Re: Grafana version

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Jeremy,

Thanks for the heads up!

I cannot open the provided links.

AFAIK you can set a custom grafana image by running:

ceph config set mgr mgr/cephadm/container_image_grafana <url-to-your-image>

and then re-deploying the service. Plase see:
https://docs.ceph.com/en/pacific/cephadm/services/monitoring/#using-custom-images

Regards,

On Tue, Jan 4, 2022 at 4:14 AM Jeremy Hansen <jeremy@xxxxxxxxxx> wrote:

> I’m running 16.2.7 Pacific with Cephadm. Is there a way to upgrade an
> individual component without breaking orchestration? I’m just trying to
> clean up security issues and my scanner found problems with the version of
> Grafana Ceph deploys:
>
> CVE
> CVE-2021-28148 (https://gsa.la1.clx.corp/cve/CVE-2021-28148)
>
> CERT
>
> DFN-CERT-2021-1741 (
> https://gsa.la1.clx.corp/dfncert/DFN-CERT-2021-1741)DFN-CERT-2021-1739 (
> https://gsa.la1.clx.corp/dfncert/DFN-CERT-2021-1739)CB-K21/0293 (
> https://gsa.la1.clx.corp/certbund/CB-K21%2F0293)
>
> Summary
> Grafana is prone to a denial of service (DoS) vulnerability.
>
> Detection Result
> Installed version: 6.7.4 Fixed version: 6.7.6 Installation path / port: /
>
> Thanks
> -jeremy
>
> _______________________________________________
> ceph-users mailing list -- ceph-users@xxxxxxx
> To unsubscribe send an email to ceph-users-leave@xxxxxxx
>


-- 

Alfonso Martínez

Senior Software Engineer, Ceph Storage

Red Hat <https://www.redhat.com>
<https://red.ht/sig>
_______________________________________________
ceph-users mailing list -- ceph-users@xxxxxxx
To unsubscribe send an email to ceph-users-leave@xxxxxxx




[Index of Archives]     [Information on CEPH]     [Linux Filesystem Development]     [Ceph Development]     [Ceph Large]     [Ceph Dev]     [Linux USB Development]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [xfs]


  Powered by Linux