grafana-10.2.6-17.el9_7

エラータID: AXSA:2025-11560:14

Release date: 
Friday, December 19, 2025 - 11:25
Subject: 
grafana-10.2.6-17.el9_7
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
Moderate
Description: 

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB.

Security Fix(es):

* golang: archive/tar: Unbounded allocation when parsing GNU sparse map (CVE-2025-58183)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2025-58183
tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions can cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a compressed source, a small compressed input can result in large allocations.

Solution: 

Update packages.

CVEs: 
CVE-2025-58183
tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions can cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a compressed source, a small compressed input can result in large allocations.
Additional Info: 

N/A

Download: 

SRPMS
  1. grafana-10.2.6-17.el9_7.src.rpm
    MD5: 7eb9fe17cd87b1c36d3d699dabab0500
    SHA-256: 8b7c5b2b8edc9290bb17db0fa77ceac3bd96fb9167dab6d0d86273bc87949f99
    Size: 335.91 MB

Asianux Server 9 for x86_64
  1. grafana-10.2.6-17.el9_7.x86_64.rpm
    MD5: 93ed05fc6c77b523cd390ba2fe966b14
    SHA-256: 08f21976dec0e3dd5f7ef5ddb475718e7507254616195904a9910cd5cfe5974a
    Size: 113.31 MB
  2. grafana-selinux-10.2.6-17.el9_7.x86_64.rpm
    MD5: a6e25a813d2d895fbeaa7ea7c547b981
    SHA-256: 031f089face0bc298dbb9f94b7feb2495905cfcd782a59c8703bf3f1d222338a
    Size: 24.92 kB