Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2022:0002: Red Hat Security Advisory: grafana security update

An update for grafana is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2021-44716: golang: net/http: limit growth of header canonicalization cache
Red Hat Security Data
Open in Source
#vulnerability#web#linux#red_hat#nodejs#js#java#kubernetes

Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases

Red Hat Customer Portal

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus
  • Red Hat CodeReady Studio

Integration and Automation

  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager

All Products

Issued:

2022-01-03

Updated:

2022-01-03

RHSA-2022:0002 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: grafana security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for grafana is now available for Red Hat Enterprise Linux 8.4 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB.

Security Fix(es):

  • golang: net/http: limit growth of header canonicalization cache (CVE-2021-44716)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.4 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
  • Red Hat Enterprise Linux Server - TUS 8.4 x86_64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
  • Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4 ppc64le
  • Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64

Fixes

  • BZ - 2030801 - CVE-2021-44716 golang: net/http: limit growth of header canonicalization cache

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4

SRPM

grafana-7.3.6-4.el8_4.src.rpm

SHA-256: 0c7797071ba324e225484d51edf9383a8fa8113479f1efa66ab9158f979f46a2

x86_64

grafana-7.3.6-4.el8_4.x86_64.rpm

SHA-256: 26cef130c6efd76bac387a39a02f7ddae0d49ced0cb6550adba5dc1c2da5c170

grafana-debuginfo-7.3.6-4.el8_4.x86_64.rpm

SHA-256: f41cd44bad47a6850a534629c1c6d53e7453b63ec063d4a77be4b313c0e1dc36

Red Hat Enterprise Linux Server - AUS 8.4

SRPM

grafana-7.3.6-4.el8_4.src.rpm

SHA-256: 0c7797071ba324e225484d51edf9383a8fa8113479f1efa66ab9158f979f46a2

x86_64

grafana-7.3.6-4.el8_4.x86_64.rpm

SHA-256: 26cef130c6efd76bac387a39a02f7ddae0d49ced0cb6550adba5dc1c2da5c170

grafana-debuginfo-7.3.6-4.el8_4.x86_64.rpm

SHA-256: f41cd44bad47a6850a534629c1c6d53e7453b63ec063d4a77be4b313c0e1dc36

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4

SRPM

grafana-7.3.6-4.el8_4.src.rpm

SHA-256: 0c7797071ba324e225484d51edf9383a8fa8113479f1efa66ab9158f979f46a2

s390x

grafana-7.3.6-4.el8_4.s390x.rpm

SHA-256: 3e03a9a453d4ffc48011d4b327f81ce45d3310436da64797169f0b849a943669

grafana-debuginfo-7.3.6-4.el8_4.s390x.rpm

SHA-256: 2a883524a678628f3e585c6fd58068aa7a75ce18d3cb15b4d9aeffb21271537e

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4

SRPM

grafana-7.3.6-4.el8_4.src.rpm

SHA-256: 0c7797071ba324e225484d51edf9383a8fa8113479f1efa66ab9158f979f46a2

ppc64le

grafana-7.3.6-4.el8_4.ppc64le.rpm

SHA-256: 8c824327c67bc7a3dd84d379694319abf62b97b4df603e25b4311fd46cd6b16c

grafana-debuginfo-7.3.6-4.el8_4.ppc64le.rpm

SHA-256: c6e6f228c38ae32e64d14bc5250552011e24760e2abcbbab8d73eab939afeea3

Red Hat Enterprise Linux Server - TUS 8.4

SRPM

grafana-7.3.6-4.el8_4.src.rpm

SHA-256: 0c7797071ba324e225484d51edf9383a8fa8113479f1efa66ab9158f979f46a2

x86_64

grafana-7.3.6-4.el8_4.x86_64.rpm

SHA-256: 26cef130c6efd76bac387a39a02f7ddae0d49ced0cb6550adba5dc1c2da5c170

grafana-debuginfo-7.3.6-4.el8_4.x86_64.rpm

SHA-256: f41cd44bad47a6850a534629c1c6d53e7453b63ec063d4a77be4b313c0e1dc36

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4

SRPM

grafana-7.3.6-4.el8_4.src.rpm

SHA-256: 0c7797071ba324e225484d51edf9383a8fa8113479f1efa66ab9158f979f46a2

aarch64

grafana-7.3.6-4.el8_4.aarch64.rpm

SHA-256: a09306e0c06d48036cba82100a526cda1fc41e1c2077576c152e1d6b6bef9d79

grafana-debuginfo-7.3.6-4.el8_4.aarch64.rpm

SHA-256: 490216f4fedacd55b7e367e1136f5a0008f3be9572e179835ff321e593f9057c

Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4

SRPM

grafana-7.3.6-4.el8_4.src.rpm

SHA-256: 0c7797071ba324e225484d51edf9383a8fa8113479f1efa66ab9158f979f46a2

ppc64le

grafana-7.3.6-4.el8_4.ppc64le.rpm

SHA-256: 8c824327c67bc7a3dd84d379694319abf62b97b4df603e25b4311fd46cd6b16c

grafana-debuginfo-7.3.6-4.el8_4.ppc64le.rpm

SHA-256: c6e6f228c38ae32e64d14bc5250552011e24760e2abcbbab8d73eab939afeea3

Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4

SRPM

grafana-7.3.6-4.el8_4.src.rpm

SHA-256: 0c7797071ba324e225484d51edf9383a8fa8113479f1efa66ab9158f979f46a2

x86_64

grafana-7.3.6-4.el8_4.x86_64.rpm

SHA-256: 26cef130c6efd76bac387a39a02f7ddae0d49ced0cb6550adba5dc1c2da5c170

grafana-debuginfo-7.3.6-4.el8_4.x86_64.rpm

SHA-256: f41cd44bad47a6850a534629c1c6d53e7453b63ec063d4a77be4b313c0e1dc36

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat Security Data: Latest News

RHSA-2023:5627: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
Red Hat Security Data