Hi, this should already be fixed by https://github.com/oVirt/ovirt-dwh/pull/38 included in ovirt-engine-dwh-4.5.3, which should be part of upcoming oVirt 4.5.1 release. Regards, Martin On Tue, Jun 14, 2022 at 1:20 PM Igor Davidoff <igor.davidoff@cloudkleyer.de> wrote:
according to grafana:
https://grafana.com/blog/2022/02/08/grafana-7.5.15-and-8.3.5-released-with-m...
it was the security fix CSRF (CVE-2022-21703) for version 7.5.15 and 8.3.5. As ovirt engine uses httpd as reverse proxy and the grafana V. 7.5.15: ****** # grafana-server -v Version 7.5.15 (commit: NA, branch: master) ****** the described configuration of "ProxyPreserveHost" for Host header is needed!
Can the dev. team take this configuration to /etc/httpd/conf.d/ovirt-engine-grafana-proxy.conf for the next update?
It is not the option to change the default config after every update. _______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-leave@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/HBVS4U2NK5XWPG...
-- Martin Perina Manager, Software Engineering Red Hat Czech s.r.o.