pacemaker-1.1.14-8.AXS4.2
エラータID: AXSA:2016-869:03
リリース日:
2016/11/08 Tuesday - 21:03
題名:
pacemaker-1.1.14-8.AXS4.2
影響のあるチャネル:
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity:
High
Description:
[修正内容]
以下項目について対処しました。
[Security Fix]
- Pacemaker の認証に問題があり, Pacemaker の IPC インターフェー
スを適切に保護していませんでした。攻撃者が Pacemaker ノード上の
権限のないアカウントで Local Resource Manager デーモンにスクリプトを
root 権限で実行し,マシン上で root 権限でアクセスできる権限を得る
脆弱性があります。(CVE-2016-7035)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2016-7035
An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain root access on the machine.
An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain root access on the machine.
追加情報:
N/A
ダウンロード:
SRPMS
- pacemaker-1.1.14-8.AXS4.2.src.rpm
MD5: fd0a81c2f3a78ace4e9986449d4e9115
SHA-256: 9913851533d6d9a38ece106ccffa4594099182be0f51854e5b08b4753d4d1ea4
Size: 4.83 MB
Asianux Server 4 for x86
- pacemaker-1.1.14-8.AXS4.2.i686.rpm
MD5: 2bc0b1ee80eca9ef82ccd8755259949f
SHA-256: be41b569aa94e6a58ef984ebec817c2aa9ef09de23cfe32e607c3da69931a201
Size: 450.22 kB - pacemaker-cli-1.1.14-8.AXS4.2.i686.rpm
MD5: 710071bdcc5a98e39753b8e4803dd2ae
SHA-256: 4932f1b2685d9c2940219fc283e37f9c359d9c2c639bc4e3cc14210c0bb9211d
Size: 226.20 kB - pacemaker-cluster-libs-1.1.14-8.AXS4.2.i686.rpm
MD5: 1e9826e95fc62ca0b4120b8f156a683d
SHA-256: cda66d350b9145fb8880a2f2a985e25b2454e3a8715cec64e3afadae29cdcd4d
Size: 81.67 kB - pacemaker-cts-1.1.14-8.AXS4.2.i686.rpm
MD5: dfd6523457a3f769f9bccac8eef42cf8
SHA-256: dd7c4d3ab3cf9bfe95812fd558482e12577568fcf9556de2644b1790251e9fd6
Size: 218.17 kB - pacemaker-doc-1.1.14-8.AXS4.2.i686.rpm
MD5: 0ea54c8a9eb2d144ea94c9d80688a830
SHA-256: 1c780a62ff64914a0977b8539d8636935874e36f13266b21eec4c1fbdcff9bf1
Size: 62.30 kB - pacemaker-libs-1.1.14-8.AXS4.2.i686.rpm
MD5: 987c271d5c697d3a99a42564417a5095
SHA-256: b70952d46607831ef821968964f7392b7427ab63f74513ad2a667b38a08fed46
Size: 462.31 kB - pacemaker-libs-devel-1.1.14-8.AXS4.2.i686.rpm
MD5: 2d62bed2a8a7b90ad330cce646a4b7cb
SHA-256: 76b68a85caa9c6c1ba9557ea57a656092789bf3c75a8ccedae58bb5706a3647b
Size: 1.68 MB
Asianux Server 4 for x86_64
- pacemaker-1.1.14-8.AXS4.2.x86_64.rpm
MD5: d962910fc8c73b7580399dc307b3db8c
SHA-256: 58f63098a7928d7b679472261bd2039322695651a9288d8e6f64586ff53e29fd
Size: 459.96 kB - pacemaker-cli-1.1.14-8.AXS4.2.x86_64.rpm
MD5: 0a89b254c3ad50af29a41571802079d3
SHA-256: c5e57177d7177b3aa1c430c13f7796c3addcb5d2e6bcf3e4da28d100521ddee1
Size: 229.60 kB - pacemaker-cluster-libs-1.1.14-8.AXS4.2.x86_64.rpm
MD5: b0f739713992f4d50b53a7463781f9bc
SHA-256: 1ff573f84f8367820854776c198d310501929475e0c7b63c98128ea27beccad6
Size: 82.79 kB - pacemaker-cts-1.1.14-8.AXS4.2.x86_64.rpm
MD5: ae7ca191b9270e61ec0b1eaccd0d221f
SHA-256: 705c97a8026d224708413822c8de3ce74db4bec420110ed08d67af17e651da19
Size: 218.41 kB - pacemaker-doc-1.1.14-8.AXS4.2.x86_64.rpm
MD5: f1e3e7d0ad6ee7e5f84f2699c668a762
SHA-256: 95ce6996ff73662ab96270ffed086a0083fbb5016670f8fafaeeb69494095048
Size: 61.85 kB - pacemaker-libs-1.1.14-8.AXS4.2.x86_64.rpm
MD5: 4c14947bdcab3276d2ee0be6023c97ce
SHA-256: 84e723aee0c426a069b204c0e217f3803ce093993bde8c06e98b8a5feccfb259
Size: 476.90 kB - pacemaker-libs-devel-1.1.14-8.AXS4.2.x86_64.rpm
MD5: 6b82b094b8251c2fe74ff3763003e63b
SHA-256: d3edc1f2d4479241237e2953df0ca269538a198b2295c47f2b50b96ddd724956
Size: 1.68 MB - pacemaker-cluster-libs-1.1.14-8.AXS4.2.i686.rpm
MD5: 1e9826e95fc62ca0b4120b8f156a683d
SHA-256: cda66d350b9145fb8880a2f2a985e25b2454e3a8715cec64e3afadae29cdcd4d
Size: 81.67 kB - pacemaker-libs-1.1.14-8.AXS4.2.i686.rpm
MD5: 987c271d5c697d3a99a42564417a5095
SHA-256: b70952d46607831ef821968964f7392b7427ab63f74513ad2a667b38a08fed46
Size: 462.31 kB - pacemaker-libs-devel-1.1.14-8.AXS4.2.i686.rpm
MD5: 2d62bed2a8a7b90ad330cce646a4b7cb
SHA-256: 76b68a85caa9c6c1ba9557ea57a656092789bf3c75a8ccedae58bb5706a3647b
Size: 1.68 MB