according to grafana: https://grafana.com/blog/2022/02/08/grafana-7.5.15-and-8.3.5-released-with-moderate-severity-security-fixes/
it was the security fix CSRF (CVE-2022-21703) for version 7.5.15 and 8.3.5. As ovirt engine uses httpd as reverse proxy and the grafana V. 7.5.15: ****** # grafana-server -v Version 7.5.15 (commit: NA, branch: master) ****** the described configuration of "ProxyPreserveHost" for Host header is needed! Can the dev. team take this configuration to /etc/httpd/conf.d/ovirt-engine-grafana-proxy.conf for the next update? It is not the option to change the default config after every update. _______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/HBVS4U2NK5XWPGCNOHCZLMUL544ZZI36/
