Bug 231020

Summary:

www/grafana4: Update to 4.6.4, fixes LDAP & OAuth login vulnerability (CVE-2018-558213)

Product:

Ports & Packages

Reporter:

Dmitri Goutnik <dmgk>

Component:

Individual Port(s)

Assignee:

Steve Wills <swills>

Status:

Closed FIXED

Severity:

Affects Only Me

Flags:

bugzilla: maintainer-feedback? (swills)

Priority:

---

Version:

Latest

Hardware:

Any

OS:

Any

URL:

https://github.com/grafana/grafana/releases/tag/v4.6.4

See Also:

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=231021

Attachments:

Description	Flags
grafana4-4.6.4.patch	dmgk: maintainer-approval?
vuxml-grafana4.patch	dmgk: maintainer-approval?

Description Dmitri Goutnik freebsd_committer

2018-08-30 13:12:49 UTC

Created attachment 196706 [details]
grafana4-4.6.4.patch

- Update 4.6.3 -> 4.6.4
- Add VuXML entry

Changelog: https://github.com/grafana/grafana/releases/tag/v4.6.4

QA:
  poudriere testport: OK (112a, 104i)

Comment 1 Dmitri Goutnik freebsd_committer

2018-08-30 13:13:12 UTC

Created attachment 196707 [details]
vuxml-grafana4.patch

Comment 2 commit-hook freebsd_committer

2018-08-31 23:48:43 UTC

A commit references this bug:

Author: swills
Date: Fri Aug 31 23:47:51 UTC 2018
New revision: 478626
URL: https://svnweb.freebsd.org/changeset/ports/478626

Log:
  Document grafana issues

  PR:		 231019
  PR:		 231020
  PR:		 231021
  PR:		 231022

Changes:
  head/security/vuxml/vuln.xml

Comment 3 commit-hook freebsd_committer

2018-09-01 00:00:00 UTC

A commit references this bug:

Author: swills
Date: Fri Aug 31 23:58:56 UTC 2018
New revision: 478635
URL: https://svnweb.freebsd.org/changeset/ports/478635

Log:
  www/grafana4: Update to 4.6.4

  PR:		231020
  Submitted by:	Dmitri Goutnik <dg@syrec.org>
  Security:	1f8d5806-ac51-11e8-9cb6-10c37b4ac2ea

Changes:
  head/www/grafana4/Makefile
  head/www/grafana4/distinfo

Comment 4 Steve Wills freebsd_committer

2018-09-01 00:00:18 UTC

Committed, thanks!