From nobody Thu Apr 27 07:51:58 2023 X-Original-To: dev-commits-ports-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Q6ScZ5nLgz46Wlc; Thu, 27 Apr 2023 07:51:58 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Q6ScZ5KZvz4YDS; Thu, 27 Apr 2023 07:51:58 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1682581918; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=JDt2byGHrwICu0dcriVHqYgiUQvm6pw5PtlwAdFdEME=; b=Pk1uloioAGw/f1rHOK4uPgpDVoEvTotht4X9oIOcVepSkyIrzodJAowsb55NP1e/WoIuS6 GdHOmSWR+i/BR3H0FZI3QLgYeYSH2B+yZZjNY1tWhSlwXFxYCpLWrCqPsR3rBevcGW8jlh 6yziBkJU2E/skN5nYqDqGzHNJYwbqkEJXw71ocwgJXgmv09K88ZN7SLGMObAax1Iq14f+U sncqiGGxYJJEAXNeTlXvUJHjuKg/As+PVv0Nf5k2IaxWMEtcdDCSxK55vTBdczZCEU88tW zfmKoyMTyFoUR+fJwU8qGQh/mLC6r8ZAwBdiJlIgR2rA7+q6eIUQGXpNaVRI6g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1682581918; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=JDt2byGHrwICu0dcriVHqYgiUQvm6pw5PtlwAdFdEME=; b=NCp9cEJQCZErYhLlKcTT5dRvGZx36TsL54dZEoeW8UEtduCJR2l8CXJQ3k7JaDelOns+9f HH9Bby99ueyRIUdCQx3T8F2o0EPZZsutitZEbRJrsSRruakfiugZlWlnYhScQUamWMMycz 2bczUSbJl02thDIM1KRConA6Yz4DIkedBUeTuhW+vPq93SvsLFrDpoOC6ZfVvqgGGQIyXk yIev3q+1/xgsNigvN2Wp5uKCe3M5taJVsXzpAbSWEj0os/yLZpvUuh2Jna6w2rUrcd1lIb Gj1g2CGZ1eMJy+ihNjyaVLwo02vrfaPdFwRYOCT/f8pONzytumhYcKEYwXDmfA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1682581918; a=rsa-sha256; cv=none; b=qc2sFhKTm1EynmdKijFFfumEJM0kGffXwcNucb0unhbfZNVY56lzHe73APD4uSSPj0l0m1 eSNa92NS2ChxlCr2MXuQHy3mvTHhxgVbuGij2jfnM7oA7ddZPL2CRIw2jbTa5e/b3LDp/X 3rYFKM4oFpoy0L8dbPSkmD7Pjm6Su7B9PcCE2ScE1Z39nTR/NOcGBJvZDFbCalQDxv+kkY g3AnEYnUAh4/SyJfCEKWUjFjv1R5y6So2P7NPewkwFoXY4od4VkxrU1OqLEw55vks6b5ZZ n7HXGbcWSHIMsEzvEPhfIxl6m3RmCsZddNr4bIDKXjPkPrNF2OsHs8J/Lqnfeg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Q6ScZ4Nxrz17nB; Thu, 27 Apr 2023 07:51:58 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 33R7pwqH029585; Thu, 27 Apr 2023 07:51:58 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 33R7pwoS029584; Thu, 27 Apr 2023 07:51:58 GMT (envelope-from git) Date: Thu, 27 Apr 2023 07:51:58 GMT Message-Id: <202304270751.33R7pwoS029584@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Matthew Seaman Subject: git: c1e504d117b5 - main - security/vuxml: Document grafana{8,9} security vulnerabilities List-Id: Commits to the main branch of the FreeBSD ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-main@freebsd.org X-BeenThere: dev-commits-ports-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: matthew X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: c1e504d117b56f971b79e34901160a5dc128882f Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by matthew: URL: https://cgit.FreeBSD.org/ports/commit/?id=c1e504d117b56f971b79e34901160a5dc128882f commit c1e504d117b56f971b79e34901160a5dc128882f Author: Boris Korzun AuthorDate: 2023-04-27 07:49:23 +0000 Commit: Matthew Seaman CommitDate: 2023-04-27 07:49:23 +0000 security/vuxml: Document grafana{8,9} security vulnerabilities * CVE-2023-1387 * CVE-2023-24538 PR: 271086 Reported by: Boris Korzun --- security/vuxml/vuln/2023.xml | 82 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 82 insertions(+) diff --git a/security/vuxml/vuln/2023.xml b/security/vuxml/vuln/2023.xml index 5f6575818edf..22cd64fddd51 100644 --- a/security/vuxml/vuln/2023.xml +++ b/security/vuxml/vuln/2023.xml @@ -38,6 +38,88 @@ + + Grafana -- Critical vulnerability in golang + + + grafana + 8.5.24 + 9.0.09.2.17 + 9.3.09.3.13 + 9.4.09.4.9 + + + grafana8 + 8.5.24 + + + grafana9 + 9.2.17 + 9.3.09.3.13 + 9.4.09.4.9 + + + + +

Grafana Labs reports:

+
+

An issue in how go handles backticks (`) with Javascript can lead to + an injection of arbitrary code into go templates. While Grafana Labs software + contains potentially vulnerable versions of go, we have not identified any + exploitable use cases at this time.

+

The CVSS score for this vulnerability is 0.0 (adjusted), 9.8 (base).

+
+ +
+ + CVE-2023-24538 + https://grafana.com/blog/2023/04/26/precautionary-patches-for-grafana-released-following-critical-go-vulnerability-cve-2023-24538/ + + + 2023-04-19 + 2023-04-26 + +
+ + + Grafana -- Exposure of sensitive information to an unauthorized actor + + + grafana + grafana9 + 9.1.09.2.17 + 9.3.09.3.13 + 9.4.09.4.9 + + + + +

Grafana Labs reports:

+
+

When setting up Grafana, there is an option to enable + + JWT authentication. Enabling this will allow users to authenticate towards + the Grafana instance with a special header (default X-JWT-Assertion + ).

+

In Grafana, there is an additional way to authenticate using JWT called + + URL login where the token is passed as a query parameter.

+

When using this option, a JWT token is passed to the data source as a header, + which leads to exposure of sensitive information to an unauthorized party.

+

The CVSS score for this vulnerability is 4.2 Medium

+
+ +
+ + CVE-2023-1387 + https://grafana.com/security/security-advisories/cve-2023-1387/ + + + 2023-04-26 + 2023-04-26 + +
+ element-web -- matrix-react-sdk vulnerable to HTML injection in search results via plaintext message highlighting