grafana security and enhancement update

[9.2.10-7]

• bump release number for rebuild with fixed gating.yaml file
  [9.2.10-6]
• resolve RHEL-12665
• resolve CVE-2023-39325 CVE-2023-44487 rapid stream resets can cause excessive work
• testing is turned off due to test failures caused by testing date mismatch
  [9.2.10-5]
• resolve CVE-2023-3128 grafana: account takeover possible when using Azure AD OAuth
  [9.2.10-3]
• bumps exporter-toolkit to v0.7.3, sanitize-url@npm to 6.0.2, skip problematic s390 tests, License AGPL-3.0-only.
  [9.2.10-2]
• Update to 9.2.10
  [9.2.10-1]
• Update to 9.2.10
  [9.0.9-2]
• resolve CVE-2022-39229 grafana: Using email as a username can prevent other users from signing in
• resolve CVE-2022-2880 CVE-2022-41715 grafana: various flaws
  [9.0.9-1]
• update to 9.0.9 tagged upstream community sources, see CHANGELOG
• resolve CVE-2022-35957 grafana: Escalation from admin to server admin when auth proxy is used (rhbz#2125530)
  [9.0.8-2]
• bump NVR
  [9.0.8-1]
• update to 9.0.8 tagged upstream community sources, see CHANGELOG
• do not list /usr/share/grafana/conf twice
• drop makefile in favor of create_bundles.sh script
• sync provides/obsoletes with CentOS versions
• drop husky patch
  [7.5.15-3]
• resolve CVE-2022-1962 golang: go/parser: stack exhaustion in all Parse* functions
• resolve CVE-2022-1705 golang: net/http: improper sanitization of Transfer-Encoding header
• resolve CVE-2022-32148 golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working
• resolve CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read
• resolve CVE-2022-30630 golang: io/fs: stack exhaustion in Glob
• resolve CVE-2022-30632 golang: path/filepath: stack exhaustion in Glob
• resolve CVE-2022-30635 golang: encoding/gob: stack exhaustion in Decoder.Decode
• resolve CVE-2022-28131 golang: encoding/xml: stack exhaustion in Decoder.Skip
• resolve CVE-2022-30633 golang: encoding/xml: stack exhaustion in Unmarshal
  [7.5.15-2]
• resolve CVE-2022-31107 grafana: OAuth account takeover
  [7.5.15-1]
• update to 7.5.15 tagged upstream community sources, see CHANGELOG
• resolve CVE-2022-21673 grafana: Forward OAuth Identity Token can allow users to access some data sources
• resolve CVE-2022-21702 grafana: XSS vulnerability in data source handling
• resolve CVE-2022-21703 grafana: CSRF vulnerability can lead to privilege escalation
• resolve CVE-2022-21713 grafana: IDOR vulnerability can lead to information disclosure
• resolve CVE-2021-23648 sanitize-url: XSS
• resolve CVE-2022-21698 prometheus/client_golang: Denial of service using InstrumentHandlerCounter
• declare Node.js dependencies of subpackages
• make vendor and webpack tarballs reproducible
  [7.5.11-3]
• use HMAC-SHA-256 instead of SHA-1 to generate password reset tokens
• update FIPS tests in check phase
  [7.5.11-2]
• resolve CVE-2021-44716 golang: net/http: limit growth of header canonicalization cache
• resolve CVE-2021-43813 grafana: directory traversal vulnerability for *.md files