[Bug 264082] www/grafana{7,8}: Update to 8.5.3 and 7.5.16 (Fixes security vulnerability)

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 264082] www/grafana7: Update to 7.5.16 (Fixes moderate security vulnerability)"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Wed, 25 May 2022 01:03:59 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=264082

--- Comment #4 from Kubilay Kocak <koobs@FreeBSD.org> ---
(In reply to Xander from comment #3)
(In reply to Boris Korzun from comment #2)

Thank you for the detail, so to be explicit and clarify:

- The OSS versions did not receive any security related changes to their
codebases?
- The inclusion of "Fixes CVE-2022-29170" in the OSS version release notes is
incorrect?

In particular, can we point to any commit logs and/or issues for CVE-2022-29170
so we have details of the branches they were applied to, or the absence of said
merges to OSS branches?

-- 
You are receiving this mail because:
You are the assignee for the bug.