Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package grafana for openSUSE:Factory checked
in at 2025-07-23 16:34:57
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/grafana (Old)
and /work/SRC/openSUSE:Factory/.grafana.new.8875 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "grafana"
Wed Jul 23 16:34:57 2025 rev:77 rq:1295180 version:11.6.3+security01
Changes:
--------
--- /work/SRC/openSUSE:Factory/grafana/grafana.changes 2025-07-18
15:59:51.081781910 +0200
+++ /work/SRC/openSUSE:Factory/.grafana.new.8875/grafana.changes
2025-07-23 16:36:48.487812274 +0200
@@ -1,0 +2,17 @@
+Tue Jul 22 13:10:21 UTC 2025 - Witek Bedyk <witold.be...@suse.com>
+
+- Update to version 11.6.3+security-01:
+ Security:
+ CVE-2025-6023: Fix cross-site-scripting via scripted dashboards
+ (bsc#1246735)
+ CVE-2025-6197: Fix open redirect in organization switching
+ (bsc#1246736)
+ Features and enhancements:
+ * Profiles: Stop passing response headers for Grafana-Pyroscope
+ and parca datasources.
+ Bug fixes:
+ * FlameGraph: Fix bug for function names that conflict with
+ JavaScript object prototype properties.
+- Require Go 1.24 for building
+
+-------------------------------------------------------------------
@@ -9521,0 +9539 @@
+-------------------------------------------------------------------
Old:
----
grafana-11.6.3.tar.gz
New:
----
grafana-11.6.3+security01.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ grafana.spec ++++++
--- /var/tmp/diff_new_pack.0mUXHp/_old 2025-07-23 16:36:51.627934541 +0200
+++ /var/tmp/diff_new_pack.0mUXHp/_new 2025-07-23 16:36:51.631934697 +0200
@@ -22,7 +22,7 @@
%endif
Name: grafana
-Version: 11.6.3
+Version: 11.6.3+security01
Release: 0
Summary: The open-source platform for monitoring and observability
License: AGPL-3.0-only
@@ -40,7 +40,7 @@
BuildRequires: fdupes
BuildRequires: git-core
BuildRequires: wire
-BuildRequires: golang(API) >= 1.23.7
+BuildRequires: golang(API) >= 1.24
Requires(post): %fillup_prereq
Requires: group(grafana)
Requires: user(grafana)
++++++ _service ++++++
--- /var/tmp/diff_new_pack.0mUXHp/_old 2025-07-23 16:36:51.699937345 +0200
+++ /var/tmp/diff_new_pack.0mUXHp/_new 2025-07-23 16:36:51.703937500 +0200
@@ -4,8 +4,9 @@
<param name="scm">git</param>
<param name="exclude">.git</param>
<param name="versionformat">@PARENT_TAG@</param>
- <param name="versionrewrite-pattern">v(.*)</param>
- <param name="revision">v11.6.3</param>
+ <param name="versionrewrite-pattern">v(.*)-(.*)</param>
+ <param name="versionrewrite-replacement">\1\2</param>
+ <param name="revision">v11.6.3+security-01</param>
</service>
<service name="recompress" mode="manual">
<param name="compression">gz</param>
@@ -13,6 +14,7 @@
</service>
<service name="set_version" mode="manual">
<param name="basename">grafana</param>
+ <param name="version">11.6.3+security01</param>
</service>
</services>
++++++ vendor.tar.gz ++++++
/work/SRC/openSUSE:Factory/grafana/vendor.tar.gz
/work/SRC/openSUSE:Factory/.grafana.new.8875/vendor.tar.gz differ: char 5, line
1
