Issued:: 2024-10-28
Updated:: 2024-10-28

RHSA-2024:8507 - Security Advisory

Overview
Updated Packages

Synopsis

Important: grafana security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for grafana is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB.

Security Fix(es):

elliptic: Missing Validation in Elliptic's EDDSA Signature Verification (CVE-2024-48949)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux Server - AUS 8.2 x86_64

Fixes

BZ - 2317724 - CVE-2024-48949 elliptic: Missing Validation in Elliptic's EDDSA Signature Verification

CVEs

CVE-2024-48949

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 8.2

SRPM
grafana-6.3.6-6.el8_2.src.rpm	SHA-256: 7e96275133116f0b4bb4086a6a797755996fc895e781edb135fb2f91b61e9401
x86_64
grafana-6.3.6-6.el8_2.x86_64.rpm	SHA-256: 3685326013cd9f62c1b2ebcb35170e6d6e7866561f2d657d4d5e0ac12c5e2a86
grafana-azure-monitor-6.3.6-6.el8_2.x86_64.rpm	SHA-256: 0c421d986d2b56cf5ff825c38e6810fd91ca96a0e7e427d20e4d679b86be3c73
grafana-cloudwatch-6.3.6-6.el8_2.x86_64.rpm	SHA-256: 5c09201e1045c982ef826dab5519658309c30edbb5ca026eebca424c27da0ef6
grafana-debuginfo-6.3.6-6.el8_2.x86_64.rpm	SHA-256: bc0a023c06633d5aea7182053c0aa8859cf1804774985ff6aed90350dadb6bb8
grafana-elasticsearch-6.3.6-6.el8_2.x86_64.rpm	SHA-256: 0f6b09d90740d6572c101056567bb677f1a265fe174508d0b5505a19d28bf84f
grafana-graphite-6.3.6-6.el8_2.x86_64.rpm	SHA-256: d79db61e6e49046f64dd4d8c342d466ecf92ad0b621c2fe63dd140c0ec8bef05
grafana-influxdb-6.3.6-6.el8_2.x86_64.rpm	SHA-256: 83b0829210c799797957f3856c37eb3afd49e9f4d31988a8c12a0775113f0f77
grafana-loki-6.3.6-6.el8_2.x86_64.rpm	SHA-256: ad4f6960db161cbda05f155f19d97e6349394939a333fc046449042cfcd4318a
grafana-mssql-6.3.6-6.el8_2.x86_64.rpm	SHA-256: 0f1a4151292302eb7b1e38c7b0834a933d0a3a6532372507737689598763c412
grafana-mysql-6.3.6-6.el8_2.x86_64.rpm	SHA-256: 2f39caf3edc041c2fa33e29fdc1f0326abe3750d846f715ee57ec6d248ffc273
grafana-opentsdb-6.3.6-6.el8_2.x86_64.rpm	SHA-256: ceb13dcf9393420f341148c868e09f2179122920b00f9863238e89be8eab5b63
grafana-postgres-6.3.6-6.el8_2.x86_64.rpm	SHA-256: 5f09eb72c118c77793b2933d76dd58e6dfb829788a066afbaca247a817f131bb
grafana-prometheus-6.3.6-6.el8_2.x86_64.rpm	SHA-256: 1aa40868c9259717b678155654b538cfbe598e7187aaf19e4424b6075f86959a
grafana-stackdriver-6.3.6-6.el8_2.x86_64.rpm	SHA-256: 08f65775ba00cea8dd555fb3a72d2f0189ee3a5509bb10d3a8e5964ec835d5ee

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation