Page MenuHomePhabricator
Create Task
Maniphest T292614

Upgrade grafana in cloudmetrics
Closed, ResolvedPublic
Actions

Description

moritz let us know that there's a new CVE for which our grafana instances are affected.

https://grafana.com/blog/2021/10/05/grafana-7.5.11-and-8.1.6-released-with-critical-security-fix/

the fixed 8.1.6 package is already on apt.wikimedia.org, so it means that we need to upgrade.

Related Objects

Event Timeline

dcaro created this task.Oct 6 2021, 8:24 AM
dcaro triaged this task as High priority.
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptOct 6 2021, 8:24 AM
dcaro added a project: cloud-services-team (FY2021/2022-Q3).Oct 6 2021, 8:25 AM

We might want to upgrade to grafana 8 at the same time

dcaro removed dcaro as the assignee of this task.Oct 6 2021, 8:26 AM
dcaro updated the task description. (Show Details)
dcaro closed this task as Resolved.Oct 6 2021, 9:43 AM
dcaro claimed this task.
dcaro moved this task from To refine to Done on the User-dcaro board.
dcaro added a subscriber: MoritzMuehlenhoff.Oct 6 2021, 9:46 AM

Given that grafana 8 upgrade has still some things to figure out (T282863) I (with handholding by @MoritzMuehlenhoff) have downgraded the wikimedia repos grafana package to 7.5 and upgraded our clodmetrics hosts with that version.

Stashbot added a comment.Oct 6 2021, 9:47 AM

Mentioned in SAL (#wikimedia-cloud) [2021-10-06T09:47:05Z] <dcaro> upgraded cloudmetrics to grafana 7.5 (T292614)

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits