Are older versions vulnerabilities patched?

When downloading grafana 5.1 as deb package from the official download site and therefore not from github, are the vulnerablities still there or have you patched them retrospectively?

Thank you

Hi csh0tpwn,
the grafana team normally implements security patches for versions 4.X and 5.X
But version 5.1 is not the most up to date, you should use 5.4.4

So this means grafana 5.1 is still vulnerable to Grafana 5.2.3 and 4.6.4 Security Update even if it was downloaded from here https://grafana.com/grafana/download/5.1.0?

Yes. If it were modified, it would need a new version number.

Antony.

1 Like