keepalived-2.1.5-8.el8.ML.1
エラータID: AXSA:2022-3396:02
The keepalived utility provides simple and robust facilities for load balancing
and high availability. The load balancing framework relies on the well-known and
widely used IP Virtual Server (IPVS) kernel module providing layer-4 (transport
layer) load balancing. Keepalived implements a set of checkers to dynamically
and adaptively maintain and manage a load balanced server pool according to the
health of the servers. Keepalived also implements the Virtual Router Redundancy
Protocol (VRRPv2) to achieve high availability with director failover.
Security Fix(es):
* keepalived: dbus access control bypass (CVE-2021-44225)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.
Additional Changes:
Bug fix(es):
Update the version to 2.1.5-8.el8.ML.1
CVE-2021-44225
In Keepalived through 2.2.4, the D-Bus policy does not sufficiently restrict the
message destination, allowing any user to inspect and manipulate any property.
This leads to access-control bypass in some situations in which an unrelated
D-Bus system service has a settable (writable) property
Update packages.
In Keepalived through 2.2.4, the D-Bus policy does not sufficiently restrict the message destination, allowing any user to inspect and manipulate any property. This leads to access-control bypass in some situations in which an unrelated D-Bus system service has a settable (writable) property
N/A
SRPMS
- keepalived-2.1.5-8.el8.ML.1.src.rpm
MD5: d7dbf114ae502443d25671ad1d39ccb7
SHA-256: 64554ac54d0ce831eb9c230785a7906ec053f208e67dcc56c953f41cd8509d2a
Size: 1.06 MB
Asianux Server 8 for x86_64
- keepalived-2.1.5-8.el8.ML.1.x86_64.rpm
MD5: e567ce944f1ea1e116492886fafe813e
SHA-256: 092851ea8c879ca9bac75a55162921da68a5d7e6fe128a39e6cea2917626ebcd
Size: 535.52 kB
日本語