pcs-0.11.10-1.el9_7.2.ML.1

エラータID: AXSA:2026-174:02

リリース日: 
2026/02/13 Friday - 17:05
題名: 
pcs-0.11.10-1.el9_7.2.ML.1
影響のあるチャネル: 
MIRACLE LINUX 9 for x86_64
Severity: 
High
Description: 

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.

Security Fix(es):

* lodash: prototype pollution in _.unset and _.omit functions (CVE-2025-13465)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2025-13465
Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution in the _.unset and _.omit functions. An attacker can pass crafted paths which cause Lodash to delete methods from global prototypes. The issue permits deletion of properties but does not allow overwriting their original behavior. This issue is patched on 4.17.23

解決策: 

Update packages.

CVE: 
CVE-2025-13465
Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution in the _.unset and _.omit functions. An attacker can pass crafted paths which cause Lodash to delete methods from global prototypes. The issue permits deletion of properties but does not allow overwriting their original behavior. This issue is patched on 4.17.23
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. pcs-0.11.10-1.el9_7.2.ML.1.src.rpm
    MD5: 377ba9568e5d85e13201bde413049f8e
    SHA-256: b1f93a011617b23bdb723e11ce87d00ba9a8bb0004ba9db7f01665e09ca590be
    Size: 35.52 MB

Asianux Server 9 for x86_64
  1. pcs-0.11.10-1.el9_7.2.ML.1.x86_64.rpm
    MD5: 6b14947103ec73c8a4621b2dc7e4d36d
    SHA-256: b1f339bdd7d96ff48e24b1658e9b0174ee222f9c999f93db014fa49ce9555f5f
    Size: 4.61 MB
  2. pcs-snmp-0.11.10-1.el9_7.2.ML.1.x86_64.rpm
    MD5: 05aba5c12e0a14f34647b5dd1a84feea
    SHA-256: 67b9d8f72a8d2661a93d6e557ef402fe32d7566f58ba6b92aa1d135a511074a4
    Size: 70.44 kB