Package glances: Information

    Source package: glances
    Version: 4.5.4-alt1
    Build time:  Apr 21, 2026, 01:05 PM
    Category: Monitoring
    Report package bug
    Home page: https://github.com/nicolargo/glances
    License: GPLv3
    Summary: CLI curses based monitoring tool
    Description: 
    Glances is a CLI curses based monitoring tool for both GNU/Linux and BSD.

Glances uses the PsUtil library to get information from your system.
    List of RPM packages built from this SRPM:
    glances (noarch)
    glances-webserver (noarch)
    python3-module-glances (noarch)
    Maintainer: Egor Ignatov
    List of contributors:
    Egor Ignatov
    Michael Shigorin
    Stanislav Levin
    Alexander Kuznetsov
    Andrey Bychkov
    Gleb Fotengauer-Malinovskiy
      1. /proc
      2. python3-module-dateutil
      3. python3-module-defusedxml
      4. python3-module-fastapi
      5. python3-module-jinja2
      6. python3-module-psutil
      7. python3-module-pyproject-installer >= 0.4.0
      8. python3-module-pytest
      9. python3-module-pytest
      10. python3-module-selenium
      11. python3-module-setuptools
      12. python3-module-ujson
      13. python3-module-uvicorn
      14. python3-module-wheel
      15. rpm-build-python3

    Last changed

    April 21, 2026 Egor Ignatov 4.5.4-alt1
    - New version 4.5.4.
    March 31, 2026 Egor Ignatov 4.5.3-alt1
    - New version 4.5.3.
- Fixes:
  + CVE-2026-30928 Unauthenticated Configuration Secrets Exposure via /api/4/config
  + CVE-2026-30930 SQL Injection via Process Names in TimescaleDB Export
  + CVE-2026-32596 REST API Exposed Without Authentication by Default
  + CVE-2026-32608 Command Injection via Process Names in Action Command Templates
  + CVE-2026-32609 Incomplete Secrets Redaction on /api/v4/args Endpoint
  + CVE-2026-32610 Cross-Origin Credential Theft via Default CORS Configuration
  + CVE-2026-32611 SQL Injection in DuckDB Export via Unparameterized DDL Statements
  + CVE-2026-32632 DNS Rebinding via Missing Host Validation in REST/WebUI
  + CVE-2026-32633 Browser API Exposes Reusable Downstream Credentials via /api/4/serverslist
  + CVE-2026-32634 Autodiscovery Leaks Reusable Credentials to Zeroconf-Spoofed Servers
  + CVE-2026-33533 Cross-Origin System Information Disclosure via XML-RPC Server CORS Wildcard
  + CVE-2026-33641 Command Injection via Dynamic Configuration Values
    Aug. 15, 2025 Michael Shigorin 4.3.0.8-alt1.2
    - NMU: disable webserver on e2k due to uvicorn being missing
    VKontakte|Telegram|YouTube|Forum|ALT Linux Space|Bugzilla
    Version: v26.6.1
    Back to top