pool/grafana
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 953107 from home:witekbedyk:branches:server:monitoring

Browse Source 
- Update to version 8.3.5 (jsc#SLE-23439, jsc#SLE-23422)
  + Security:
    * Fixes XSS vulnerability in handling data sources
      (bsc#1195726, CVE-2022-21702)
    * Fixes cross-origin request forgery vulnerability
      (bsc#1195727, CVE-2022-21703)
    * Fixes Insecure Direct Object Reference vulnerability in Teams
      API (bsc#1195728, CVE-2022-21713)

OBS-URL: https://build.opensuse.org/request/show/953107
OBS-URL: https://build.opensuse.org/package/show/server:monitoring/grafana?expand=0&rev=68
This commit is contained in:
Stefano Torresi 2022-02-10 08:52:59 +00:00 committed by Git OBS Bridge
parent 85974d977e
commit 4e222aadc0
7 changed files with 21 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
_service
View File

@ -5,7 +5,7 @@
<param name="exclude">.git</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="versionrewrite-pattern">v(.*)</param>
<param name="revision">v8.3.4</param>
<param name="revision">v8.3.5</param>
<param name="changesgenerate">enable</param>
</service>
<service name="recompress" mode="disabled">

2
_servicedata
View File

@ -1,6 +1,6 @@
<servicedata>
<service name="tar_scm">
<param name="url">https://github.com/grafana/grafana</param>
<param name="changesrevision">a551d74b11dd89b512d642da5b620225a5d88cc9</param>
<param name="changesrevision">a53fcac7b1b7ebda8c0cb18f7ce92788af92fa32</param>
</service>
</servicedata>

3
grafana-8.3.4.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:f7b7d1e9984d58e4d9814a79f741f95c854b6a4d5fdb1f965fe95aaa27ebcc2b
size 46200318

3
grafana-8.3.5.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:deac98bbcc68840e8262b36957b8aa47e755b339e699a28042931b4160865900
size 46195057

14
grafana.changes
View File

@ -1,3 +1,15 @@
-------------------------------------------------------------------
Wed Feb 09 16:10:40 UTC 2022 - witold.bedyk@suse.com
- Update to version 8.3.5 (jsc#SLE-23439, jsc#SLE-23422)
+ Security:
* Fixes XSS vulnerability in handling data sources
(bsc#1195726, CVE-2022-21702)
* Fixes cross-origin request forgery vulnerability
(bsc#1195727, CVE-2022-21703)
* Fixes Insecure Direct Object Reference vulnerability in Teams
API (bsc#1195728, CVE-2022-21713)
-------------------------------------------------------------------
Thu Jan 20 14:01:12 UTC 2022 - witold.bedyk@suse.com
@ -5,7 +17,7 @@ Thu Jan 20 14:01:12 UTC 2022 - witold.bedyk@suse.com
- Add build-time dependency on `wire`.
- Update license to GNU Affero General Public License v3.0.
- Update to version 8.3.4 (jsc#PM-3191)
- Update to version 8.3.4
+ Security:
* GetUserInfo: return an error if no user was found
(bsc#1194873, CVE-2022-21673)

2
grafana.spec
View File

@ -22,7 +22,7 @@
%endif
Name: grafana
Version: 8.3.4
Version: 8.3.5
Release: 0
Summary: The open-source platform for monitoring and observability
License: AGPL-3.0-only

4
vendor.tar.gz
View File

@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:3064ce1cbf8699eb93ca7b2d38cddb6cf8cde132f03a52ac441af8d126e8f6b0
size 16948630
oid sha256:3953f42d39266b7d4056fceebd60ff64c877587322c40288ee4bcf7b6b371ce2
size 16947875