[Bug 269903] www/grafana{8,9}: Update to 8.5.21 and 9.3.8 (Fixes security vulnerabilities)
Date: Wed, 01 Mar 2023 19:13:30 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=269903 Boris Korzun <drtr0jan@yandex.ru> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |ports-secteam@FreeBSD.org Attachment #240517| |maintainer-approval?(ports- Flags| |secteam@FreeBSD.org) --- Comment #2 from Boris Korzun <drtr0jan@yandex.ru> --- Created attachment 240517 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=240517&action=edit vuxml.patch vuxml: * CVE-2023-0507 - Stored XSS in geomap panel plugin via attribution (High) * CVE-2023-0594 - Stored XSS in TraceView panel (High) * CVE-2023-22462 - Stored XSS in text panel plugin https://grafana.com/blog/2023/02/28/grafana-security-release-new-versions-with-security-fixes-for-cve-2023-0594-cve-2023-0507-and-cve-2023-22462/ -- You are receiving this mail because: You are the assignee for the bug.