[Bug 271086] www/grafana{8,9}: Update to 8.5.24 and 9.4.9 (Fixes security vulnerability)

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 271086] www/grafana{8,9}: Update to 8.5.24 and 9.4.9 (Fixes security vulnerability)"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Wed, 26 Apr 2023 20:23:25 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=271086

Boris Korzun <drtr0jan@yandex.ru> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |ports-secteam@FreeBSD.org
 Attachment #241775|                            |maintainer-approval?(ports-
              Flags|                            |secteam@FreeBSD.org)

--- Comment #2 from Boris Korzun <drtr0jan@yandex.ru> ---
Created attachment 241775
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=241775&action=edit
vuxml.patch

vuxml:
* CVE-2023-1387 - Exposure of sensitive information to an unauthorized actor (
https://grafana.com/blog/2023/04/26/grafana-security-release-new-versions-of-grafana-with-security-fixes-for-cve-2023-28119-and-cve-2023-1387/
)
* CVE-2023-24538 - Critical vulnerability in golang (
https://grafana.com/blog/2023/04/26/precautionary-patches-for-grafana-released-following-critical-go-vulnerability-cve-2023-24538/
)

-- 
You are receiving this mail because:
You are the assignee for the bug.