pcs-0.11.3-4.el9.3.ML.1
エラータID: AXSA:2023-5266:07
Release date:
Wednesday, April 5, 2023 - 09:52
Subject:
pcs-0.11.3-4.el9.3.ML.1
Affected Channels:
MIRACLE LINUX 9 for x86_64
Severity:
High
Description:
The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.
Security Fix(es):
* webpack: avoid cross-realm objects (CVE-2023-28154)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2023-28154
Webpack 5 before 5.76.0 does not avoid cross-realm object access. ImportParserPlugin.js mishandles the magic comment feature. An attacker who controls a property of an untrusted object can obtain access to the real global object.
Solution:
Update packages.
CVEs:
CVE-2023-28154
Webpack 5 before 5.76.0 does not avoid cross-realm object access. ImportParserPlugin.js mishandles the magic comment feature. An attacker who controls a property of an untrusted object can obtain access to the real global object.
Webpack 5 before 5.76.0 does not avoid cross-realm object access. ImportParserPlugin.js mishandles the magic comment feature. An attacker who controls a property of an untrusted object can obtain access to the real global object.
Additional Info:
N/A
Download:
SRPMS
- pcs-0.11.3-4.el9.3.ML.1.src.rpm
MD5: 4c485dbcdf5cd511894f5170e6f364e0
SHA-256: 2b3a5d8cfc9fc6f78c7d592597ce1305fd053dd38ea4a8238949b539e2e1be8f
Size: 64.91 MB
Asianux Server 9 for x86_64
- pcs-0.11.3-4.el9.3.ML.1.x86_64.rpm
MD5: 632ccb0048d8ccf665321df9cb2464a8
SHA-256: 6351d129f11c300adda89183eac153ca4b34f49696a7eaf320a1ebea6ca60119
Size: 7.86 MB - pcs-snmp-0.11.3-4.el9.3.ML.1.x86_64.rpm
MD5: 166c5ac339aa12acd241e72aa551a490
SHA-256: b3aa13b9cb944ce13d6e59288e3242e383aaaa4dbcbc6e0eed802c5781c44c6c
Size: 60.71 kB
日本語