Summary: | <www-apps/grafana-bin-6.7.4: Incorrect access control vulnerability (CVE-2020-13379) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | trivial | CC: | ajak, patrick, whissi |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | ~3 [noglsa] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2020-06-03 14:24:23 UTC
Looks like we've had an update for a little while now: commit a0c47986f1782e15c851dc701a3c11cf1c0468cf Author: Tobias Klausmann <klausman@gentoo.org> Date: Thu Jun 4 10:34:50 2020 +0200 www-apps/grafana-bin: Bump to v6.7.4 This contains a security fix: https://grafana.com/blog/2020/06/03/grafana-6.7.4-and-7.0.2-released-with-important-security-fix/ Package-Manager: Portage-2.3.100, Repoman-2.3.22 Signed-off-by: Tobias Klausmann <klausman@gentoo.org> rename www-apps/grafana-bin/{grafana-bin-6.7.3.ebuild => grafana-bin-6.7.4.ebuild} (100%) *** Bug 726756 has been marked as a duplicate of this bug. *** The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=77439a6401a71baa4f5531618182b52947c13708 commit 77439a6401a71baa4f5531618182b52947c13708 Author: Thomas Deutschmann <whissi@gentoo.org> AuthorDate: 2020-08-20 00:02:59 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2020-08-20 00:03:13 +0000 www-apps/grafana-bin: bump to v7.1.3 Closes: https://bugs.gentoo.org/701238 Closes: https://bugs.gentoo.org/730336 Bug: https://bugs.gentoo.org/725110 Bug: https://bugs.gentoo.org/726946 Package-Manager: Portage-3.0.3, Repoman-3.0.0 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> www-apps/grafana-bin/grafana-bin-7.1.3.ebuild | 35 +++++++++++---------------- 1 file changed, 14 insertions(+), 21 deletions(-) Last vulnerable version appears to have been removed in the rename to 6.7.4. No stable versions, no GLSA, closing. |