Red Hat Product Errata RHSA-2026:8949 - Security Advisory Issued: 2026-04-20 Updated: 2026-04-20 RHSA-2026:8949 - Security Advisory Overview Updated Packages Synopsis Important: grafana-pcp security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for grafana-pcp is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fix(es): net/url: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0 s390x Fixes BZ - 2445356 - CVE-2026-25679 net/url: Incorrect parsing of IPv6 host literals in net/url CVEs CVE-2026-25679 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 SRPM grafana-pcp-3.2.0-6.el9_0.src.rpm SHA-256: 063d49e34507e0e3ccc632c6cdd26278a51d424932fd89e3c3445824dec3e5f7 ppc64le grafana-pcp-3.2.0-6.el9_0.ppc64le.rpm SHA-256: 6c11fee20948357e36946a7671165f8f7d4c6664448c4f7681517f335fd174f0 grafana-pcp-debuginfo-3.2.0-6.el9_0.ppc64le.rpm SHA-256: 63d9c2a4a86310c50a5883357229f67203af42dba07b485af4b13e9ec4f79eb6 Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 SRPM grafana-pcp-3.2.0-6.el9_0.src.rpm SHA-256: 063d49e34507e0e3ccc632c6cdd26278a51d424932fd89e3c3445824dec3e5f7 x86_64 grafana-pcp-3.2.0-6.el9_0.x86_64.rpm SHA-256: e8d31094b3846cdcf11b00b5efc2420cdf0285b6ab55bafa55b0a596239e2b08 grafana-pcp-debuginfo-3.2.0-6.el9_0.x86_64.rpm SHA-256: 5dd2f858687d115c406816f54f374f878c8183ddc1f12dbd143dc66971469855 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0 SRPM grafana-pcp-3.2.0-6.el9_0.src.rpm SHA-256: 063d49e34507e0e3ccc632c6cdd26278a51d424932fd89e3c3445824dec3e5f7 aarch64 grafana-pcp-3.2.0-6.el9_0.aarch64.rpm SHA-256: 7112bece3d78e1b7316248a23eaa8f44448d42067714fcf9911e5fa1ac9533a5 grafana-pcp-debuginfo-3.2.0-6.el9_0.aarch64.rpm SHA-256: d1fbbd6408cdbbf3f3a0ab6afe643a557d1325fd44cabbc472fedacd5d9aee36 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0 SRPM grafana-pcp-3.2.0-6.el9_0.src.rpm SHA-256: 063d49e34507e0e3ccc632c6cdd26278a51d424932fd89e3c3445824dec3e5f7 s390x grafana-pcp-3.2.0-6.el9_0.s390x.rpm SHA-256: 502f59d09a03454738d6cf736be0c0366c967234bd4c39b58d0796cadc8eab09 grafana-pcp-debuginfo-3.2.0-6.el9_0.s390x.rpm SHA-256: e19b2a9370196d0a257b200fbdd0006a58e7c56bfdbdb461b9a0cded6d200490 The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .