Https://packages.altlinux.org/en/sisyphus/security/E35865A8C4C852E6ED3E0EEBD937DBDASecurity fix for the ALT Linux 10 package grafana version 6.7.3-alt1
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
May 15, 2020 Alexey Shabalin 6.7.3-alt1
- 6.7.3
- create grafana.db on first installation
- change permissions of /var/lib/grafana to 750 (Fixes: CVE-2020-12458)
- change permissions of /var/lib/grafana/grafana.db to 640 and
user/group grafana:grafana (CVE-2020-12458)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ALT Linux | 10 | src | grafana-8.5.20-alt1.src.rpm | < 6.7.3-alt1 | grafana-8.5.20-alt1.src.rpm |
| ALT Linux | 10 | x86_64 | grafana-8.5.20-alt1.x86_64.rpm | < 6.7.3-alt1 | grafana-8.5.20-alt1.x86_64.rpm |
| ALT Linux | 10 | i586 | grafana-8.5.20-alt1.i586.rpm | < 6.7.3-alt1 | grafana-8.5.20-alt1.i586.rpm |
| ALT Linux | 10 | aarch64 | grafana-8.5.20-alt1.aarch64.rpm | < 6.7.3-alt1 | grafana-8.5.20-alt1.aarch64.rpm |
| ALT Linux | 10 | armh | grafana-8.5.20-alt1.armh.rpm | < 6.7.3-alt1 | grafana-8.5.20-alt1.armh.rpm |
Related
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N