grafana-pcp-3.2.0-3.el8

エラータID: AXSA:2023-6080:03

Release date: 
Tuesday, June 20, 2023 - 01:34
Subject: 
grafana-pcp-3.2.0-3.el8
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards.

Security Fix(es):

* golang: net/[http:](http:) handle server errors after sending GOAWAY (CVE-2022-27664)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2022-27664
In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.

Solution: 

Update packages.

CVEs: 
CVE-2022-27664
In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.
Additional Info: 

N/A

Download: 

SRPMS
  1. grafana-pcp-3.2.0-3.el8.src.rpm
    MD5: 40ae0282589affbae0e0c0e02f0d3f48
    SHA-256: fcf32b28d9df238fd32eaca5d54c4298a8bf6424e6f2858145f8261704f3df92
    Size: 50.46 MB

Asianux Server 8 for x86_64
  1. grafana-pcp-3.2.0-3.el8.x86_64.rpm
    MD5: 37db1960daa05a2d2af5882ea50b2c1e
    SHA-256: d40cdc317f318c74734bcae3f9f4801dc6068cf12551f86131d9e782c5c805f1
    Size: 9.60 MB