From 7bf826e0d7843069f48f152ae17c814735fee404 Mon Sep 17 00:00:00 2001
From: Sam Feifer <sfeifer@redhat.com>
Date: Tue, 16 Apr 2024 10:18:39 -0400
Subject: [PATCH] Resolves: RHEL-24301 Resolves: RHEL-30704 fix: CVE-2024-1313

---
 0013-snapshot-delete-check-org.patch | 21 +++++++++++++++++++++
 grafana.spec                         |  9 ++++++++-
 2 files changed, 29 insertions(+), 1 deletion(-)
 create mode 100644 0013-snapshot-delete-check-org.patch

diff --git a/0013-snapshot-delete-check-org.patch b/0013-snapshot-delete-check-org.patch
new file mode 100644
index 0000000..4211884
--- /dev/null
+++ b/0013-snapshot-delete-check-org.patch
@@ -0,0 +1,21 @@
+From 9c1236ba6e7d4c6506c62adeb830d9e56db7f425 Mon Sep 17 00:00:00 2001
+From: Sam Feifer <sfeifer@redhat.com>
+Date: Thu, 28 Mar 2024 13:24:35 -0400
+Subject: [PATCH] snapshot delete check org
+
+
+diff --git a/pkg/api/dashboard_snapshot.go b/pkg/api/dashboard_snapshot.go
+index 47ae50544a..0007e89ccb 100644
+--- a/pkg/api/dashboard_snapshot.go
++++ b/pkg/api/dashboard_snapshot.go
+@@ -328,6 +328,10 @@ func (hs *HTTPServer) DeleteDashboardSnapshot(c *models.ReqContext) response.Res
+ 		return response.Error(http.StatusNotFound, "Failed to get dashboard snapshot", nil)
+ 	}
+ 
++	if query.Result.OrgId != c.OrgID {
++		return response.Error(http.StatusUnauthorized, "OrgID mismatch", nil)
++	}
++
+ 	if query.Result.External {
+ 		err := deleteExternalDashboardSnapshot(query.Result.ExternalDeleteUrl)
+ 		if err != nil {
diff --git a/grafana.spec b/grafana.spec
index 9a842ad..2da3295 100644
--- a/grafana.spec
+++ b/grafana.spec
@@ -35,7 +35,7 @@ end}
 
 Name:             grafana
 Version:          9.2.10
-Release:          15%{?dist}
+Release:          16%{?dist}
 Summary:          Metrics dashboard and graph editor
 License:          AGPLv3
 URL:              https://grafana.org
@@ -87,6 +87,7 @@ Patch8:           0008-graphite-functions-xss.patch
 Patch10:          0010-skip-tests.patch
 Patch11:          0011-remove-email-lookup.patch
 Patch12:          0012-coredump-selinux-error.patch
+Patch13:          0013-snapshot-delete-check-org.patch
 
 # Patches affecting the vendor tarball
 Patch1001:        1001-vendor-patch-removed-backend-crypto.patch
@@ -773,6 +774,7 @@ cp -p %{SOURCE8} %{SOURCE9} %{SOURCE10} SELinux
 %patch -P 10 -p1
 %patch -P 11 -p1
 %patch -P 12 -p1
+%patch -P 13 -p1
 
 %patch -P 1001 -p1
 %if %{enable_fips_mode}
@@ -1019,6 +1021,11 @@ fi
 %{_datadir}/selinux/*/grafana.pp
 
 %changelog
+* Fri Apr 5 2024 Sam Feifer <sfeifer@redhat.com> 9.2.10-16
+- Check OrdID is correct before deleting snapshot
+- fix CVE-2024-1313
+- fix CVE-2024-1394
+
 * Wed Jan 31 2024 Sam Feifer <sfeifer@redhat.com> 9.2.10-15
 - Resolves RHEL-23466
 - Resolves RHEL-21027