Описание
ELSA-2022-7343: pcs security update (IMPORTANT)
[0.9.169-3.0.1]
- replace logo pcsd/public/favicon.ico in tarball
- remove Source1 HAM-logo.png
[0.9.169-3.el7_3.2]
- Update rubygem rack
- Upgrade jquery in web-ui
- Resolves: rhbz#2099578 rhbz#2093232
[0.9.169-3.el7_3.1]
- Explicitly close libcurl connections to prevent stalled TCP connections in CLOSE-WAIT state
- Added support for loading DH keys from a file
- Resolves: rhbz#1870551 rhbz#1888479
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
pcs
0.9.169-3.0.1.el7_9.3
pcs-snmp
0.9.169-3.0.1.el7_9.3
Oracle Linux x86_64
pcs
0.9.169-3.0.1.el7_9.3
pcs-snmp
0.9.169-3.0.1.el7_9.3
Связанные CVE
Связанные уязвимости
A sequence injection vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 which could allow is a possible shell escape in the Lint and CommonLogger components of Rack.
A sequence injection vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 which could allow is a possible shell escape in the Lint and CommonLogger components of Rack.
A sequence injection vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 which could allow is a possible shell escape in the Lint and CommonLogger components of Rack.
A sequence injection vulnerability exists in Rack <2.0.9.1, <2.1.4.1 a ...
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.