Hello, I was wondering if there were an established channel/feed to get security announcements regarding Grafana Loki, the Docker driver, and possibly other softwares developed by the project.
I found Security Announcements - Grafana Labs Community Forums but I’m unsure if it’s exclusively for Grafana (the observability platform). Currently all topics in that category are, but maybe there just never were announcements regarding the other softwares that required it.
I’m aware that, if applicable, security fixes are usually listed in release notes, e.g. in Release v2.4.0 · grafana/loki · GitHub , but one might wish for a restricted feed of truly important issues that doesn’t always require careful review of releases, just like the mentioned category for Grafana.
I’ve now also found Security blog posts | Grafana Labs which seems to contain the posts of the aforementioned category and more, such as posts discussing the impact of important new vulnerabilities on Grafana, but I’d still appreciate confirmation as to which of these 2 do, (if the case) refer to all Grafana products.