Created attachment 241773 [details] grafana8.patch Update to 8.5.24
Created attachment 241774 [details] grafana9.patch Update to 9.4.9
Created attachment 241775 [details] vuxml.patch vuxml: * CVE-2023-1387 - Exposure of sensitive information to an unauthorized actor ( https://grafana.com/blog/2023/04/26/grafana-security-release-new-versions-of-grafana-with-security-fixes-for-cve-2023-28119-and-cve-2023-1387/ ) * CVE-2023-24538 - Critical vulnerability in golang ( https://grafana.com/blog/2023/04/26/precautionary-patches-for-grafana-released-following-critical-go-vulnerability-cve-2023-24538/ )
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=c1e504d117b56f971b79e34901160a5dc128882f commit c1e504d117b56f971b79e34901160a5dc128882f Author: Boris Korzun <drtr0jan@yandex.ru> AuthorDate: 2023-04-27 07:49:23 +0000 Commit: Matthew Seaman <matthew@FreeBSD.org> CommitDate: 2023-04-27 07:49:23 +0000 security/vuxml: Document grafana{8,9} security vulnerabilities * CVE-2023-1387 * CVE-2023-24538 PR: 271086 Reported by: Boris Korzun security/vuxml/vuln/2023.xml | 82 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 82 insertions(+)
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=254b5056ef6b62f36901bbf7b7fb134b33e5e1b7 commit 254b5056ef6b62f36901bbf7b7fb134b33e5e1b7 Author: Boris Korzun <drtr0jan@yandex.ru> AuthorDate: 2023-04-27 08:50:21 +0000 Commit: Matthew Seaman <matthew@FreeBSD.org> CommitDate: 2023-04-27 09:57:45 +0000 www/grafana8: Security update to 8.5.24 Changes: https://github.com/grafana/grafana/releases PR: 271086 Reported by: Boris Korzun MFH: 2023Q2 Security: 0b85b1cd-e468-11ed-834b-6c3be5272acd Security: d2c6173f-e43b-11ed-a1d7-002590f2a714 www/grafana8/Makefile | 5 ++--- www/grafana8/Makefile.modules | 12 ++++++------ www/grafana8/distinfo | 34 +++++++++++++++++----------------- 3 files changed, 25 insertions(+), 26 deletions(-)
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=7adde687773f581312f1fdcc6227914c90c8cddb commit 7adde687773f581312f1fdcc6227914c90c8cddb Author: Boris Korzun <drtr0jan@yandex.ru> AuthorDate: 2023-04-27 09:53:25 +0000 Commit: Matthew Seaman <matthew@FreeBSD.org> CommitDate: 2023-04-27 09:57:46 +0000 www/grafana9: Security update to 9.4.9 Changes: https://github.com/grafana/grafana/releases/tag/v9.4.9 PR: 271086 Reported by: Boris Korzun MFH: 2023Q2 Security: 0b85b1cd-e468-11ed-834b-6c3be5272acd Security: 5e257b0d-e466-11ed-834b-6c3be5272acd www/grafana9/Makefile | 5 ++- www/grafana9/distinfo | 14 ++++---- www/grafana9/pkg-plist | 96 ++++++++++++++++++++++++++++---------------------- 3 files changed, 63 insertions(+), 52 deletions(-)
A commit in branch 2023Q2 references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=40a6b20c8e3e711df9dc68742d421fcc2fca4c42 commit 40a6b20c8e3e711df9dc68742d421fcc2fca4c42 Author: Boris Korzun <drtr0jan@yandex.ru> AuthorDate: 2023-04-27 09:53:25 +0000 Commit: Matthew Seaman <matthew@FreeBSD.org> CommitDate: 2023-04-27 10:00:38 +0000 www/grafana9: Security update to 9.4.9 Changes: https://github.com/grafana/grafana/releases/tag/v9.4.9 PR: 271086 Reported by: Boris Korzun MFH: 2023Q2 Security: 0b85b1cd-e468-11ed-834b-6c3be5272acd Security: 5e257b0d-e466-11ed-834b-6c3be5272acd (cherry picked from commit 7adde687773f581312f1fdcc6227914c90c8cddb) www/grafana9/Makefile | 5 ++- www/grafana9/distinfo | 14 ++++---- www/grafana9/pkg-plist | 96 ++++++++++++++++++++++++++++---------------------- 3 files changed, 63 insertions(+), 52 deletions(-)
A commit in branch 2023Q2 references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=8f6849aade54c17ab8df3d1a7f78b089c1a9f549 commit 8f6849aade54c17ab8df3d1a7f78b089c1a9f549 Author: Boris Korzun <drtr0jan@yandex.ru> AuthorDate: 2023-04-27 08:50:21 +0000 Commit: Matthew Seaman <matthew@FreeBSD.org> CommitDate: 2023-04-27 10:00:13 +0000 www/grafana8: Security update to 8.5.24 Changes: https://github.com/grafana/grafana/releases PR: 271086 Reported by: Boris Korzun MFH: 2023Q2 Security: 0b85b1cd-e468-11ed-834b-6c3be5272acd Security: d2c6173f-e43b-11ed-a1d7-002590f2a714 (cherry picked from commit 254b5056ef6b62f36901bbf7b7fb134b33e5e1b7) www/grafana8/Makefile | 5 ++--- www/grafana8/Makefile.modules | 12 ++++++------ www/grafana8/distinfo | 34 +++++++++++++++++----------------- 3 files changed, 25 insertions(+), 26 deletions(-)
Committed, thanks!