Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2022-10031

Опубликовано: 29 нояб. 2022
Источник: oracle-oval
Платформа: Oracle Linux 8

Описание

ELSA-2022-10031: pcs security update (MODERATE)

[0.10.14-5.0.1]

  • Replace HAM-logo.png with a generic one

[0.10.14-5]

  • Fixed ruby socket permissions
  • Resolves: rhbz#2116838

[0.10.14-4]

  • Fixed enable sbd from webui
  • Resolves: rhbz#2117650

[0.10.14-3]

  • Fixed pcs quorum device remove
  • Resolves: rhbz#2115326

[0.10.14-2]

  • Fixed booth ticket mode value case insensitive
  • Fixed booth sync check whether /etc/booth exists
  • Resolves: rhbz#1786964 rhbz#1791670

[0.10.14-1]

  • Rebased to latest upstream sources (see CHANGELOG.md)
  • Updated bundled rubygems: rack
  • Resolves: rhbz#2059500 rhbz#2096787 rhbz#2097383 rhbz#2097391 rhbz#2097392 rhbz#2097393

[0.10.13-1]

  • Rebased to latest upstream sources (see CHANGELOG.md)
  • Updated pcs-web-ui
  • Updated bundled rubygems: backports, daemons, ethon ffi, json, ruby2_keywords, thin
  • Resolves: rhbz#1730232 rhbz#1786964 rhbz#1791661 rhbz#1791670 rhbz#1874624 rhbz#1909904 rhbz#1950551 rhbz#1954099 rhbz#2019894 rhbz#2023845 rhbz#2059500 rhbz#2064805 rhbz#2068456

[0.10.12-7]

  • Updated bundled rubygems: sinatra, rack-protection
  • Resolves: rhbz#2081332

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

pcs

0.10.14-5.0.1.el8

pcs-snmp

0.10.14-5.0.1.el8

Oracle Linux x86_64

pcs

0.10.14-5.0.1.el8

pcs-snmp

0.10.14-5.0.1.el8

Связанные CVE

CVE-2022-1049

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2022-1049

CVSS3: 8.8
ubuntu
больше 3 лет назад

A flaw was found in the Pacemaker configuration tool (pcs). The pcs daemon was allowing expired accounts, and accounts with expired passwords to login when using PAM authentication. Therefore, unprivileged expired accounts that have been denied access could still login.

redhat логотип

CVE-2022-1049

CVSS3: 6.3
redhat
больше 3 лет назад

A flaw was found in the Pacemaker configuration tool (pcs). The pcs daemon was allowing expired accounts, and accounts with expired passwords to login when using PAM authentication. Therefore, unprivileged expired accounts that have been denied access could still login.

nvd логотип

CVE-2022-1049

CVSS3: 8.8
nvd
больше 3 лет назад

A flaw was found in the Pacemaker configuration tool (pcs). The pcs daemon was allowing expired accounts, and accounts with expired passwords to login when using PAM authentication. Therefore, unprivileged expired accounts that have been denied access could still login.

debian логотип

CVE-2022-1049

CVSS3: 8.8
debian
больше 3 лет назад

A flaw was found in the Pacemaker configuration tool (pcs). The pcs da ...

github логотип

GHSA-hhh9-rwf2-2pp5

CVSS3: 8.8
github
больше 3 лет назад

A flaw was found in the Pacemaker configuration tool (pcs). The pcs daemon was allowing expired accounts, and accounts with expired passwords to login when using PAM authentication. Therefore, unprivileged expired accounts that have been denied access could still login.