Описание
ELSA-2019-2285: keepalived security and bug fix update (MODERATE)
[1.3.5-16]
- Rework previous misc_script/vrrp_script patch (#1667292)
[1.3.5-15]
- Rework previous checker comparison patch (#1715308)
[1.3.5-14]
- Make checker variables non global (#1715308)
[1.3.5-13]
- Fix comparison of checkers on reload (#1715308)
[1.3.5-12]
- Fix build errors (#1678480)
[1.3.5-11]
- Fix problems with health checks & real servers after reload/restart (#1678480)
[1.3.5-10]
- Fix vrrp_script and check_misc scripts of type '</dev/tcp/127.0.0.1/80' (#1667292)
[1.3.5-9]
- Fix improper pathname validation (#1654301)
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
keepalived
1.3.5-16.el7
Oracle Linux x86_64
keepalived
1.3.5-16.el7
Связанные CVE
Связанные уязвимости
keepalived 2.0.8 didn't check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats. This allowed local users to overwrite arbitrary files if fs.protected_symlinks is set to 0, as demonstrated by a symlink from /tmp/keepalived.data or /tmp/keepalived.stats to /etc/passwd.
keepalived 2.0.8 didn't check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats. This allowed local users to overwrite arbitrary files if fs.protected_symlinks is set to 0, as demonstrated by a symlink from /tmp/keepalived.data or /tmp/keepalived.stats to /etc/passwd.
keepalived 2.0.8 didn't check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats. This allowed local users to overwrite arbitrary files if fs.protected_symlinks is set to 0, as demonstrated by a symlink from /tmp/keepalived.data or /tmp/keepalived.stats to /etc/passwd.
keepalived 2.0.8 didn't check for pathnames with symlinks when writing ...
keepalived 2.0.8 didn't check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats. This allowed local users to overwrite arbitrary files if fs.protected_symlinks is set to 0, as demonstrated by a symlink from /tmp/keepalived.data or /tmp/keepalived.stats to /etc/passwd.