c01da721e6
* CVE-2022-31123 - Plugin signature bypass * CVE-2022-31130 - Data source and plugin proxy endpoints leaking authentication tokens to some destination plugins * CVE-2022-39201 - Data source and plugin proxy endpoints leaking authentication tokens to some destination plugins * CVE-2022-39229 - Improper authentication * CVE-2022-39306 - Privilege escalation * CVE-2022-39307 - Username enumeration * CVE-2022-39328 - Privilege escalation (Critical) https://grafana.com/blog/2022/10/12/grafana-security-releases-new-versions-with-fixes-for-cve-2022-39229-cve-2022-39201-cve-2022-31130-cve-2022-31123/ https://grafana.com/blog/2022/11/08/security-release-new-versions-of-grafana-with-critical-and-moderate-fixes-for-cve-2022-39328-cve-2022-39307-and-cve-2022-39306/ ChangeLog: https://github.com/grafana/grafana/releases/tag/v8.5.15 https://github.com/grafana/grafana/releases/tag/v9.2.2 https://github.com/grafana/grafana/releases/tag/v9.2.3 https://github.com/grafana/grafana/releases/tag/v9.2.4 PR: 267728 MFH: 2022Q4 Security: 0a80f159-629b-11ed-9ca2-6c3be5272acd 6eb6a442-629a-11ed-9ca2-6c3be5272acd db895ed0-6298-11ed-9ca2-6c3be5272acd 4e60d660-6298-11ed-9ca2-6c3be5272acd 6f6c9420-6297-11ed-9ca2-6c3be5272acd 6877e164-6296-11ed-9ca2-6c3be5272acd 909a80ba-6294-11ed-9ca2-6c3be5272acd |
||
|---|---|---|
| .. | ||
| files | ||
| distinfo | ||
| Makefile | ||
| Makefile.modules | ||
| pkg-descr | ||
| pkg-message | ||
| pkg-plist | ||