I checked recent security release
// Sorry I can not use several links because of my rank
Release 9.3.0, latest release with security patch:
Release 9.2.7, last 9.2 patch with security fix:
Stored XSS in Grafana Alerting (CVE-2022-31097)
9.1.0-beta1 → 9.3.0-beta1
2022-11-28 11:47 PRs submitted for fix with backports to 9.1 and 9.2
From : ttps://grafana.com/blog/2022/11/29/grafana-security-release-new-versions-with-high-severity-security-fix-for-cve-2022-31097/
Maybe 9.1.x is released soon ??
Since this vulnerability is a regression, 8.5.x will not be released.
Release 9.2.4, latest patch, also containing security fix:
Release 8.5.15, only containing security fix:
From : ttps://grafana.com/blog/2022/11/08/security-release-new-versions-of-grafana-with-critical-and-moderate-fixes-for-cve-2022-39328-cve-2022-39307-and-cve-2022-39306/
9.1.x seemed not released
Latest minor version of last 2 major versions are supported ??
Release 9.2, latest release with security fi
Release 9.1.8, only containing security fix
Release 8.5.14, only containing security fix
(upstream 9.2 and) latest minor version of last 2 major versions are supported ??
We are also releasing security releases for Grafana 9.0.8, 8.5.11, 8.4.11 and 8.3.11
From : ttps://grafana.com/blog/2022/08/30/security-release-new-versions-of-grafana-and-grafana-image-renderer-with-a-high-severity-security-fix-for-cve-2022-31176/
Many backport relese …
I can’t understand backport support policy