From 1b67136c2c2289d6490ba0bef79bb255d654f6d8 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Nov 08 2022 06:50:24 +0000 Subject: import grafana-pcp-3.2.0-2.el8 --- diff --git a/SPECS/grafana-pcp.spec b/SPECS/grafana-pcp.spec index 29ddfc0..d44fcbc 100644 --- a/SPECS/grafana-pcp.spec +++ b/SPECS/grafana-pcp.spec @@ -24,7 +24,7 @@ end} Name: grafana-pcp Version: 3.2.0 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Performance Co-Pilot Grafana Plugin License: ASL 2.0 URL: https://github.com/performancecopilot/grafana-pcp @@ -198,6 +198,14 @@ export GOPATH=%{_builddir} %changelog +* Wed Aug 10 2022 Andreas Gerstmayr 3.2.0-2 +- resolve CVE-2022-1705 golang: net/http: improper sanitization of Transfer-Encoding header +- resolve CVE-2022-32148 golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working +- resolve CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read +- resolve CVE-2022-30630 golang: io/fs: stack exhaustion in Glob +- resolve CVE-2022-30632 golang: path/filepath: stack exhaustion in Glob +- resolve CVE-2022-30635 golang: encoding/gob: stack exhaustion in Decoder.Decode + * Fri Nov 12 2021 Andreas Gerstmayr 3.2.0-1 - update to 3.2.0 tagged upstream community sources, see CHANGELOG