Change8

v11.5.3+security-01

📦 grafanaView on GitHub →
🐛 9 fixes

Summary

This security release updates the underlying Go version to 1.23.7 and addresses several bugs across Alerting, Authentication, Dashboards, and fixes critical security vulnerabilities.

🐛 Bug Fixes

  • Fixed token-based Slack image upload to work correctly with channel names in Alerting.
  • Resolved an issue where the AzureAD configuration UI's ClientAuthentication dropdown was incorrect.
  • Fixed unintentional time range and variables updates occurring upon saving Dashboards.
  • Restored missing 'v/e/i' keybindings to allow returning to the dashboard.
  • Improved handling of template variables contained within regular expressions for InfluxQL data sources.
  • Fixed a page crash issue when testing LDAP configurations.
  • Corrected linking behavior between organizations in Org redirection.
  • Patched security vulnerability CVE-2025-3454.
  • Patched security vulnerability CVE-2025-2703.