grafana-pcp-5.1.1-11.el9_6

エラータID: AXSA:2025-10537:03

Release date: 
Tuesday, July 22, 2025 - 16:14
Subject: 
grafana-pcp-5.1.1-11.el9_6
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
Moderate
Description: 

The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards.

Security Fix(es):

* net/[http:](http:) Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2025-22871
The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.

Solution: 

Update packages.

CVEs: 
CVE-2025-22871
The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.
Additional Info: 

N/A

Download: 

SRPMS
  1. grafana-pcp-5.1.1-11.el9_6.src.rpm
    MD5: d8bf9ab10099702a4a79bf2eff376622
    SHA-256: bda1ebe63f309ed1a06b58fedf1a6ee9ffcb85cbb57f49d40c1875c2047f524a
    Size: 59.21 MB

Asianux Server 9 for x86_64
  1. grafana-pcp-5.1.1-11.el9_6.x86_64.rpm
    MD5: 9c9e47a930ab3095012c69636f9af73f
    SHA-256: 2cc725a84689a7399b4ee6fa4c3e272d3c2b2d9e32c212cfc7b12f97ff54bc43
    Size: 10.52 MB