Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2022-10007

Опубликовано: 22 нояб. 2022
Источник: oracle-oval
Платформа: Oracle Linux 9

Описание

ELSA-2022-10007: pcs security update (MODERATE)

[0.11.3-4]

  • Fixed ruby socket permissions
  • Resolves: rhbz#2116841

[0.11.3-3]

  • Fixed booth ticket mode value case insensitive
  • Fixed booth sync check whether /etc/booth exists
  • Resolves: rhbz#2026725 rhbz#2058243

[0.11.3-2]

  • Fixed 'pcs resource restart' traceback
  • Resolves: rhbz#2102663

[0.11.3-1]

  • Rebased to latest upstream sources (see CHANGELOG.md)
  • Updated pcs-web-ui
  • Updated bundled rubygems: rack
  • Resolves: rhbz#2059122 rhbz#2059177 rhbz#2059501 rhbz#2095695 rhbz#2096886 rhbz#2097730 rhbz#2097731 rhbz#2097732 rhbz#2097733 rhbz#2097778

[0.11.2-1]

  • Rebased to latest upstream sources (see CHANGELOG.md)
  • Updated pcs-web-ui
  • Updated bundled rubygems: backports, daemons, ethon ffi, ruby2_keywords, thin
  • Stopped bundling rubygem-rexml (use distribution package instead)
  • Resolves: rhbz#1301204 rhbz#2024522 rhbz#2026725 rhbz#2029844 rhbz#2039884 rhbz#2053177 rhbz#2054671 rhbz#2058243 rhbz#2058246 rhbz#2058247 rhbz#2058251 rhbz#2058252 rhbz#2059142 rhbz#2059145 rhbz#2059148 rhbz#2059149 rhbz#2059501 rhbz#2064818 rhbz#2068457 rhbz#2076585

[0.11.1-11]

  • Updated bundled rubygems: sinatra, rack-protection
  • Resolves: rhbz#2081334

Обновленные пакеты

Oracle Linux 9

Oracle Linux aarch64

pcs

0.11.3-4.el9

pcs-snmp

0.11.3-4.el9

Oracle Linux x86_64

pcs

0.11.3-4.el9

pcs-snmp

0.11.3-4.el9

Связанные CVE

CVE-2022-1049

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2022-1049

CVSS3: 8.8
ubuntu
больше 3 лет назад

A flaw was found in the Pacemaker configuration tool (pcs). The pcs daemon was allowing expired accounts, and accounts with expired passwords to login when using PAM authentication. Therefore, unprivileged expired accounts that have been denied access could still login.

redhat логотип

CVE-2022-1049

CVSS3: 6.3
redhat
больше 3 лет назад

A flaw was found in the Pacemaker configuration tool (pcs). The pcs daemon was allowing expired accounts, and accounts with expired passwords to login when using PAM authentication. Therefore, unprivileged expired accounts that have been denied access could still login.

nvd логотип

CVE-2022-1049

CVSS3: 8.8
nvd
больше 3 лет назад

A flaw was found in the Pacemaker configuration tool (pcs). The pcs daemon was allowing expired accounts, and accounts with expired passwords to login when using PAM authentication. Therefore, unprivileged expired accounts that have been denied access could still login.

debian логотип

CVE-2022-1049

CVSS3: 8.8
debian
больше 3 лет назад

A flaw was found in the Pacemaker configuration tool (pcs). The pcs da ...

github логотип

GHSA-hhh9-rwf2-2pp5

CVSS3: 8.8
github
больше 3 лет назад

A flaw was found in the Pacemaker configuration tool (pcs). The pcs daemon was allowing expired accounts, and accounts with expired passwords to login when using PAM authentication. Therefore, unprivileged expired accounts that have been denied access could still login.