Date: Wed, 01 Mar 2023 19:13:30 +0000
From: bugzilla-noreply@freebsd.org
To: ports-bugs@FreeBSD.org
Subject: [Bug 269903] www/grafana{8,9}: Update to 8.5.21 and 9.3.8 (Fixes security vulnerabilities)
Message-ID: <bug-269903-7788-9dn6qnXMtw@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-269903-7788@https.bugs.freebsd.org/bugzilla/>
References: <bug-269903-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D269903 Boris Korzun <drtr0jan@yandex.ru> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |ports-secteam@FreeBSD.org Attachment #240517| |maintainer-approval?(ports- Flags| |secteam@FreeBSD.org) --- Comment #2 from Boris Korzun <drtr0jan@yandex.ru> --- Created attachment 240517 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D240517&action= =3Dedit vuxml.patch vuxml: * CVE-2023-0507 - Stored XSS in geomap panel plugin via attribution (High) * CVE-2023-0594 - Stored XSS in TraceView panel (High) * CVE-2023-22462 - Stored XSS in text panel plugin https://grafana.com/blog/2023/02/28/grafana-security-release-new-versions-w= ith-security-fixes-for-cve-2023-0594-cve-2023-0507-and-cve-2023-22462/ --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-269903-7788-9dn6qnXMtw>