红帽产品勘误 RHSA-2026:11711 - Security Advisory
发布:
2026-04-29
已更新:
2026-04-29

RHSA-2026:11711 - Security Advisory

概述

Important: grafana security update

类型/严重性

Security Advisory: Important

Red Hat Insights 补丁分析

识别并修复受此公告影响的系统。

查看受影响的系统

标题

An update for grafana is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

描述

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB.

Security Fix(es):

  • golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282)
  • crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

解决方案

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

受影响的产品

  • Red Hat Enterprise Linux for x86_64 9 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 9 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 s390x
  • Red Hat Enterprise Linux for Power, little endian 9 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8 ppc64le
  • Red Hat Enterprise Linux for ARM 64 9 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.8 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.8 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.8 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.8 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.8 s390x
  • Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.8 x86_64
  • Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.8 aarch64
  • Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.8 ppc64le
  • Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.8 s390x

修复

  • BZ - 2456336 - CVE-2026-32282 golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

Red Hat Enterprise Linux for x86_64 9

SRPM
grafana-10.2.6-21.el9_7.src.rpm SHA-256: b23217b2182d1229f7c12beab098d797bb53c55bf6ecfd40fcc4f45739bcaf80
x86_64
grafana-10.2.6-21.el9_7.x86_64.rpm SHA-256: cec3df5cb7eb6becd9494815faea4f03097fc41ba4347fdbcaa74c3cd06c6dfe
grafana-debuginfo-10.2.6-21.el9_7.x86_64.rpm SHA-256: 45e348750667625a9ea7ebfd1e0cdbd83dcd870bdfdf621adf8db8abcbab47b2
grafana-debugsource-10.2.6-21.el9_7.x86_64.rpm SHA-256: 3c824ba65eb1e733a85057aa3e30d798c8cb8532a55ad5b65bfe7a6351761e6c
grafana-selinux-10.2.6-21.el9_7.x86_64.rpm SHA-256: 6ca775d9d3268aa248a593d9d60cf2ee721eaf89cd29dfa0d36eeb4f8dccf5bd

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8

SRPM
grafana-10.2.6-21.el9_7.src.rpm SHA-256: b23217b2182d1229f7c12beab098d797bb53c55bf6ecfd40fcc4f45739bcaf80
x86_64
grafana-10.2.6-21.el9_7.x86_64.rpm SHA-256: cec3df5cb7eb6becd9494815faea4f03097fc41ba4347fdbcaa74c3cd06c6dfe
grafana-debuginfo-10.2.6-21.el9_7.x86_64.rpm SHA-256: 45e348750667625a9ea7ebfd1e0cdbd83dcd870bdfdf621adf8db8abcbab47b2
grafana-debugsource-10.2.6-21.el9_7.x86_64.rpm SHA-256: 3c824ba65eb1e733a85057aa3e30d798c8cb8532a55ad5b65bfe7a6351761e6c
grafana-selinux-10.2.6-21.el9_7.x86_64.rpm SHA-256: 6ca775d9d3268aa248a593d9d60cf2ee721eaf89cd29dfa0d36eeb4f8dccf5bd

Red Hat Enterprise Linux for IBM z Systems 9

SRPM
grafana-10.2.6-21.el9_7.src.rpm SHA-256: b23217b2182d1229f7c12beab098d797bb53c55bf6ecfd40fcc4f45739bcaf80
s390x
grafana-10.2.6-21.el9_7.s390x.rpm SHA-256: 5cdd3153bc65e50abc2ad6d0912b79c2736267f20fd5252a2f085944e1ca3209
grafana-debuginfo-10.2.6-21.el9_7.s390x.rpm SHA-256: 5248da63a83b679b68557f9602adcb50d96cc157123b625dd0bc7f754bfcc3de
grafana-debugsource-10.2.6-21.el9_7.s390x.rpm SHA-256: 8056b640e4a3a58f9f077ecc5b6121d64ada4c1b3645f877da9f2e454fd92a79
grafana-selinux-10.2.6-21.el9_7.s390x.rpm SHA-256: 7824b66c147e6013cdc546e2349b92e3b7168d36a51c3bd1108c437e0e65970f

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8

SRPM
grafana-10.2.6-21.el9_7.src.rpm SHA-256: b23217b2182d1229f7c12beab098d797bb53c55bf6ecfd40fcc4f45739bcaf80
s390x
grafana-10.2.6-21.el9_7.s390x.rpm SHA-256: 5cdd3153bc65e50abc2ad6d0912b79c2736267f20fd5252a2f085944e1ca3209
grafana-debuginfo-10.2.6-21.el9_7.s390x.rpm SHA-256: 5248da63a83b679b68557f9602adcb50d96cc157123b625dd0bc7f754bfcc3de
grafana-debugsource-10.2.6-21.el9_7.s390x.rpm SHA-256: 8056b640e4a3a58f9f077ecc5b6121d64ada4c1b3645f877da9f2e454fd92a79
grafana-selinux-10.2.6-21.el9_7.s390x.rpm SHA-256: 7824b66c147e6013cdc546e2349b92e3b7168d36a51c3bd1108c437e0e65970f

Red Hat Enterprise Linux for Power, little endian 9

SRPM
grafana-10.2.6-21.el9_7.src.rpm SHA-256: b23217b2182d1229f7c12beab098d797bb53c55bf6ecfd40fcc4f45739bcaf80
ppc64le
grafana-10.2.6-21.el9_7.ppc64le.rpm SHA-256: c0265603e7e9143a7d997eccaecbf62287ca9bb1c242027d5937d2ce256ea3b8
grafana-debuginfo-10.2.6-21.el9_7.ppc64le.rpm SHA-256: ae55fba9df4e9c3477d25fe56d8b946f30aa9d0b561d29c264e65060a66cc382
grafana-debugsource-10.2.6-21.el9_7.ppc64le.rpm SHA-256: f65db182298ca8e62db77a03b61775821d851306d9dbd0dcc6d9b4a09be0c821
grafana-selinux-10.2.6-21.el9_7.ppc64le.rpm SHA-256: 28ba1de638a1003c22a3b7f005f4293bac0047039708f3c5ffda84b1975d65f7

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8

SRPM
grafana-10.2.6-21.el9_7.src.rpm SHA-256: b23217b2182d1229f7c12beab098d797bb53c55bf6ecfd40fcc4f45739bcaf80
ppc64le
grafana-10.2.6-21.el9_7.ppc64le.rpm SHA-256: c0265603e7e9143a7d997eccaecbf62287ca9bb1c242027d5937d2ce256ea3b8
grafana-debuginfo-10.2.6-21.el9_7.ppc64le.rpm SHA-256: ae55fba9df4e9c3477d25fe56d8b946f30aa9d0b561d29c264e65060a66cc382
grafana-debugsource-10.2.6-21.el9_7.ppc64le.rpm SHA-256: f65db182298ca8e62db77a03b61775821d851306d9dbd0dcc6d9b4a09be0c821
grafana-selinux-10.2.6-21.el9_7.ppc64le.rpm SHA-256: 28ba1de638a1003c22a3b7f005f4293bac0047039708f3c5ffda84b1975d65f7

Red Hat Enterprise Linux for ARM 64 9

SRPM
grafana-10.2.6-21.el9_7.src.rpm SHA-256: b23217b2182d1229f7c12beab098d797bb53c55bf6ecfd40fcc4f45739bcaf80
aarch64
grafana-10.2.6-21.el9_7.aarch64.rpm SHA-256: d11f4a5dcbb1628da2f0c03c3776ffd406c1843f20942c9a0df7ef2e360b0dfa
grafana-debuginfo-10.2.6-21.el9_7.aarch64.rpm SHA-256: 0f31095dfb0c37364bb5a1f12a1f04879befc34f60ab34f03d28122dd25a3909
grafana-debugsource-10.2.6-21.el9_7.aarch64.rpm SHA-256: 6d5a1a2b4b57978576fb5d680d39df8b33994275096fd46292c3bd39a9f3f895
grafana-selinux-10.2.6-21.el9_7.aarch64.rpm SHA-256: a896070f06dd79d10bd15b64f7ec78f98746c7a368cf8c21284406367852b07d

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.8

SRPM
grafana-10.2.6-21.el9_7.src.rpm SHA-256: b23217b2182d1229f7c12beab098d797bb53c55bf6ecfd40fcc4f45739bcaf80
aarch64
grafana-10.2.6-21.el9_7.aarch64.rpm SHA-256: d11f4a5dcbb1628da2f0c03c3776ffd406c1843f20942c9a0df7ef2e360b0dfa
grafana-debuginfo-10.2.6-21.el9_7.aarch64.rpm SHA-256: 0f31095dfb0c37364bb5a1f12a1f04879befc34f60ab34f03d28122dd25a3909
grafana-debugsource-10.2.6-21.el9_7.aarch64.rpm SHA-256: 6d5a1a2b4b57978576fb5d680d39df8b33994275096fd46292c3bd39a9f3f895
grafana-selinux-10.2.6-21.el9_7.aarch64.rpm SHA-256: a896070f06dd79d10bd15b64f7ec78f98746c7a368cf8c21284406367852b07d

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.8

SRPM
grafana-10.2.6-21.el9_7.src.rpm SHA-256: b23217b2182d1229f7c12beab098d797bb53c55bf6ecfd40fcc4f45739bcaf80
ppc64le
grafana-10.2.6-21.el9_7.ppc64le.rpm SHA-256: c0265603e7e9143a7d997eccaecbf62287ca9bb1c242027d5937d2ce256ea3b8
grafana-debuginfo-10.2.6-21.el9_7.ppc64le.rpm SHA-256: ae55fba9df4e9c3477d25fe56d8b946f30aa9d0b561d29c264e65060a66cc382
grafana-debugsource-10.2.6-21.el9_7.ppc64le.rpm SHA-256: f65db182298ca8e62db77a03b61775821d851306d9dbd0dcc6d9b4a09be0c821
grafana-selinux-10.2.6-21.el9_7.ppc64le.rpm SHA-256: 28ba1de638a1003c22a3b7f005f4293bac0047039708f3c5ffda84b1975d65f7

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.8

SRPM
grafana-10.2.6-21.el9_7.src.rpm SHA-256: b23217b2182d1229f7c12beab098d797bb53c55bf6ecfd40fcc4f45739bcaf80
x86_64
grafana-10.2.6-21.el9_7.x86_64.rpm SHA-256: cec3df5cb7eb6becd9494815faea4f03097fc41ba4347fdbcaa74c3cd06c6dfe
grafana-debuginfo-10.2.6-21.el9_7.x86_64.rpm SHA-256: 45e348750667625a9ea7ebfd1e0cdbd83dcd870bdfdf621adf8db8abcbab47b2
grafana-debugsource-10.2.6-21.el9_7.x86_64.rpm SHA-256: 3c824ba65eb1e733a85057aa3e30d798c8cb8532a55ad5b65bfe7a6351761e6c
grafana-selinux-10.2.6-21.el9_7.x86_64.rpm SHA-256: 6ca775d9d3268aa248a593d9d60cf2ee721eaf89cd29dfa0d36eeb4f8dccf5bd

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.8

SRPM
grafana-10.2.6-21.el9_7.src.rpm SHA-256: b23217b2182d1229f7c12beab098d797bb53c55bf6ecfd40fcc4f45739bcaf80
aarch64
grafana-10.2.6-21.el9_7.aarch64.rpm SHA-256: d11f4a5dcbb1628da2f0c03c3776ffd406c1843f20942c9a0df7ef2e360b0dfa
grafana-debuginfo-10.2.6-21.el9_7.aarch64.rpm SHA-256: 0f31095dfb0c37364bb5a1f12a1f04879befc34f60ab34f03d28122dd25a3909
grafana-debugsource-10.2.6-21.el9_7.aarch64.rpm SHA-256: 6d5a1a2b4b57978576fb5d680d39df8b33994275096fd46292c3bd39a9f3f895
grafana-selinux-10.2.6-21.el9_7.aarch64.rpm SHA-256: a896070f06dd79d10bd15b64f7ec78f98746c7a368cf8c21284406367852b07d

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.8

SRPM
grafana-10.2.6-21.el9_7.src.rpm SHA-256: b23217b2182d1229f7c12beab098d797bb53c55bf6ecfd40fcc4f45739bcaf80
s390x
grafana-10.2.6-21.el9_7.s390x.rpm SHA-256: 5cdd3153bc65e50abc2ad6d0912b79c2736267f20fd5252a2f085944e1ca3209
grafana-debuginfo-10.2.6-21.el9_7.s390x.rpm SHA-256: 5248da63a83b679b68557f9602adcb50d96cc157123b625dd0bc7f754bfcc3de
grafana-debugsource-10.2.6-21.el9_7.s390x.rpm SHA-256: 8056b640e4a3a58f9f077ecc5b6121d64ada4c1b3645f877da9f2e454fd92a79
grafana-selinux-10.2.6-21.el9_7.s390x.rpm SHA-256: 7824b66c147e6013cdc546e2349b92e3b7168d36a51c3bd1108c437e0e65970f

Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.8

SRPM
grafana-10.2.6-21.el9_7.src.rpm SHA-256: b23217b2182d1229f7c12beab098d797bb53c55bf6ecfd40fcc4f45739bcaf80
x86_64
grafana-10.2.6-21.el9_7.x86_64.rpm SHA-256: cec3df5cb7eb6becd9494815faea4f03097fc41ba4347fdbcaa74c3cd06c6dfe
grafana-debuginfo-10.2.6-21.el9_7.x86_64.rpm SHA-256: 45e348750667625a9ea7ebfd1e0cdbd83dcd870bdfdf621adf8db8abcbab47b2
grafana-debugsource-10.2.6-21.el9_7.x86_64.rpm SHA-256: 3c824ba65eb1e733a85057aa3e30d798c8cb8532a55ad5b65bfe7a6351761e6c
grafana-selinux-10.2.6-21.el9_7.x86_64.rpm SHA-256: 6ca775d9d3268aa248a593d9d60cf2ee721eaf89cd29dfa0d36eeb4f8dccf5bd

Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.8

SRPM
grafana-10.2.6-21.el9_7.src.rpm SHA-256: b23217b2182d1229f7c12beab098d797bb53c55bf6ecfd40fcc4f45739bcaf80
aarch64
grafana-10.2.6-21.el9_7.aarch64.rpm SHA-256: d11f4a5dcbb1628da2f0c03c3776ffd406c1843f20942c9a0df7ef2e360b0dfa
grafana-debuginfo-10.2.6-21.el9_7.aarch64.rpm SHA-256: 0f31095dfb0c37364bb5a1f12a1f04879befc34f60ab34f03d28122dd25a3909
grafana-debugsource-10.2.6-21.el9_7.aarch64.rpm SHA-256: 6d5a1a2b4b57978576fb5d680d39df8b33994275096fd46292c3bd39a9f3f895
grafana-selinux-10.2.6-21.el9_7.aarch64.rpm SHA-256: a896070f06dd79d10bd15b64f7ec78f98746c7a368cf8c21284406367852b07d

Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.8

SRPM
grafana-10.2.6-21.el9_7.src.rpm SHA-256: b23217b2182d1229f7c12beab098d797bb53c55bf6ecfd40fcc4f45739bcaf80
ppc64le
grafana-10.2.6-21.el9_7.ppc64le.rpm SHA-256: c0265603e7e9143a7d997eccaecbf62287ca9bb1c242027d5937d2ce256ea3b8
grafana-debuginfo-10.2.6-21.el9_7.ppc64le.rpm SHA-256: ae55fba9df4e9c3477d25fe56d8b946f30aa9d0b561d29c264e65060a66cc382
grafana-debugsource-10.2.6-21.el9_7.ppc64le.rpm SHA-256: f65db182298ca8e62db77a03b61775821d851306d9dbd0dcc6d9b4a09be0c821
grafana-selinux-10.2.6-21.el9_7.ppc64le.rpm SHA-256: 28ba1de638a1003c22a3b7f005f4293bac0047039708f3c5ffda84b1975d65f7

Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.8

SRPM
grafana-10.2.6-21.el9_7.src.rpm SHA-256: b23217b2182d1229f7c12beab098d797bb53c55bf6ecfd40fcc4f45739bcaf80
s390x
grafana-10.2.6-21.el9_7.s390x.rpm SHA-256: 5cdd3153bc65e50abc2ad6d0912b79c2736267f20fd5252a2f085944e1ca3209
grafana-debuginfo-10.2.6-21.el9_7.s390x.rpm SHA-256: 5248da63a83b679b68557f9602adcb50d96cc157123b625dd0bc7f754bfcc3de
grafana-debugsource-10.2.6-21.el9_7.s390x.rpm SHA-256: 8056b640e4a3a58f9f077ecc5b6121d64ada4c1b3645f877da9f2e454fd92a79
grafana-selinux-10.2.6-21.el9_7.s390x.rpm SHA-256: 7824b66c147e6013cdc546e2349b92e3b7168d36a51c3bd1108c437e0e65970f

Red Hat 安全团队联络方式为 secalert@redhat.com。 更多联络细节请参考 https://access.redhat.com/security/team/contact/