SUSE-SU-2020:3073-1

Описание

This update for pacemaker fixes the following issues:

• executor: restrict certain IPC requests to Pacemaker daemons (CVE-2020-25654, bsc#1177916)
• extra: add vim modelines to agents
• extra: quote shell variables in agent code where appropriate (bsc#1175557)
• extra: remove trailing whitespace from agent code
• extra: update agent boilerplate (copyright/license notices)
• extra: use 4-space indents in resource agent code
• extra: use ':=' where appropriate in agent code
• fencer: restrict certain IPC requests to privileged users (CVE-2020-25654, bsc#1177916)
• move bcond_with/without up front for e.g. pcmk_release
• pacemakerd: ignore shutdown requests from unprivileged users (CVE-2020-25654, bsc#1177916)
• rpm: add spec option for enabling CIB secrets
• rpm: put user-configurable items at top of spec
• rpm: use the user/group ID 90 for haclient/hacluster to be consistent with cluster-glue (bsc#1167171)