Wed, 04 Dec 2024 08:06:36 UTC | login

Information for build grafana-10.2.3-2.fc40

ID301750
Package Namegrafana
Version10.2.3
Release2.fc40
Epoch
Sourcegit+https://src.fedoraproject.org/rpms/grafana.git#d902d623451149aff1ddd34288217bc21465121f
SummaryMetrics dashboard and graph editor
DescriptionGrafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB.
Built bydavidlt
State failed
Volume DEFAULT
StartedSat, 23 Mar 2024 15:52:15 UTC
CompletedSat, 23 Mar 2024 16:50:48 UTC
Taskbuild (f40, /rpms/grafana.git:d902d623451149aff1ddd34288217bc21465121f)
Extra{'source': {'original_url': 'git+https://src.fedoraproject.org/rpms/grafana.git#d902d623451149aff1ddd34288217bc21465121f'}}
Tags No tags
RPMs No RPMs
Changelog * Wed Mar 13 2024 Sam Feifer <sfeifer@redhat.com> 10.2.3-2 - Fix grafana-cli issue introduced during rebase * Fri Mar 01 2024 Sam Feifer <sfeifer@redhat.com> 10.2.3-1 - Rebase to grafana 10 * Sun Feb 11 2024 Maxwell G <maxwell@gtmx.me> - 9.2.10-18 - Rebuild for golang 1.22.0 * Wed Jan 31 2024 Sam Feifer <sfeifer@redhat.com> 9.2.10-17 - Allows for postgreSQL datasource in selinux policy - grafana-cli wrapper script now allows for the gid to be 0 * Wed Jan 24 2024 Fedora Release Engineering <releng@fedoraproject.org> - 9.2.10-16 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Sat Jan 20 2024 Fedora Release Engineering <releng@fedoraproject.org> - 9.2.10-15 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Mon Dec 18 2023 Sam Feifer <sfeifer@redhat.com> 9.2.10-14 - Fixes postgresql AVC denials * Fri Dec 15 2023 Sam Feifer <sfeifer@redhat.com> 9.2.10-13 - Fixes coredump issue introduced by selinux - Patches out call to panic when trying to walk "/" directory * Thu Nov 30 2023 Sam Feifer <sfeifer@redhat.com> - 9.2.10-12 - Fix another set of AVC denials found testing only on some architectures * Mon Nov 20 2023 Sam Feifer <sfeifer@redhat.com> - 9.2.10-11 - Fix additional AVC denial found when testing on certain architectures * Wed Nov 15 2023 Sam Feifer <sfeifer@redhat.com> - 9.2.10-10 - Fix additional AVC denial found when testing * Wed Nov 15 2023 Sam Feifer <sfeifer@redhat.com> - 9.2.10-9 - Fix AVC denials found when testing - Stop commented out gotest macro from expanding * Thu Nov 09 2023 Sam Feifer <sfeifer@redhat.com> - 9.2.10-8 - Hide relabeling messages from selinux when installing/uninstalling * Wed Nov 08 2023 Sam Feifer <sfeifer@redhat.com> - 9.2.10-7 - Include the selinux policy in the main package rather than a separate package * Thu Oct 05 2023 Sam Feifer <sfeifer@redhat.com> - 9.2.10-6 - Added 0010-skip-tests - Resolves problematic tests when building * Thu Sep 28 2023 Sam Feifer <sfeifer@redhat.com> - 9.2.10-5 - Add SELinux policy for grafana * Sat Jul 22 2023 Carl George <carl@redhat.com> - 9.2.10-4 - resolve CVE-2023-3128 grafana: Remove Email Lookup from oauth integrations * Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 9.2.10-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Thu May 18 2023 Stan Cox <scox@redhat.com> 9.2.10-2 - Update to 9.2.10 * Mon May 15 2023 Stan Cox <scox@redhat.com> 9.2.10-1 - Update to 9.2.10 * Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 9.0.9-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Wed Sep 21 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 9.0.9-1 - update to 9.0.9 tagged upstream community sources, see CHANGELOG - resolve CVE-2022-35957 grafana: Escalation from admin to server admin when auth proxy is used (rhbz#2128565) * Thu Sep 15 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 9.0.8-1 - update to 9.0.8 tagged upstream community sources, see CHANGELOG - do not list /usr/share/grafana/conf twice - drop makefile in favor of create_bundles.sh script - sync provides/obsoletes with CentOS versions - drop husky patch * Wed Jul 27 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 9.0.5-1 - update to 9.0.5 tagged upstream community sources, see CHANGELOG (rhbz#2107413) - run integration tests in check phase - remove conditional around go-rpm-macros - resolve CVE-2022-31107 grafana: OAuth account takeover (rhbz#2107435) - resolve CVE-2022-31097 grafana: stored XSS vulnerability (rhbz#2107436) * Thu Jul 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 9.0.2-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Thu Jul 14 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 9.0.2-3 - fix quoting in grafana-cli wrapper script (rhbz#2107046) * Wed Jul 13 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 9.0.2-2 - use systemd-sysusers to create the Grafana user and group * Thu Jul 07 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 9.0.2-1 - update to 9.0.2 tagged upstream community sources, see CHANGELOG * Wed Jun 29 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 8.5.6-1 - update to 8.5.6 tagged upstream community sources, see CHANGELOG - updated license to AGPLv3 - place commented sample config file in /etc/grafana/grafana.ini - enable Go modules in build process - adapt Node.js bundling to yarn v3 and Zero Install feature * Sun Jun 19 2022 Robert-André Mauchin <zebob.m@gmail.com> - 7.5.15-3 - Rebuilt for CVE-2022-1996, CVE-2022-24675, CVE-2022-28327, CVE-2022-27191, CVE-2022-29526, CVE-2022-30629 * Mon Apr 11 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 7.5.15-2 - use clamp-mtime when generating the vendor and webpack tarballs, to preserve past timestamps but still keep reproducibility - round tarball mtime timestamp to midnight, to match SOURCE_DATE_EPOCH * Fri Apr 08 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 7.5.15-1 - update to 7.5.15 tagged upstream community sources, see CHANGELOG - resolve CVE-2022-21673 grafana: Forward OAuth Identity Token can allow users to access some data sources - resolve CVE-2022-21702 grafana: XSS vulnerability in data source handling - resolve CVE-2022-21703 grafana: CSRF vulnerability can lead to privilege escalation - resolve CVE-2022-21713 grafana: IDOR vulnerability can lead to information disclosure - resolve CVE-2021-23648 sanitize-url: XSS - resolve CVE-2022-21698 prometheus/client_golang: Denial of service using InstrumentHandlerCounter - declare Node.js dependencies of subpackages - make vendor and webpack tarballs reproducible