grafana-9.2.10-25.el8_10
エラータID: AXSA:2025-10021:06
Release date:
Monday, June 16, 2025 - 21:05
Subject:
grafana-9.2.10-25.el8_10
Affected Channels:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
Grafana is an open source, feature rich metrics dashboard and graph editor for
Graphite, InfluxDB & OpenTSDB.
Security Fix(es):
net/http: Request smuggling due to acceptance of invalid chunked data in
net/http (CVE-2025-22871)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.
CVE(s):
CVE-2025-22871
Solution:
Update packages.
CVEs:
CVE-2025-22871
The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.
The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.
Additional Info:
N/A
Download:
SRPMS
- grafana-9.2.10-25.el8_10.src.rpm
MD5: e48b09986cfa826a8fc39006bca7ea11
SHA-256: 2401a5ad67be27cb860df4b0b4f6520323566ee43ebe943d38d4d4874fc06034
Size: 327.50 MB
Asianux Server 8 for x86_64
- grafana-9.2.10-25.el8_10.x86_64.rpm
MD5: 1d91e42e39b5adad55fc55adac7277a0
SHA-256: aa30f5f1ae08af9afa0f47457c90997a1ef40a6740ef524d55b34bb28d7f9e15
Size: 76.30 MB - grafana-selinux-9.2.10-25.el8_10.x86_64.rpm
MD5: 94490ced6a3e49a911d923b8efa67481
SHA-256: d7ba76261f5985faa213578d5b100b60658f6738213c77c20ea585ac490ab2c6
Size: 34.89 kB
日本語