Thu Jul 14 2022 Andreas Gerstmayr 9.0.2-3- fix quoting in grafana-cli wrapper script (rhbz#2107046)
* Wed Jul 13 2022 Andreas Gerstmayr 9.0.2-2- use systemd-sysusers to create the Grafana user and group
* Thu Jul 07 2022 Andreas Gerstmayr 9.0.2-1- update to 9.0.2 tagged upstream community sources, see CHANGELOG
* Wed Jun 29 2022 Andreas Gerstmayr 8.5.6-1- update to 8.5.6 tagged upstream community sources, see CHANGELOG- updated license to AGPLv3- place commented sample config file in /etc/grafana/grafana.ini- enable Go modules in build process- adapt Node.js bundling to yarn v3 and Zero Install feature
* Sun Jun 19 2022 Robert-André Mauchin - 7.5.15-3- Rebuilt for CVE-2022-1996, CVE-2022-24675, CVE-2022-28327, CVE-2022-27191, CVE-2022-29526, CVE-2022-30629
* Mon Apr 11 2022 Andreas Gerstmayr 7.5.15-2- use clamp-mtime when generating the vendor and webpack tarballs, to preserve past timestamps but still keep reproducibility- round tarball mtime timestamp to midnight, to match SOURCE_DATE_EPOCH
* Fri Apr 08 2022 Andreas Gerstmayr 7.5.15-1- update to 7.5.15 tagged upstream community sources, see CHANGELOG- resolve CVE-2022-21673 grafana: Forward OAuth Identity Token can allow users to access some data sources- resolve CVE-2022-21702 grafana: XSS vulnerability in data source handling- resolve CVE-2022-21703 grafana: CSRF vulnerability can lead to privilege escalation- resolve CVE-2022-21713 grafana: IDOR vulnerability can lead to information disclosure- resolve CVE-2021-23648 sanitize-url: XSS- resolve CVE-2022-21698 prometheus/client_golang: Denial of service using InstrumentHandlerCounter- declare Node.js dependencies of subpackages- make vendor and webpack tarballs reproducible
* Fri Jan 28 2022 Andreas Gerstmayr 7.5.13-1- update to 7.5.13 tagged upstream community sources, see CHANGELOG- support Go 1.18
* Thu Jan 20 2022 Fedora Release Engineering - 7.5.11-4- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Tue Jan 18 2022 Andreas Gerstmayr 7.5.11-3- use HMAC-SHA-256 instead of SHA-1 to generate password reset tokens- update FIPS tests in check phase
* Thu Dec 16 2021 Andreas Gerstmayr 7.5.11-2- resolve CVE-2021-44716 golang: net/http: limit growth of header canonicalization cache- resolve CVE-2021-43813 grafana: directory traversal vulnerability for
*.md files
* Mon Oct 11 2021 Andreas Gerstmayr 7.5.11-1- update to 7.5.11 tagged upstream community sources, see CHANGELOG- resolve CVE-2021-39226
* Thu Sep 30 2021 Andreas Gerstmayr 7.5.10-1- update to 7.5.10 tagged upstream community sources, see CHANGELOG
* Mon Aug 16 2021 Andreas Gerstmayr 7.5.9-4- rebuild to resolve CVE-2021-34558
* Thu Jul 22 2021 Fedora Release Engineering - 7.5.9-3- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Thu Jul 08 2021 Andreas Gerstmayr 7.5.9-2- remove unused dependency property-information- always include FIPS patch in SRPM
* Fri Jun 25 2021 Andreas Gerstmayr 7.5.9-1- update to 7.5.9 tagged upstream community sources, see CHANGELOG
* Mon Jun 21 2021 Andreas Gerstmayr 7.5.8-1- update to 7.5.8 tagged upstream community sources, see CHANGELOG- remove unused dependencies selfsigned, http-signature and gofpdf
* Fri Jun 11 2021 Andreas Gerstmayr 7.5.7-2- remove unused cryptographic implementations- use cryptographic functions from OpenSSL if FIPS mode is enabled
* Tue May 25 2021 Andreas Gerstmayr 7.5.7-1- update to 7.5.7 tagged upstream community sources, see CHANGELOG
* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek - 7.3.6-4- Rebuilt for updated systemd-rpm-macros See https://pagure.io/fesco/issue/2583.
* Tue Jan 26 2021 Fedora Release Engineering - 7.3.6-3- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Fri Jan 22 2021 Andreas Gerstmayr 7.3.6-2- change working dir to $GRAFANA_HOME in grafana-cli wrapper (fixes Red Hat BZ #1916083)- add pcp-redis-datasource to allow_loading_unsigned_plugins config option
* Mon Dec 21 2020 Andreas Gerstmayr 7.3.6-1- update to 7.3.6 tagged upstream community sources, see CHANGELOG- remove dependency on SAML (not supported in the open source version of Grafana)
* Wed Nov 25 2020 Andreas Gerstmayr 7.3.4-1- update to 7.3.4 tagged upstream community sources, see CHANGELOG
* Tue Nov 10 2020 Andreas Gerstmayr 7.3.1-1- update to 7.3.1 tagged upstream community sources, see CHANGELOG- optionally bundle node.js dependencies and build and test frontend as part of the specfile- change default provisioning path to /etc/grafana/provisioning (changed in version 7.1.1-1)- resolve https://bugzilla.redhat.com/show_bug.cgi?id=1843170
  
ICM