Issued:: 2025-06-23
Updated:: 2025-06-23

RHSA-2025:9311 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: grafana security update

Type/Severity

Security Advisory: Moderate

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for grafana is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB.

Security Fix(es):

net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux Server - AUS 8.2 x86_64

Fixes

BZ - 2358493 - CVE-2025-22871 net/http: Request smuggling due to acceptance of invalid chunked data in net/http

CVEs

CVE-2025-22871

References

https://access.redhat.com/security/updates/classification/#moderate

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 8.2

SRPM
grafana-6.3.6-8.el8_2.src.rpm	SHA-256: 3abdabbccbd3f858697b4198cb4a0bd1c7328170cf80a019599ffb1e5ee44a83
x86_64
grafana-6.3.6-8.el8_2.x86_64.rpm	SHA-256: f852bbd93e24d8615812e75b58663fd580f375e789bd807cfcb46bf7d8f7d641
grafana-azure-monitor-6.3.6-8.el8_2.x86_64.rpm	SHA-256: d5bdc0e37fca989cc1a07fd5a9b8efdcf6990d3c85ef87d486d5521f5beb6f53
grafana-cloudwatch-6.3.6-8.el8_2.x86_64.rpm	SHA-256: aa990ccd5ee3d5935cebb266e77d610d5f02db9e84f65cfd52294de59bb781f4
grafana-debuginfo-6.3.6-8.el8_2.x86_64.rpm	SHA-256: 26429fde8ae4ed3360f14a61923055cea0bb8de3f840a20e531025db01a2e538
grafana-elasticsearch-6.3.6-8.el8_2.x86_64.rpm	SHA-256: 9ead0a49903acc45dcdfd3f8535df7b4c17c21b4e678fcc46f7548b5a869deb5
grafana-graphite-6.3.6-8.el8_2.x86_64.rpm	SHA-256: a642b3e01a29d02d654d4d276851b6fa561eb2d69664dd9822e36bd1fec89e4c
grafana-influxdb-6.3.6-8.el8_2.x86_64.rpm	SHA-256: bd89ee3a74aafb19c07b94742abd2db4ac6e51573f2e3c55b14ddd6c75af528d
grafana-loki-6.3.6-8.el8_2.x86_64.rpm	SHA-256: 98204dcb62f4ed2685055c0632553a127cbe290dae7cc03d2a5c16dc4e4b9379
grafana-mssql-6.3.6-8.el8_2.x86_64.rpm	SHA-256: ab3a2f56123e89cfd972c8fb2e28f6cd922a265b0cc6306773c72e5942760791
grafana-mysql-6.3.6-8.el8_2.x86_64.rpm	SHA-256: c600ee05bf2512992a65a255c55b9596929b06682397de37a1f933b5f30403b2
grafana-opentsdb-6.3.6-8.el8_2.x86_64.rpm	SHA-256: 3dd7b70960e4754f41f62528486b131cb6a4447140b672aec234fa3ae1f59ecf
grafana-postgres-6.3.6-8.el8_2.x86_64.rpm	SHA-256: 970bd2dae31a736039823997e1793ffafca53a0909cd159142b84d5187d431f1
grafana-prometheus-6.3.6-8.el8_2.x86_64.rpm	SHA-256: 079342ce0c4ea52137fcb09bb704577cfbf5c043113dc6731426ac2a31565781
grafana-stackdriver-6.3.6-8.el8_2.x86_64.rpm	SHA-256: cb03c6a4028796d140165a6cfd2cba92242a445e00815518e4433ad661b5eb30

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation