Linux Security
    Linux Security
    Linux Security

    openSUSE: 2020:1611-1: moderate: grafana

    Date 04 Oct 2020
    165
    Posted By LinuxSecurity Advisories
    An update that fixes four vulnerabilities is now available.
       openSUSE Security Update: Security update for grafana
    ______________________________________________________________________________
    
    Announcement ID:    openSUSE-SU-2020:1611-1
    Rating:             moderate
    References:         #1044444 #1044933 #1115960 #1170557 
    Cross-References:   CVE-2018-19039 CVE-2019-15043 CVE-2020-12245
                        CVE-2020-13379
    Affected Products:
                        openSUSE Backports SLE-15-SP1
    ______________________________________________________________________________
    
       An update that fixes four vulnerabilities is now available.
    
    Description:
    
       This update for grafana fixes the following issues:
    
       grafana was updated to version 7.1.5:
    
         * Features / Enhancements
    
           - Stats: Stop counting the same user multiple times.
           - Field overrides: Filter by field name using regex.
           - AzureMonitor: map more units.
           - Explore: Don't run queries on datasource change.
           - Graph: Support setting field unit & override data source (automatic)
             unit.
           - Explore: Unification of logs/metrics/traces user interface
           - Table: JSON Cell should try to convert strings to JSON
           - Variables: enables cancel for slow query variables queries.
           - TimeZone: unify the time zone pickers to one that can rule them all.
           - Search: support URL query params.
           - Grafana-UI: Add FileUpload.
           - TablePanel: Sort numbers correctly.
    
         * Bug fixes
    
           - Alerting: remove LongToWide call in alerting.
           - AzureMonitor: fix panic introduced in 7.1.4 when unit was
             unspecified and alias was used.
           - Variables: Fixes issue with All variable not being resolved.
           - Templating: Fixes so texts show in picker not the values.
           - Templating: Templating: Fix undefined result when using raw
             interpolation format
           - TextPanel: Fix content overflowing panel boundaries.
           - StatPanel: Fix stat panel display name not showing when explicitly
             set.
           - Query history: Fix search filtering if null value.
           - Flux: Ensure connections to InfluxDB are closed.
           - Dashboard: Fix for viewer can enter panel edit mode by modifying url
             (but cannot not save anything).
           - Prometheus: Fix prom links in mixed mode.
           - Sign In Use correct url for the Sign In button.
           - StatPanel: Fixes issue with name showing for single series / field
             results
           - BarGauge: Fix space bug in single series mode.
           - Auth: Fix POST request failures with anonymous access
           - Templating: Fix recursive loop of template variable queries when
             changing ad-hoc-variable
           - Templating: Fixed recursive queries triggered when switching
             dashboard settings view
           - GraphPanel: Fix annotations overflowing panels.
           - Prometheus: Fix performance issue in processing of histogram labels.
           - Datasources: Handle URL parsing error.
           - Security: Use Header.Set and Header.Del for X-Grafana-User header.
    
    
    Patch Instructions:
    
       To install this openSUSE Security Update use the SUSE recommended installation methods
       like YaST online_update or "zypper patch".
    
       Alternatively you can run the command listed for your product:
    
       - openSUSE Backports SLE-15-SP1:
    
          zypper in -t patch openSUSE-2020-1611=1
    
    
    
    Package List:
    
       - openSUSE Backports SLE-15-SP1 (aarch64 ppc64le s390x x86_64):
    
          grafana-7.1.5-bp151.2.1
    
    
    References:
    
       https://www.suse.com/security/cve/CVE-2018-19039.html
       https://www.suse.com/security/cve/CVE-2019-15043.html
       https://www.suse.com/security/cve/CVE-2020-12245.html
       https://www.suse.com/security/cve/CVE-2020-13379.html
       https://bugzilla.suse.com/1044444
       https://bugzilla.suse.com/1044933
       https://bugzilla.suse.com/1115960
       https://bugzilla.suse.com/1170557
    
    -- 
    

    LinuxSecurity Poll

    How long have you been using Linux?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 4 answer(s).
    /main-polls/46-how-long-have-you-been-using-linux?task=poll.vote&format=json
    46
    radio
    [{"id":"160","title":"Just made the switch!","votes":"3","type":"x","order":"1","pct":30,"resources":[]},{"id":"161","title":"1-5 years","votes":"1","type":"x","order":"2","pct":10,"resources":[]},{"id":"162","title":"6-10 years","votes":"0","type":"x","order":"3","pct":0,"resources":[]},{"id":"163","title":">10 years - I'm a veteran!","votes":"6","type":"x","order":"4","pct":60,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.