Release date:
2026-06-10 12:19:00 UTC
Description:
- CVE-2026-33376: fix auth proxy IPv6 allow-list bypass (use /128 mask for IPv6, not /32)
- CVE-2026-33377: fix dashboard import privilege escalation (set default dashboard
permissions only for newly created dashboards, not when overwriting an existing one)
Updated packages:
-
grafana-9.0.9-4.el9_2.alma.1.tuxcare.els17.x86_64.rpm
sha:6d71da31f471bf818886e44bfb81c8df549e1f2d0b18c22621f531f4606938d3
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
