From 77bf3f5babcde90e5f4a0ae2eda51a691463fd99 Mon Sep 17 00:00:00 2001 From: "grafana-delivery-bot[bot]" <132647405+grafana-delivery-bot[bot]@users.noreply.github.com> Date: Tue, 22 Oct 2024 16:50:41 +0200 Subject: [PATCH] Release: update changelog for 11.1.8 (#95161) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Update changelog * Fix changelog --------- Co-authored-by: github-actions[bot] Co-authored-by: Piotr Jamróz --- CHANGELOG.md | 30 +++++++++++++++++++++--------- 1 file changed, 21 insertions(+), 9 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 022ce59bba2..5e6b3ae434a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,12 +1,3 @@ - - -# 11.1.7+security-01 (2024-10-17) - -### Bug fixes - -- **SQL Expressions**: Fixes CVE-2024-9264 - - # 11.2.2+security-01 (2024-10-17) @@ -27,6 +18,27 @@ - **SQL Expressions**: Fixes CVE-2024-9264 + + +# 11.1.8 (2024-10-22) + +### Bug fixes + +- **Alerting:** Fix incorrect permission on POST external rule groups endpoint [CVE-2024-8118] [#93948](https://github.com/grafana/grafana/pull/93948), [@alexweav](https://github.com/alexweav) +- **AzureMonitor:** Fix App Insights portal URL for multi-resource trace queries [#94474](https://github.com/grafana/grafana/pull/94474), [@aangelisc](https://github.com/aangelisc) +- **OrgSync:** Do not set default Organization for a user to a non-existent Organization [#94551](https://github.com/grafana/grafana/pull/94551), [@mgyongyosi](https://github.com/mgyongyosi) +- **ServerSideExpressions:** Disable SQL Expressions to prevent RCE and LFI vulnerability [#94969](https://github.com/grafana/grafana/pull/94969), [@scottlepp](https://github.com/scottlepp) + + + + +# 11.1.7+security-01 (2024-10-17) + +### Bug fixes + +- **SQL Expressions**: Fixes CVE-2024-9264 + + # 11.1.6+security-01 (2024-10-17)