Diffusion FreeBSD ports repository 28823d911577

www/grafana{8,9}: Update to 8.5.15 and 9.2.4 (fixes security vulnerabilities)
28823d911577
Actions

Description

www/grafana{8,9}: Update to 8.5.15 and 9.2.4 (fixes security vulnerabilities)

CVE-2022-31123 - Plugin signature bypass
CVE-2022-31130 - Data source and plugin proxy endpoints leaking authentication tokens to some destination plugins
CVE-2022-39201 - Data source and plugin proxy endpoints leaking authentication tokens to some destination plugins
CVE-2022-39229 - Improper authentication
CVE-2022-39306 - Privilege escalation
CVE-2022-39307 - Username enumeration
CVE-2022-39328 - Privilege escalation (Critical)

https://grafana.com/blog/2022/10/12/grafana-security-releases-new-versions-with-fixes-for-cve-2022-39229-cve-2022-39201-cve-2022-31130-cve-2022-31123/

https://grafana.com/blog/2022/11/08/security-release-new-versions-of-grafana-with-critical-and-moderate-fixes-for-cve-2022-39328-cve-2022-39307-and-cve-2022-39306/

ChangeLog: https://github.com/grafana/grafana/releases/tag/v8.5.15

		https://github.com/grafana/grafana/releases/tag/v9.2.2
		https://github.com/grafana/grafana/releases/tag/v9.2.3
		https://github.com/grafana/grafana/releases/tag/v9.2.4

PR: 267728
MFH: 2022Q4
Security: 0a80f159-629b-11ed-9ca2-6c3be5272acd

		6eb6a442-629a-11ed-9ca2-6c3be5272acd
		db895ed0-6298-11ed-9ca2-6c3be5272acd
		4e60d660-6298-11ed-9ca2-6c3be5272acd
		6f6c9420-6297-11ed-9ca2-6c3be5272acd
		6877e164-6296-11ed-9ca2-6c3be5272acd
		909a80ba-6294-11ed-9ca2-6c3be5272acd

(cherry picked from commit c01da721e69d9ae724afef61bdb196543c86a461)