From 58a1bf4a62993c74560a0239c7a2dc9454319a1c Mon Sep 17 00:00:00 2001
From: MSVSphere Packaging Team <packager@msvsphere-os.ru>
Date: Tue, 24 Sep 2024 03:30:58 +0300
Subject: [PATCH] import grafana-9.2.10-17.el9_4

---
 SOURCES/1002-vendor-use-pbkdf2-from-OpenSSL.patch | 4 ++--
 SPECS/grafana.spec                                | 5 ++++-
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/SOURCES/1002-vendor-use-pbkdf2-from-OpenSSL.patch b/SOURCES/1002-vendor-use-pbkdf2-from-OpenSSL.patch
index 48a4536..aa4b421 100644
--- a/SOURCES/1002-vendor-use-pbkdf2-from-OpenSSL.patch
+++ b/SOURCES/1002-vendor-use-pbkdf2-from-OpenSSL.patch
@@ -2,7 +2,7 @@ use pbkdf2 from OpenSSL if FIPS mode is enabled
 
 This patch modifies the x/crypto/pbkdf2 function to use OpenSSL
 if FIPS mode is enabled.
-DEFINEFUNC is from /usr/lib/golang/src/vendor/github.com/golang-fips/openssl-fips/openssl/goopenssl.h
+DEFINEFUNC is from /usr/lib/golang/src/vendor/github.com/golang-fips/openssl/openssl/goopenssl.h
 
 diff --git a/vendor/golang.org/x/crypto/internal/boring/boring.go b/vendor/golang.org/x/crypto/internal/boring/boring.go
 new file mode 100644
@@ -112,7 +112,7 @@ index 0000000000..6dfdf10424
 --- /dev/null
 +++ b/vendor/golang.org/x/crypto/internal/boring/openssl_pbkdf2.h
 @@ -0,0 +1,5 @@
-+#include "/usr/lib/golang/src/vendor/github.com/golang-fips/openssl-fips/openssl/goopenssl.h"
++#include "/usr/lib/golang/src/vendor/github.com/golang-fips/openssl/openssl/goopenssl.h"
 +
 +DEFINEFUNC(int, PKCS5_PBKDF2_HMAC,
 +    (const char *pass, int passlen, const unsigned char *salt, int saltlen, int iter, EVP_MD *digest, int keylen, unsigned char *out),
diff --git a/SPECS/grafana.spec b/SPECS/grafana.spec
index 8e8b879..903fec0 100644
--- a/SPECS/grafana.spec
+++ b/SPECS/grafana.spec
@@ -25,7 +25,7 @@ end}
 
 Name:             grafana
 Version:          9.2.10
-Release:          16%{?dist}
+Release:          17%{?dist}
 Summary:          Metrics dashboard and graph editor
 License:          AGPL-3.0-only
 URL:              https://grafana.org
@@ -1010,6 +1010,9 @@ fi
 %{_datadir}/selinux/*/grafana.pp
 
 %changelog
+* Tue Sep 17 2024 Sam Feifer <sfeifer@redhat.com> 9.2.10-17
+- Resolves RHEL-57925: CVE-2024-34156
+
 * Tue Apr 16 2024 Sam Feifer <sfeifer@redhat.com> 9.2.10-16
 - Check OrdID is correct before deleting snapshot
 - fix CVE-2024-1313