Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

grafana-selinux-9.2.10-18.el8_10 RPM for x86_64

From AlmaLinux 8.10 AppStream for x86_64

Name: grafana-selinux Distribution: AlmaLinux
Version: 9.2.10 Vendor: AlmaLinux
Release: 18.el8_10 Build date: Tue Oct 1 14:49:30 2024
Group: Unspecified Build host: x64-builder02.almalinux.org
Size: 485126 Source RPM: grafana-9.2.10-18.el8_10.src.rpm
Packager: AlmaLinux Packaging Team <packager@almalinux.org>
Url: https://grafana.org
Summary: SELinux policy module supporting grafana
SELinux policy module supporting grafana

Provides

Requires

License

AGPLv3

Changelog

* Mon Jul 22 2024 Lauren Chilton <lchilton@redhat.com> 9.2.10-18
  - Resolves RHEL-47191
* Wed Jun 26 2024 Sam Feifer <sfeifer@redhat.com> 9.2.10-17
  - Allow for mssql datasource in selinux policy
  - Resolves RHEL-43435
* Fri Apr 05 2024 Sam Feifer <sfeifer@redhat.com> 9.2.10-16
  - Check OrdID is correct before deleting snapshot
  - fix CVE-2024-1313
  - fix CVE-2024-1394
* Wed Jan 31 2024 Sam Feifer <sfeifer@redhat.com> 9.2.10-15
  - Resolves RHEL-23466
  - Resolves RHEL-21027
  - Allows for gid to be 0
  - Allows for postgreSQL datasource in selinux policy
* Mon Dec 18 2023 Sam Feifer <sfeifer@redhat.com> 9.2.10-14
  - Resolves RHEL-19596
  - Fixes coredump issue introduced by selinux
  - Patches out call to panic when trying to walk "/" directory
  - Fixes postgresql AVC denial
* Fri Dec 01 2023 Sam Feifer <sfeifer@redhat.com> 9.2.10-12
  - Resolves RHEL-7503
  - Adds a selinux policy for grafana
  - Resolves RHEL-12650
  - fix CVE-2023-39325 CVE-2023-44487 rapid stream resets can cause excessive work
* Fri Jul 21 2023 Stan Cox <scox@redhat.com> 9.2.10-6
  - Add /usr/share/grafana to systemd-sysusers --replace
* Thu Jul 20 2023 Stan Cox <scox@redhat.com> 9.2.10-5
  - resolve CVE-2023-3128 grafana: account takeover possible when using Azure AD OAuth
* Thu Jun 08 2023 Stan Cox <scox@redhat.com> 9.2.10-4
  - bumps exporter-toolkit to v0.7.3, sanitize-url@npm to 6.0.2, skip problematic s390 tests.
* Thu May 25 2023 Stan Cox <scox@redhat.com> 9.2.10-3
  - Use systemd-sysusers --replace
* Tue May 23 2023 Jan Kurik <jkurik@redhat.com> 9.2.10-2
  - Use systemd-sysusers instead of sysusers_create_compat, which is not available in RHEL-8
* Thu May 04 2023 Stan Cox <scox@redhat.com> 9.2.10-1
  - Update to 9.2.10
* Mon Oct 31 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 7.5.15-4
  - resolve CVE-2022-39229 grafana: using email as a username can block other users from signing in
  - resolve CVE-2022-27664 golang: net/http: handle server errors after sending GOAWAY
  - resolve CVE-2022-41715 golang: regexp/syntax: limit memory used by parsing regexps
  - resolve CVE-2022-2880 golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters
  - run integration tests in check phase
  - update FIPS patch with latest changes in Go packaging
* Wed Aug 10 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 7.5.15-3
  - resolve CVE-2022-1962 golang: go/parser: stack exhaustion in all Parse* functions
  - resolve CVE-2022-1705 golang: net/http: improper sanitization of Transfer-Encoding header
  - resolve CVE-2022-32148 golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working
  - resolve CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read
  - resolve CVE-2022-30630 golang: io/fs: stack exhaustion in Glob
  - resolve CVE-2022-30632 golang: path/filepath: stack exhaustion in Glob
  - resolve CVE-2022-30635 golang: encoding/gob: stack exhaustion in Decoder.Decode
  - resolve CVE-2022-28131 golang: encoding/xml: stack exhaustion in Decoder.Skip
  - resolve CVE-2022-30633 golang: encoding/xml: stack exhaustion in Unmarshal
* Wed Jul 20 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 7.5.15-2
  - resolve CVE-2022-31107 grafana: OAuth account takeover
* Fri Apr 22 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 7.5.15-1
  - update to 7.5.15 tagged upstream community sources, see CHANGELOG
  - resolve CVE-2022-21673 grafana: Forward OAuth Identity Token can allow users to access some data sources
  - resolve CVE-2022-21702 grafana: XSS vulnerability in data source handling
  - resolve CVE-2022-21703 grafana: CSRF vulnerability can lead to privilege escalation
  - resolve CVE-2022-21713 grafana: IDOR vulnerability can lead to information disclosure
  - resolve CVE-2021-23648 sanitize-url: XSS
  - resolve CVE-2022-21698 prometheus/client_golang: Denial of service using InstrumentHandlerCounter
  - declare Node.js dependencies of subpackages
  - make vendor and webpack tarballs reproducible
* Thu Dec 16 2021 Andreas Gerstmayr <agerstmayr@redhat.com> 7.5.11-2
  - resolve CVE-2021-44716 golang: net/http: limit growth of header canonicalization cache
  - resolve CVE-2021-43813 grafana: directory traversal vulnerability for *.md files
* Mon Oct 11 2021 Andreas Gerstmayr <agerstmayr@redhat.com> 7.5.11-1
  - update to 7.5.11 tagged upstream community sources, see CHANGELOG
  - resolve CVE-2021-39226
* Thu Sep 30 2021 Andreas Gerstmayr <agerstmayr@redhat.com> 7.5.10-1
  - update to 7.5.10 tagged upstream community sources, see CHANGELOG
* Mon Aug 16 2021 Andreas Gerstmayr <agerstmayr@redhat.com> 7.5.9-3
  - rebuild to resolve CVE-2021-34558
* Thu Jul 08 2021 Andreas Gerstmayr <agerstmayr@redhat.com> 7.5.9-2
  - remove unused dependency property-information
  - always include FIPS patch in SRPM
* Fri Jun 25 2021 Andreas Gerstmayr <agerstmayr@redhat.com> 7.5.9-1
  - update to 7.5.9 tagged upstream community sources, see CHANGELOG
* Mon Jun 21 2021 Andreas Gerstmayr <agerstmayr@redhat.com> 7.5.8-1
  - update to 7.5.8 tagged upstream community sources, see CHANGELOG
  - remove unused dependencies selfsigned, http-signature and gofpdf
* Fri Jun 11 2021 Andreas Gerstmayr <agerstmayr@redhat.com> 7.5.7-2
  - remove unused cryptographic implementations
  - use cryptographic functions from OpenSSL if FIPS mode is enabled
* Tue May 25 2021 Andreas Gerstmayr <agerstmayr@redhat.com> 7.5.7-1
  - update to 7.5.7 tagged upstream community sources, see CHANGELOG
* Fri Jan 22 2021 Andreas Gerstmayr <agerstmayr@redhat.com> 7.3.6-2
  - change working dir to $GRAFANA_HOME in grafana-cli wrapper (fixes Red Hat BZ #1916083)
  - add pcp-redis-datasource to allow_loading_unsigned_plugins config option
* Mon Dec 21 2020 Andreas Gerstmayr <agerstmayr@redhat.com> 7.3.6-1
  - update to 7.3.6 tagged upstream community sources, see CHANGELOG
  - remove dependency on SAML (not supported in the open source version of Grafana)
* Wed Nov 25 2020 Andreas Gerstmayr <agerstmayr@redhat.com> 7.3.4-1
  - update to 7.3.4 tagged upstream community sources, see CHANGELOG
  - bundle golang dependencies
  - optionally bundle node.js dependencies and build and test frontend as part of the specfile
  - merge all datasources into main grafana package
  - change default provisioning path to /etc/grafana/provisioning
  - resolve https://bugzilla.redhat.com/show_bug.cgi?id=1843170
* Thu Aug 20 2020 Andreas Gerstmayr <agerstmayr@redhat.com> 6.7.4-3
  - apply patch for CVE-2020-13430 also to sources, not only to compiled webpack
* Wed Aug 19 2020 Andreas Gerstmayr <agerstmayr@redhat.com> 6.7.4-2
  - security fix for CVE-2020-13430
* Fri Jun 05 2020 Andreas Gerstmayr <agerstmayr@redhat.com> 6.7.4-1
  - update to 6.7.4 tagged upstream community sources, see CHANGELOG
  - security fix for CVE-2020-13379
* Tue Apr 28 2020 Andreas Gerstmayr <agerstmayr@redhat.com> 6.7.3-1
  - update to 6.7.3 tagged upstream community sources, see CHANGELOG
  - add scripts to list Go dependencies and bundled npmjs dependencies
  - set Grafana version in Grafana UI and grafana-cli --version
  - declare README.md as documentation of datasource plugins
  - create grafana.db on first installation (fixes RH BZ #1805472)
  - change permissions of /var/lib/grafana to 750 (CVE-2020-12458)
  - change permissions of /var/lib/grafana/grafana.db to 640 and
    user/group grafana:grafana (CVE-2020-12458)
  - change permissions of grafana.ini and ldap.toml to 640 (CVE-2020-12459)
* Wed Feb 26 2020 Mark Goodwin <mgoodwin@redhat.com> 6.6.2-1
  - added patch0 to set the version string correctly
  - removed patch 004-xerrors.patch, it's now upstream
  - added several patches for golang vendored vrs build dep differences
  - added patch to move grafana-cli binary to libexec dir
  - update to 6.6.2 tagged upstream community sources, see CHANGELOG
* Wed Nov 20 2019 Mark Goodwin <mgoodwin@redhat.com> 6.3.6-1
  - add weak depenency on grafana-pcp
  - add patch to mute shellcheck SC1090 for grafana-cli
  - update to 6.3.6 upstream community sources, see CHANGELOG
* Thu Sep 05 2019 Mark Goodwin <mgoodwin@redhat.com> 6.3.5-1
  - drop uaparser patch now it's upstream
  - add xerrors patch, see https://github.com/golang/go/issues/32246
  - use vendor sources on rawhide until modules are fully supported
  - update to latest upstream community sources, see CHANGELOG
* Fri Aug 30 2019 Mark Goodwin <mgoodwin@redhat.com> 6.3.4-1
  - include fix for CVE-2019-15043
  - add patch for uaparser on 32bit systems
  - update to latest upstream community sources, see CHANGELOG
* Wed Jul 31 2019 Mark Goodwin <mgoodwin@redhat.com> 6.2.5-1
  - update to latest upstream community sources, see CHANGELOG
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 6.2.2-2
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Fri Jun 07 2019 Mark Goodwin <mgoodwin@redhat.com> 6.2.2-1
  - split out some datasource plugins to sub-packages
  - update to latest upstream community sources, see CHANGELOG
* Wed Jun 05 2019 Mark Goodwin <mgoodwin@redhat.com> 6.2.1-1
  - update to latest upstream community sources, see CHANGELOG
* Fri May 24 2019 Mark Goodwin <mgoodwin@redhat.com> 6.2.0-1
  - update to latest upstream community sources
  - drop a couple of patches
* Wed May 08 2019 Mark Goodwin <mgoodwin@redhat.com> 6.1.6-2
  - add conditional unbundle_vendor_sources macro
* Tue Apr 30 2019 Mark Goodwin <mgoodwin@redhat.com> 6.1.6-1
  - update to latest upstream stable release 6.1.6, see CHANGELOG
  - includes jQuery 3.4.0 security update
* Wed Apr 24 2019 Mark Goodwin <mgoodwin@redhat.com> 6.1.4-1
  - update to latest upstream stable release 6.1.4, see CHANGELOG
  - use gobuild and gochecks macros, eliminate arch symlinks
  - re-enable grafana-debugsource package
  - fix GRAFANA_GROUP typo
  - fix more modes for brp-mangle-shebangs
  - vendor source unbundling now done in prep after patches
  - remove all rhel and fedora conditional guff
* Tue Apr 16 2019 Mark Goodwin <mgoodwin@redhat.com> 6.1.3-1
  - update to latest upstream stable release 6.1.3, see CHANGELOG
  - unbundle all vendor sources, replace with BuildRequires, see
    the long list of blocker BZs linked to BZ#1670656
  - BuildRequires go-plugin >= v1.0.0 for grpc_broker (thanks eclipseo)
  - tweak make_webpack to no longer use grunt, switch to prod build
  - add ExclusiveArch lua script (thanks quantum.analyst)
  - move db directory and plugins to /var/lib/grafana
  - split out into 6 patches, ready for upstream PRs
  - add check to run go tests for gating checks
* Thu Apr 04 2019 Mark Goodwin <mgoodwin@redhat.com> 6.1.0-1
  - update to latest upstream stable release 6.1.0, see CHANGELOG
* Thu Mar 21 2019 Mark Goodwin <mgoodwin@redhat.com> 6.0.2-1
  - bump to latest upstream stable release 6.0.2-1
  - unbundle almost all remaining vendor code, see linked blockers in BZ#1670656
* Fri Mar 15 2019 Mark Goodwin <mgoodwin@redhat.com> 6.0.1-3
  - bump to latest upstream stable release 6.0.1-1
* Thu Mar 14 2019 Mark Goodwin <mgoodwin@redhat.com> 6.0.1-2
  - unbundle and add BuildRequires for golang-github-rainycape-unidecode-devel
* Thu Mar 07 2019 Mark Goodwin <mgoodwin@redhat.com> 6.0.1-1
  - update to v6.0.1 upstream sources, tweak distro config, re-do patch
  - simplify make_webpack.sh script (Elliott Sales de Andrade)
  - vendor/github.com/go-ldap is now gone, so don't unbundle it
* Thu Mar 07 2019 Mark Goodwin <mgoodwin@redhat.com> 5.4.3-11
  - tweak after latest feedback, bump to 5.4.3-11 (BZ 1670656)
  - build debuginfo package again
  - unbundle BuildRequires for golang-github-hashicorp-version-devel
  - remove some unneeded development files
  - remove macros from changelog and other rpmlint tweaks
* Fri Feb 22 2019 Mark Goodwin <mgoodwin@redhat.com> 5.4.3-10
  - tweak spec for available and unavailable (bundled) golang packages
* Wed Feb 20 2019 Xavier Bachelot <xavier@bachelot.org> 5.4.3-9
  - Remove extraneous slash (cosmetic)
  - Create directories just before moving stuff in them
  - Truncate long lines
  - Group all golang stuff
  - Simplify BuildRequires/bundled Provides
  - Sort BuildRequires/bundled Provides
  - Fix bundled go packages Provides
* Fri Feb 15 2019 Mark Goodwin <mgoodwin@redhat.com> 5.4.3-8
  - add BuildRequires (and unbundle) vendor sources available in Fedora
  - declare Provides for remaining (bundled) vendor go sources
  - do not attempt to unbundle anything on RHEL < 7 or Fedora < 28
* Thu Feb 07 2019 Mark Goodwin <mgoodwin@redhat.com> 5.4.3-7
  - further refinement for spec doc section from Xavier Bachelot
  - disable debug_package to avoid empty debugsourcefiles.list
* Wed Feb 06 2019 Mark Goodwin <mgoodwin@redhat.com> 5.4.3-6
  - further refinement following review by Xavier Bachelot
* Tue Feb 05 2019 Mark Goodwin <mgoodwin@redhat.com> 5.4.3-5
  - further refinement following review by Xavier Bachelot
* Fri Feb 01 2019 Mark Goodwin <mgoodwin@redhat.com> 5.4.3-4
  - further spec updates after packaging review
  - reworked post-install scriplets
* Thu Jan 31 2019 Mark Goodwin <mgoodwin@redhat.com> 5.4.3-3
  - tweak FHS patch, update spec after packaging review
* Wed Jan 30 2019 Mark Goodwin <mgoodwin@redhat.com> 5.4.3-2
  - add patch to be standard FHS compliant, remove phantomjs
  - update to v5.4.3 upstream community sources
* Wed Jan 09 2019 Mark Goodwin <mgoodwin@redhat.com> 5.4.2-1
  - update to v5.4.2 upstream community sources
* Thu Oct 18 2018 Mark Goodwin <mgoodwin@redhat.com> 5.3.1-1
  - update to v5.3.1 upstream community sources
* Tue Oct 02 2018 Mark Goodwin <mgoodwin@redhat.com> 5.2.5-1
  - native RPM spec build with current tagged v5.2.5 sources

Files

/usr/share/doc/grafana-selinux
/usr/share/doc/grafana-selinux/grafana.fc
/usr/share/doc/grafana-selinux/grafana.if
/usr/share/doc/grafana-selinux/grafana.pp.mls
/usr/share/doc/grafana-selinux/grafana.pp.targeted
/usr/share/doc/grafana-selinux/grafana.te
/usr/share/selinux/mls/grafana.pp
/usr/share/selinux/targeted/grafana.pp


Generated by rpm2html 1.8.1

Fabrice Bellet, Fri Oct 25 08:25:14 2024