Hi, You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 9 Type: Security Severity: Moderate Release date: 2024-11-19 Summary: Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fix(es): * golang: net: malformed DNS message can cause infinite loop (CVE-2024-24788) * golang: archive/zip: Incorrect handling of certain ZIP files (CVE-2024-24789) * golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses (CVE-2024-24790) * go-retryable[http:](http:) url might write sensitive information to log file (CVE-2024-6104) * net/[http:](http:) Denial of service due to improper 100-continue handling in net/http (CVE-2024-24791) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section. Full details, updated packages, references, and other related information: https://errata.almalinux.org/9/ALSA-2024-9115.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team