rebuild to fix various Golang CVEs

Resolves: #2111753
This commit is contained in:
Andreas Gerstmayr 2022-08-10 16:06:02 +02:00
parent 1da107bd15
commit c04ae24b7f

View File

@ -24,7 +24,7 @@ end}
Name: grafana-pcp Name: grafana-pcp
Version: 3.2.0 Version: 3.2.0
Release: 1%{?dist} Release: 2%{?dist}
Summary: Performance Co-Pilot Grafana Plugin Summary: Performance Co-Pilot Grafana Plugin
License: ASL 2.0 License: ASL 2.0
URL: https://github.com/performancecopilot/grafana-pcp URL: https://github.com/performancecopilot/grafana-pcp
@ -198,6 +198,14 @@ export GOPATH=%{_builddir}
%changelog %changelog
* Thu Aug 11 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 3.2.0-2
- resolve CVE-2022-1705 golang: net/http: improper sanitization of Transfer-Encoding header
- resolve CVE-2022-32148 golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working
- resolve CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read
- resolve CVE-2022-30630 golang: io/fs: stack exhaustion in Glob
- resolve CVE-2022-30632 golang: path/filepath: stack exhaustion in Glob
- resolve CVE-2022-30635 golang: encoding/gob: stack exhaustion in Decoder.Decode
* Fri Nov 12 2021 Andreas Gerstmayr <agerstmayr@redhat.com> 3.2.0-1 * Fri Nov 12 2021 Andreas Gerstmayr <agerstmayr@redhat.com> 3.2.0-1
- update to 3.2.0 tagged upstream community sources, see CHANGELOG - update to 3.2.0 tagged upstream community sources, see CHANGELOG