Rocky Linux: RLSA-2024:1644 grafana-pcp security and bug fix update
Summary
An update is available for grafana-pcp. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fix(es): * golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads (CVE-2024-1394) Bug Fix(es): * TRIAGE CVE-2024-1394 grafana-pcp: golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads (JIRA:Rocky Linux-30544)
RPMs
grafana-pcp-0:5.1.1-2.el8_9.aarch64.rpm
grafana-pcp-0:5.1.1-2.el8_9.src.rpm
grafana-pcp-0:5.1.1-2.el8_9.x86_64.rpm
grafana-pcp-debuginfo-0:5.1.1-2.el8_9.aarch64.rpm
grafana-pcp-debuginfo-0:5.1.1-2.el8_9.x86_64.rpm
grafana-pcp-debugsource-0:5.1.1-2.el8_9.aarch64.rpm
grafana-pcp-debugsource-0:5.1.1-2.el8_9.x86_64.rpm
References
No References
CVEs
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394
Fixes
https://bugzilla.redhat.com/show_bug.cgi?id=2262921