Revisions of grafana
Gayane Osipyan (gosipyan)
accepted
request 1001292
from
Darragh O'Reilly (doreilly)
(revision 18)
- Add CVE-2021-39226.patch (bsc#1191454, CVE-2021-39226) * snapshot authentication bypass
Jan Zerebecki (jzerebecki)
accepted
request 951640
from
Darragh O'Reilly (doreilly)
(revision 17)
- Add CVE-2021-43813.patch (bsc#1193688, CVE-2021-43813) * directory traversal vulnerability for .md files - Bump Go to 1.16 (bsc#1193597, CVE-2021-44716) * Fix Go net/http: limit growth of header canonicalization cache
Jeremy Moffitt (jeremy_moffitt)
accepted
request 885703
from
Johannes Grassler (jgrassler)
(revision 16)
- Add CVE-2021-27358.patch (bsc#1183803, CVE-2021-27358)
* Prevent unauthenticated remote attackers from causing a DoS through the
snapshots API.
Johannes Grassler (jgrassler)
accepted
request 850537
from
Jan Zerebecki (jzerebecki)
(revision 15)
- Fix bsc#1178243 CVE-2020-24303 by adding 25401-Fix-XSS-vulnerability-with-series-overrides.patch
Johannes Grassler (jgrassler)
accepted
request 823770
from
Johannes Grassler (jgrassler)
(revision 13)
- Add recompress source service
- Add go_modules source service to create vendor.tar.gz
containing 3rd party go modules.
- Adjust spec to work for Grafana-6.7.4
- Adjust Makefile to work for Grafana-6.7.4
- Remove CVE-2019-15043.patch (merged upstream)
- Remove CVE-2020-13379.patch (merged upstream)
- Remove 0001-CVE-2020-12052-bsc1170657-XSS-annotation-popup-vulnerability.patch
(merged upstream)
- Update to version 6.7.4 (bsc#1172450, CVE-2018-18623,
CVE-2018-18624, CVE-2018-18625, bsc#1174583, CVE-2020-11110)
* Only allow 32 hexadecimal digits for the avatar hash
* 6.7.3 cherry-picks (#23808)
* Fix CI for pushing a multi-architecture manifest (#23327)
* AzureMonitor: Fix Log Analytics and Application Insights
for Azure China (#21803) (#22753)
* Revert "grafana/data: PanelTypeChangedHandler API update
to use PanelModel instead of panel options object
[BREAKING] (#22754)"
* Bumped version
* Snapshots: Sanitize orignal url (#23254)
* Plugins: Expose promiseToDigest (#23249)
* Variables: Do not update variable from url when value is
the same (#23220)
* DashboardSave: Add new dashboard check (#23104)
* Fix: reverted back to `import * as module` instead of
using namespaces (#23069)
* BackendSrv: Adds config to response to fix external
plugins that use this (#23032)
* DataLinks: make sure we use the correct datapoint when
Flávio Ramalho (flaviosr)
committed
(revision 12)
Johannes Grassler (jgrassler)
accepted
request 817879
from
Flávio Ramalho (flaviosr)
(revision 11)
Fix patch file name
Johannes Grassler (jgrassler)
accepted
request 811854
from
Johannes Grassler (jgrassler)
(revision 10)
- Add CVE-2020-13379.patch * Security: fix unauthorized avatar proxying (bsc#1172409, CVE-2020-13379)
Jan Zerebecki (jzerebecki)
accepted
request 800128
from
Nanuk Krinner (nkrinner)
(revision 9)
- Add 0001-CVE-2020-12052-bsc1170657-XSS-annotation-popup-vulnerability.patch
* Security: Fix annotation popup XSS vulnerability
(bsc#1170657)
Jeremy Moffitt (jeremy_moffitt)
accepted
request 743593
from
Jeremy Moffitt (jeremy_moffitt)
(revision 8)
- Add CVE-2019-15043.patch (SOC-10357, CVE-2019-15043, bsc#1148383)
Dirk Mueller (dirkmueller)
accepted
request 734143
from
Ethan Apodaca (eapodaca)
(revision 7)
- Add CVE-2019-15043.patch (SOC-10357)
* Adds authentication to a few rest endpoints
see: https://github.com/grafana/grafana/compare/v5.4.4...v5.4.5
Jan Zerebecki (jzerebecki)
accepted
request 726280
from
Scott Grasley (sgrasley)
(revision 6)
Update Grafana to 6.2.5 recommended by CVE-2019-13068. Tested in Cloud9 deployment.
Dirk Mueller (dirkmueller)
committed
(revision 5)
- Update to version 5.3.3 (CVE-2018-19039, bsc#1115960) :
Dirk Mueller (dirkmueller)
committed
(revision 4)
Dirk Mueller (dirkmueller)
committed
(revision 3)
- Update to version 5.3.3 (CVE-2018-19039): * File Exfiltration vulnerability Security fix
Dirk Mueller (dirkmueller)
accepted
request 667599
from
Witek Bedyk (witekbedyk)
(revision 2)
- Provide default dashboard provider from upstream
- Update to version 5.3.2
* InfluxDB/Graphite/Postgres: Prevent cross site scripting (XSS) in query editor
* Postgres: Fix template variables error
* Cloudwatch: Fix service panic because of race conditions
* Cloudwatch: Fix check for invalid percentile statistics
* Stackdriver/Cloudwatch: Allow user to change unit in graph panel if cloudwatch/stackdriver datasource response doesn't include unit
* Stackdriver: stackdriver user-metrics duplicated response when multiple resource types
* Variables: Fix text box template variable doesn't work properly without a default value
* Variables: Fix variable dependency check when using ${var} format
* Dashboard: Fix kiosk=1 url parameter should put dashboard in kiosk mode
* LDAP: Fix super admins can also be admins of orgs
* Provisioning: Fix deleting provisioned dashboard folder should cleanup provisioning meta data
* Docker: adds curl back into the docker image for utility
- Update to version 5.3.1
* Render: Fix PhantomJS render of graph panel when legend displayed as table to the right
* Stackdriver: Filter option disappears after removing initial filter
* Elasticsearch: Fix no limit size in terms aggregation for alerting queries
* InfluxDB: Fix for annotation issue that caused text to be shown twice
* Variables: Fix nesting variables leads to exception and missing refresh
* Variables: Prometheus: Single letter labels are not supported
* Graph: Fix graph time formatting for Last 24h ranges
* Playlist: Fix cannot add dashboards with long names to playlist
* HTTP API: Fix /api/org/users so that query and limit querystrings works
- Update to version 5.3.0
* Stackdriver: Filter wildcards and regex matching are not yet supported
* Stackdriver: Support the distribution metric type for heatmaps
* Cloudwatch: Automatically set graph yaxis unit
- Update to version 5.3.0-beta3
Dirk Mueller (dirkmueller)
committed
(revision 1)
osc copypac from project:Cloud:OpenStack:Master package:grafana revision:4, using expand
Displaying all 18 revisions
