grafana-selinux-10.2.6-2.el9 RPM for aarch64

From CentOS Stream 9 AppStream for aarch64

SELinux policy module supporting grafana

Provides

• grafana-selinux
• grafana-selinux(aarch-64)

Requires

• /bin/sh
• /bin/sh
• /sbin/fixfiles
• /sbin/fixfiles
• /sbin/restorecon
• /sbin/restorecon
• /sbin/service
• /usr/sbin/semanage
• /usr/sbin/semanage
• /usr/sbin/semodule
• /usr/sbin/semodule
• grafana = 10.2.6-2.el9
• grafana = 10.2.6-2.el9
• grafana = 10.2.6-2.el9
• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsZstd) <= 5.4.18-1
• selinux-policy >= 38.1.36-1.el9
• selinux-policy-targeted

License

AGPL-3.0-only

Changelog

* Fri May 03 2024 Sam Feifer <sfeifer@redhat.com> 10.2.6-2
  - Fixes patch 1002 for update to golang-fips
  - Remove unused code under apsl-1.1 and apsl-1.2 licenses
  - Resolves RHEL-33655
* Tue Apr 02 2024 Sam Feifer <sfeifer@redhat.com> 10.2.6-1
  - Rebase to grafana 10.2.6
* Wed Jan 31 2024 Sam Feifer <sfeifer@redhat.com> 9.2.10-15
  - Resolves RHEL-23468
  - Allows for gid to be 0
  - Allows for postgreSQL datasource in selinux policy
* Tue Dec 19 2023 Sam Feifer <sfeifer@redhat.com> 9.2.10-14
  - Fixes postgresql AVC denial
  - Related RHEL-7505
* Thu Dec 14 2023 Sam Feifer <sfeifer@redhat.com> 9.2.10-13
  - Resolves RHEL-19296
  - Fixes coredump issue introduced by selinux
  - Patches out call to panic when trying to walk "/" directory
* Thu Nov 30 2023 Sam Feifer <sfeifer@redhat.com> 9.2.10-12
  - Resolves RHEL-7505
  - Fixes additional selinux denials found when testing on certain architectures
* Tue Nov 21 2023 Sam Feifer <sfeifer@redhat.com> 9.2.10-11
  - Resolves RHEL-7505
  - Fixes selinux denials found when testing on certain architectures
* Wed Nov 15 2023 Sam Feifer <sfeifer@redhat.com> 9.2.10-10
  - Resolves RHEL-7505
  - Adds a selinux policy for grafana
  - Resolves RHEL-12666
  - fix CVE-2023-39325 CVE-2023-44487 rapid stream resets can cause excessive work
* Thu Jul 20 2023 Stan Cox <scox@redhat.com> 9.2.10-5
  - resolve CVE-2023-3128 grafana: account takeover possible when using Azure AD OAuth
* Thu Jun 08 2023 Stan Cox <scox@redhat.com> 9.2.10-3
  - bumps exporter-toolkit to v0.7.3, sanitize-url@npm to 6.0.2, skip problematic s390 tests, License AGPL-3.0-only.
* Mon May 15 2023 Stan Cox <scox@redhat.com> 9.2.10-2
  - Update to 9.2.10
* Thu May 04 2023 Stan Cox <scox@redhat.com> 9.2.10-1
  - Update to 9.2.10
* Tue Nov 01 2022 Stan Cox <scox@redhat.com> 9.0.9-2
  - resolve CVE-2022-39229 grafana: Using email as a username can prevent other users from signing in
  - resolve CVE-2022-2880 CVE-2022-41715 grafana: various flaws
* Wed Sep 21 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 9.0.9-1
  - update to 9.0.9 tagged upstream community sources, see CHANGELOG
  - resolve CVE-2022-35957 grafana: Escalation from admin to server admin when auth proxy is used (rhbz#2125530)
* Tue Sep 20 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 9.0.8-2
  - bump NVR
* Thu Sep 15 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 9.0.8-1
  - update to 9.0.8 tagged upstream community sources, see CHANGELOG
  - do not list /usr/share/grafana/conf twice
  - drop makefile in favor of create_bundles.sh script
  - sync provides/obsoletes with CentOS versions
  - drop husky patch
* Thu Aug 11 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 7.5.15-3
  - resolve CVE-2022-1962 golang: go/parser: stack exhaustion in all Parse* functions
  - resolve CVE-2022-1705 golang: net/http: improper sanitization of Transfer-Encoding header
  - resolve CVE-2022-32148 golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working
  - resolve CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read
  - resolve CVE-2022-30630 golang: io/fs: stack exhaustion in Glob
  - resolve CVE-2022-30632 golang: path/filepath: stack exhaustion in Glob
  - resolve CVE-2022-30635 golang: encoding/gob: stack exhaustion in Decoder.Decode
  - resolve CVE-2022-28131 golang: encoding/xml: stack exhaustion in Decoder.Skip
  - resolve CVE-2022-30633 golang: encoding/xml: stack exhaustion in Unmarshal
* Tue Jul 26 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 7.5.15-2
  - resolve CVE-2022-31107 grafana: OAuth account takeover

Files

/usr/share/doc/grafana-selinux
/usr/share/doc/grafana-selinux/grafana.fc
/usr/share/doc/grafana-selinux/grafana.if
/usr/share/doc/grafana-selinux/grafana.pp.mls
/usr/share/doc/grafana-selinux/grafana.pp.targeted
/usr/share/doc/grafana-selinux/grafana.te
/usr/share/selinux/mls/grafana.pp
/usr/share/selinux/targeted/grafana.pp

Generated by rpm2html 1.8.1

Fabrice Bellet, Wed Nov 13 07:24:57 2024