grafana-pcp-5.1.1-11.el8_10

エラータID: AXSA:2026-104:01

Release date: 
Friday, January 30, 2026 - 17:08
Subject: 
grafana-pcp-5.1.1-11.el8_10
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards.

Security Fix(es):

* crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2025-61729
Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.

Solution: 

Update packages.

CVEs: 
CVE-2025-61729
Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.
Additional Info: 

N/A

Download: 

SRPMS
  1. grafana-pcp-5.1.1-11.el8_10.src.rpm
    MD5: 4648a6bd81156074b92f0be63264dcb9
    SHA-256: 51ba53bb16f66747045bda92a5611eef53bae8b2d214aa9a5cc52fecb98414b4
    Size: 59.22 MB

Asianux Server 8 for x86_64
  1. grafana-pcp-5.1.1-11.el8_10.x86_64.rpm
    MD5: a7e1666ba63ba407ad27a6469170d21f
    SHA-256: 323e307b14b96ffb2abbe67d5f45ef8d6831591a4415359b4628c385de9d478d
    Size: 11.22 MB