grafana-pcp security and bug fix update

2024-04-0514:56:07

Rockylinux Product Errata

errata.rockylinux.org

grafana-pcp

update

rocky linux

security fixes

bug fixes

cve-2024-1394

openssl

memory leaks

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.5

Confidence

High

EPSS

0.001

Percentile

30.8%

JSON

An update is available for grafana-pcp.
This update affects Rocky Linux 8.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards.

Security Fix(es):

golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads (CVE-2024-1394)

Bug Fix(es):

TRIAGE CVE-2024-1394 grafana-pcp: golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads (JIRA:Rocky Linux-30544)

OSVersionArchitecturePackageVersionFilename
rocky8aarch64grafana-pcp< 5.1.1-2.el8_9grafana-pcp-0:5.1.1-2.el8_9.aarch64.rpm
rocky8x86_64grafana-pcp< 5.1.1-2.el8_9grafana-pcp-0:5.1.1-2.el8_9.x86_64.rpm
rocky8aarch64grafana-pcp-debuginfo< 5.1.1-2.el8_9grafana-pcp-debuginfo-0:5.1.1-2.el8_9.aarch64.rpm
rocky8x86_64grafana-pcp-debuginfo< 5.1.1-2.el8_9grafana-pcp-debuginfo-0:5.1.1-2.el8_9.x86_64.rpm
rocky8aarch64grafana-pcp-debugsource< 5.1.1-2.el8_9grafana-pcp-debugsource-0:5.1.1-2.el8_9.aarch64.rpm
rocky8x86_64grafana-pcp-debugsource< 5.1.1-2.el8_9grafana-pcp-debugsource-0:5.1.1-2.el8_9.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
rocky	8	aarch64	grafana-pcp	< 5.1.1-2.el8_9	grafana-pcp-0:5.1.1-2.el8_9.aarch64.rpm
rocky	8	x86_64	grafana-pcp	< 5.1.1-2.el8_9	grafana-pcp-0:5.1.1-2.el8_9.x86_64.rpm
rocky	8	aarch64	grafana-pcp-debuginfo	< 5.1.1-2.el8_9	grafana-pcp-debuginfo-0:5.1.1-2.el8_9.aarch64.rpm
rocky	8	x86_64	grafana-pcp-debuginfo	< 5.1.1-2.el8_9	grafana-pcp-debuginfo-0:5.1.1-2.el8_9.x86_64.rpm
rocky	8	aarch64	grafana-pcp-debugsource	< 5.1.1-2.el8_9	grafana-pcp-debugsource-0:5.1.1-2.el8_9.aarch64.rpm
rocky	8	x86_64	grafana-pcp-debugsource	< 5.1.1-2.el8_9	grafana-pcp-debugsource-0:5.1.1-2.el8_9.x86_64.rpm