Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2019:1809-1

Опубликовано: 10 июл. 2019
Источник: suse-cvrf

Описание

Security update for fence-agents

This update for fence-agents version 4.4.0 fixes the following issues:

Security issue fixed:

  • CVE-2019-10153: Fixed a denial of service via guest VM comments (bsc#1137314).

Non-security issue fixed:

  • Added aliyun fence agent (bsc#1139913).

Список пакетов

Image SLES12-SP5-Azure-SAP-BYOS
fence-agents-4.4.0+git.1558595666.5f79f9e9-3.5.1
Image SLES12-SP5-Azure-SAP-On-Demand
fence-agents-4.4.0+git.1558595666.5f79f9e9-3.5.1
Image SLES12-SP5-EC2-SAP-BYOS
fence-agents-4.4.0+git.1558595666.5f79f9e9-3.5.1
Image SLES12-SP5-EC2-SAP-On-Demand
fence-agents-4.4.0+git.1558595666.5f79f9e9-3.5.1
Image SLES12-SP5-GCE-SAP-BYOS
fence-agents-4.4.0+git.1558595666.5f79f9e9-3.5.1
Image SLES12-SP5-GCE-SAP-On-Demand
fence-agents-4.4.0+git.1558595666.5f79f9e9-3.5.1
Image SLES12-SP5-OCI-BYOS-SAP-BYOS
fence-agents-4.4.0+git.1558595666.5f79f9e9-3.5.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
fence-agents-4.4.0+git.1558595666.5f79f9e9-3.5.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
fence-agents-4.4.0+git.1558595666.5f79f9e9-3.5.1
SUSE Linux Enterprise High Availability Extension 12 SP4
fence-agents-4.4.0+git.1558595666.5f79f9e9-3.5.1

Ссылки

Описание

A flaw was discovered in fence-agents, prior to version 4.3.4, where using non-ASCII characters in a guest VM's comment or other fields would cause fence_rhevm to exit with an exception. In cluster environments, this could lead to preventing automated recovery or otherwise denying service to clusters of which that VM is a member.

Затронутые продукты
Image SLES12-SP5-Azure-SAP-BYOS:fence-agents-4.4.0+git.1558595666.5f79f9e9-3.5.1
Image SLES12-SP5-Azure-SAP-On-Demand:fence-agents-4.4.0+git.1558595666.5f79f9e9-3.5.1
Image SLES12-SP5-EC2-SAP-BYOS:fence-agents-4.4.0+git.1558595666.5f79f9e9-3.5.1
Image SLES12-SP5-EC2-SAP-On-Demand:fence-agents-4.4.0+git.1558595666.5f79f9e9-3.5.1
Ссылки