pacemaker-1.1.19-8.el7.5
エラータID: AXSA:2019-3935:04
The Pacemaker cluster resource manager is a collection of technologies working together to maintain data integrity and application availability in the event of failures.
Security Fix(es):
* pacemaker: Insufficient local IPC client-server authentication on the client's side can lead to local privesc (CVE-2018-16877)
* pacemaker: Insufficient verification inflicted preference of uncontrolled processes can lead to DoS (CVE-2018-16878)
* pacemaker: Information disclosure through use-after-free (CVE-2019-3885)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2018-16877
A flaw was found in the way pacemaker's client-server authentication was implemented in versions up to and including 2.0.0. A local attacker could use this flaw, and combine it with other IPC weaknesses, to achieve local privilege escalation.
CVE-2018-16878
A flaw was found in pacemaker up to and including version 2.0.1. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS
CVE-2019-3885
A use-after-free flaw was found in pacemaker up to and including version 2.0.1 which could result in certain sensitive information to be leaked via the system logs.
Update packages.
A flaw was found in the way pacemaker's client-server authentication was implemented in versions up to and including 2.0.0. A local attacker could use this flaw, and combine it with other IPC weaknesses, to achieve local privilege escalation.
A flaw was found in pacemaker up to and including version 2.0.1. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS
A use-after-free flaw was found in pacemaker up to and including version 2.0.1 which could result in certain sensitive information to be leaked via the system logs.
N/A
SRPMS
- pacemaker-1.1.19-8.el7.5.src.rpm
MD5: 429e8dedd63b46d8d7652ac48f5311b4
SHA-256: b332fba077c691256da8b858261153f4b2cf89ff88f91215cabbf6fa667172bd
Size: 5.83 MB
Asianux Server 7 for x86_64
- pacemaker-1.1.19-8.el7.5.x86_64.rpm
MD5: ca0575016ebba9ebc854f5ed3f3ab9ce
SHA-256: b6f6536a4065b8587b580bc884af709439fca9dfd3f649f68a370192616d88cf
Size: 463.02 kB - pacemaker-cli-1.1.19-8.el7.5.x86_64.rpm
MD5: 9855393c15f69b9f6e717d8d8f3e14cc
SHA-256: 2e4b1574278113e98df4dfc80f381c0806c9a3033ee1ccd38ce769a3c6348f9c
Size: 350.50 kB - pacemaker-cluster-libs-1.1.19-8.el7.5.x86_64.rpm
MD5: 88513bbd24f0d8c9dacc2d04431a8fbc
SHA-256: 7935569553242c955701de0653fcfd320a5efe64d8d669d5c5f853bb38113b56
Size: 155.97 kB - pacemaker-cts-1.1.19-8.el7.5.x86_64.rpm
MD5: cadda1f6be63b628405725bc0ae5a916
SHA-256: 1b5bdc2823a6cd9a406e07e80d552260da01abd3208b0d10122d9df9fc92ddd9
Size: 288.68 kB - pacemaker-doc-1.1.19-8.el7.5.x86_64.rpm
MD5: 3aeaeffd959022d5023d910f524d7a9a
SHA-256: aef83b15cb244c098861535be8def246c4d2ebcc1fcb751d015ad1085c4624d7
Size: 87.45 kB - pacemaker-libs-1.1.19-8.el7.5.x86_64.rpm
MD5: b06a995780cf82a9e4546f27e4d7297e
SHA-256: 5364e6ea8c1f8245d67f145232539cf8dc5a808d8d4ee1accc43eb6d1bc3bbcd
Size: 625.68 kB - pacemaker-libs-devel-1.1.19-8.el7.5.x86_64.rpm
MD5: b26148ed593ebab9b823637b596142cc
SHA-256: 0f54105eb4c996b63f75277f5d8d289b85a17f23939828beed3e5559c220bd55
Size: 1.82 MB - pacemaker-nagios-plugins-metadata-1.1.19-8.el7.5.x86_64.rpm
MD5: 0d6dfcefb8087c0699266a90e5254c45
SHA-256: 919c2d224f8ab25a0056b8cff57cdd565aacd56dd00f2f5fcfda54c7a0766e8c
Size: 64.36 kB - pacemaker-remote-1.1.19-8.el7.5.x86_64.rpm
MD5: c73a71c1d08f6c52ac05fcbf41a0cb47
SHA-256: e8a2b3c297705abbc43c7fa0509095b37bdf2cb3cde538f7fbee60d7723107bd
Size: 150.64 kB - pacemaker-cluster-libs-1.1.19-8.el7.5.i686.rpm
MD5: 97ea394f0b8a74b47d0aaaa9b6b3f242
SHA-256: 2d8ad3e3ee96c817ac8f3db4aa9a7cf49460337aa5edf2f4e643ee2b1ecf9d23
Size: 154.72 kB - pacemaker-libs-1.1.19-8.el7.5.i686.rpm
MD5: f8a650d7ff648b1500162581a7f2f66e
SHA-256: cdb8c378e23c0c1505aeceb6119fcfa557a1a63a6871e47ceb4a28890cfad25f
Size: 597.87 kB - pacemaker-libs-devel-1.1.19-8.el7.5.i686.rpm
MD5: f3f4873e7b18c11d7a63def75fe0dd1b
SHA-256: e7ab8ea2762aa6a039ee9a0c96636e4b56a8aa1d82bf96d8a08092a996ecd1cb
Size: 1.81 MB