pacemaker (SL7)

Synopsis: Important: pacemaker security update
Advisory ID: SLSA-2019:1278-1
Issue Date: 2019-05-28
CVE Numbers: None

Security Fix(es):

* pacemaker: Insufficient local IPC client-server authentication on the
client’s side can lead to local privesc (CVE-2018-16877)

* pacemaker: Insufficient verification inflicted preference of uncontrolled
processes can lead to DoS (CVE-2018-16878)

* pacemaker: Information disclosure through use-after-free (CVE-2019-3885)

SL7
x86_64
pacemaker-1.1.19-8.el7_6.5.x86_64.rpm
pacemaker-cli-1.1.19-8.el7_6.5.x86_64.rpm
pacemaker-cluster-libs-1.1.19-8.el7_6.5.i686.rpm
pacemaker-cluster-libs-1.1.19-8.el7_6.5.x86_64.rpm
pacemaker-cts-1.1.19-8.el7_6.5.x86_64.rpm
pacemaker-debuginfo-1.1.19-8.el7_6.5.i686.rpm
pacemaker-debuginfo-1.1.19-8.el7_6.5.x86_64.rpm
pacemaker-doc-1.1.19-8.el7_6.5.x86_64.rpm
pacemaker-libs-1.1.19-8.el7_6.5.i686.rpm
pacemaker-libs-1.1.19-8.el7_6.5.x86_64.rpm
pacemaker-libs-devel-1.1.19-8.el7_6.5.i686.rpm
pacemaker-libs-devel-1.1.19-8.el7_6.5.x86_64.rpm
pacemaker-nagios-plugins-metadata-1.1.19-8.el7_6.5.x86_64.rpm
pacemaker-remote-1.1.19-8.el7_6.5.x86_64.rpm

– Scientific Linux Development Team