pcs-0.11.3-4.el9.ML.1

Release date:

Wednesday, February 1, 2023 - 04:37

Subject:

Affected Channels:

MIRACLE LINUX 9 for x86_64

Severity:

Moderate

Description:

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.

Security Fix(es):

* pcs: improper authentication via PAM (CVE-2022-1049)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2022-1049
A flaw was found in the Pacemaker configuration tool (pcs). The pcs daemon was allowing expired accounts, and accounts with expired passwords to login when using PAM authentication. Therefore, unprivileged expired accounts that have been denied access could still login.

Solution:

Update packages.

CVEs:

CVE-2022-1049
A flaw was found in the Pacemaker configuration tool (pcs). The pcs daemon was allowing expired accounts, and accounts with expired passwords to login when using PAM authentication. Therefore, unprivileged expired accounts that have been denied access could still login.

Additional Info:

N/A

Download:

SRPMS

pcs-0.11.3-4.el9.ML.1.src.rpm
MD5: 439273bbe743312f603e64499a27734d
SHA-256: 0d74ac0cc8977016d43e9faee935c76e54991399a282295bb48074d8124eb2c3
Size: 64.91 MB

Asianux Server 9 for x86_64

pcs-0.11.3-4.el9.ML.1.x86_64.rpm
MD5: 0081f0381417e58688ba5b53c8f45aa9
SHA-256: 0843981f80037ef2c6388f09337bc40477a463b2874b1bc9a70620541354d7a2
Size: 7.86 MB
pcs-0.11.3-4.el9.ML.1.x86_64.rpm
MD5: 0081f0381417e58688ba5b53c8f45aa9
SHA-256: 0843981f80037ef2c6388f09337bc40477a463b2874b1bc9a70620541354d7a2
Size: 7.86 MB
pcs-snmp-0.11.3-4.el9.ML.1.x86_64.rpm
MD5: 2010a3ca6a8af773341fbbb12eebf6fe
SHA-256: f16e112392cba227fd4fad7b73ba49c13d10a188c9d57bd1c05a684614d62d55
Size: 60.73 kB
pcs-snmp-0.11.3-4.el9.ML.1.x86_64.rpm
MD5: 2010a3ca6a8af773341fbbb12eebf6fe
SHA-256: f16e112392cba227fd4fad7b73ba49c13d10a188c9d57bd1c05a684614d62d55
Size: 60.73 kB

Main menu

You are here