Bug 260358
| Summary: | www/grafana8: Update to 8.3.2 (Fixes moderate severity vulnerabilities) | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Product: | Ports & Packages | Reporter: | Boris Korzun <drtr0jan> | ||||||||
| Component: | Individual Port(s) | Assignee: | Matthew Seaman <matthew> | ||||||||
| Status: | Closed FIXED | ||||||||||
| Severity: | Affects Some People | CC: | bj.rn, freebsd.org, hybris, matthew, mitja.podlogar | ||||||||
| Priority: | --- | Keywords: | security | ||||||||
| Version: | Latest | ||||||||||
| Hardware: | Any | ||||||||||
| OS: | Any | ||||||||||
| URL: | https://grafana.com/docs/grafana/latest/whatsnew/whats-new-in-v8-3/ | ||||||||||
| Bug Depends on: | |||||||||||
| Bug Blocks: | 260575 | ||||||||||
| Attachments: |
|
||||||||||
|
Description
Boris Korzun
2021-12-12 12:24:41 UTC
Created attachment 230056 [details]
vuxml.diff
Created attachment 230121 [details] grafana8.diff Updated to 8.3.3 Changelog: https://github.com/grafana/grafana/releases/tag/v8.3.3 Also fixed the bug #260401. A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=352b384cbd92272646c25e2583296770d8222dca commit 352b384cbd92272646c25e2583296770d8222dca Author: Matthew Seaman <matthew@FreeBSD.org> AuthorDate: 2021-12-18 20:04:51 +0000 Commit: Matthew Seaman <matthew@FreeBSD.org> CommitDate: 2021-12-18 20:11:38 +0000 www/grafana8: update to 8.3.3 Update to 8.3.2 with moderate severity security fix ( https://grafana.com/blog/2021/12/10/grafana-8.3.2-and-7.5.12-released-with-moderate-severity-security-fix/ ) ChangeLog: https://github.com/grafana/grafana/releases/tag/v8.3.2 Update to 8.3.3 Changelog: https://github.com/grafana/grafana/releases/tag/v8.3.3 PR: 260401, 260358 Reported by: Boris Korzun (maintainer), ohauer Security: c2a7de31-5b42-11ec-8398-6c3be5272acd Security: a994ff7d-5b3f-11ec-8398-6c3be5272acd www/grafana8/Makefile | 8 +- www/grafana8/Makefile.modules | 141 +++--- www/grafana8/distinfo | 230 +++++----- www/grafana8/pkg-plist | 1000 +++++++++++++++++++++++++---------------- 4 files changed, 827 insertions(+), 552 deletions(-) A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=adfdbdd18320ecb5d02a5480e4bdc84af9093479 commit adfdbdd18320ecb5d02a5480e4bdc84af9093479 Author: Matthew Seaman <matthew@FreeBSD.org> AuthorDate: 2021-12-18 14:13:53 +0000 Commit: Matthew Seaman <matthew@FreeBSD.org> CommitDate: 2021-12-18 20:11:37 +0000 security/vuxml: add two grafana security advisories Moderate severity directory traversal vulnerabilities for .csv (CVE-2021-43815) and .md (CVE-2021-43813) files. PR: 260358, 260401 Reported by: Boris Kozun (maintainer), ohauer security/vuxml/vuln-2021.xml | 68 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 68 insertions(+) Committed, thanks! A commit in branch 2021Q4 references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=36698615c55e8ae0b496febfd34f73b8e22ab079 commit 36698615c55e8ae0b496febfd34f73b8e22ab079 Author: Matthew Seaman <matthew@FreeBSD.org> AuthorDate: 2021-12-18 20:04:51 +0000 Commit: Matthew Seaman <matthew@FreeBSD.org> CommitDate: 2021-12-19 23:55:51 +0000 www/grafana8: update to 8.3.3 Update to 8.3.2 with moderate severity security fix ( https://grafana.com/blog/2021/12/10/grafana-8.3.2-and-7.5.12-released-with-moderate-severity-security-fix/ ) ChangeLog: https://github.com/grafana/grafana/releases/tag/v8.3.2 Update to 8.3.3 Changelog: https://github.com/grafana/grafana/releases/tag/v8.3.3 PR: 260401, 260358 Reported by: Boris Korzun (maintainer), ohauer Security: c2a7de31-5b42-11ec-8398-6c3be5272acd Security: a994ff7d-5b3f-11ec-8398-6c3be5272acd (cherry picked from commit 352b384cbd92272646c25e2583296770d8222dca) www/grafana8/Makefile | 8 +- www/grafana8/Makefile.modules | 141 +++--- www/grafana8/distinfo | 230 +++++----- www/grafana8/pkg-plist | 1000 +++++++++++++++++++++++++---------------- 4 files changed, 827 insertions(+), 552 deletions(-) |
