Bug 51711 - Для закрытия CVE-2023-6152 необходимо обновить пакет
Summary: Для закрытия CVE-2023-6152 необходимо обновить пакет
Status: CLOSED FIXED
Alias: None
Product: Sisyphus
Classification: Development
Component: grafana (show other bugs)
Version: unstable
Hardware: x86_64 Linux
: P5 normal
Assignee: Alexey Shabalin
QA Contact: qa-sisyphus
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2024-10-13 13:49 MSK by FelixZ
Modified: 2024-11-07 13:49 MSK (History)
2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description FelixZ 2024-10-13 13:49:25 MSK 
Для закрытия уязвимости CVE-2023-6152, прошу обновить пакет в репозитории до версии 10.2.4.
https://grafana.com/security/security-advisories/cve-2023-6152/
https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f
Comment 1 FelixZ 2024-11-07 13:49:19 MSK 
grafana 11.2.2-alt2 уже в репозитории, уязвимость не актуальна.