grafana-7.5.9-5.el8
エラータID: AXSA:2022-2889:01
Release date:
Wednesday, January 5, 2022 - 04:06
Subject:
grafana-7.5.9-5.el8
Affected Channels:
Asianux Server 8 for x86_64
Severity:
High
Description:
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB.
Security Fix(es):
* golang: net/[http:](http:) limit growth of header canonicalization cache (CVE-2021-44716)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2021-44716
net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.
Solution:
Update packages.
CVEs:
CVE-2021-44716
net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.
net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.
Additional Info:
N/A
Download:
SRPMS
- grafana-7.5.9-5.el8.src.rpm
MD5: 696844d3257611d4114e3a1fad527070
SHA-256: 7ff4867ae60229a5da4c300184944ab1d1a3819fa9e96b24e4090bcace99844d
Size: 121.93 MB
Asianux Server 8 for x86_64
- grafana-7.5.9-5.el8.x86_64.rpm
MD5: 83ba9efe956de6c99e32332294996b34
SHA-256: d6f76f22a0386e02ad7d1bea5c0acfabc122c0aa7c22e2e6e2b56b8d207edd4c
Size: 40.68 MB
日本語