rpms/grafana-pcp
7
0
Fork 0
Code Issues Pull Requests Releases Activity

rebuild to fix various Golang CVEs

Browse Source 
Resolves: #2111753
This commit is contained in:
Andreas Gerstmayr 2022-08-10 16:06:02 +02:00
parent 1da107bd15
commit c04ae24b7f
1 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
grafana-pcp.spec
View File

@ -24,7 +24,7 @@ end}
Name: grafana-pcp
Version: 3.2.0
Release: 1%{?dist}
Release: 2%{?dist}
Summary: Performance Co-Pilot Grafana Plugin
License: ASL 2.0
URL: https://github.com/performancecopilot/grafana-pcp
@ -198,6 +198,14 @@ export GOPATH=%{_builddir}
%changelog
* Thu Aug 11 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 3.2.0-2
- resolve CVE-2022-1705 golang: net/http: improper sanitization of Transfer-Encoding header
- resolve CVE-2022-32148 golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working
- resolve CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read
- resolve CVE-2022-30630 golang: io/fs: stack exhaustion in Glob
- resolve CVE-2022-30632 golang: path/filepath: stack exhaustion in Glob
- resolve CVE-2022-30635 golang: encoding/gob: stack exhaustion in Decoder.Decode
* Fri Nov 12 2021 Andreas Gerstmayr <agerstmayr@redhat.com> 3.2.0-1
- update to 3.2.0 tagged upstream community sources, see CHANGELOG