ELSA-2018-1060
- ULN >
- Oracle Linux Errata repository >
- ELSA-2018-1060
ELSA-2018-1060 - pcs security update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2018-04-30 |
Description
[0.9.162-5.0.3.el7_5.1]
- Unlike RHEL we DO have corosync/pacemaker for aarch64 on EL7
- replace logo pcsd/public/favicon.ico in tarball
- remove Source1 HAM-logo.png
[0.9.162-5.el7_5.1]
- Fixed CVE-2018-1086 pcs: Debug parameter removal bypass, allowing information disclosure
- Fixed CVE-2018-1079 pcs: Privilege escalation via authorized user malicious REST call
- Fixed CVE-2018-1000119 rack-protection: Timing attack in authenticity_token.rb
- Resolves: rhbz#1557253
Related CVEs
| CVE-2018-1000119 |
| CVE-2018-1086 |
| CVE-2018-1079 |
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 7 (x86_64) | pcs-0.9.162-5.0.3.el7_5.1.src.rpm | 7a0a928af5bd7bc453083f490e6f56493c3c39ed14c62b44dff46a872f832518 | ELSA-2022-7343 | ol7_x86_64_latest |
| pcs-0.9.162-5.0.3.el7_5.1.src.rpm | 7a0a928af5bd7bc453083f490e6f56493c3c39ed14c62b44dff46a872f832518 | ELSA-2022-7343 | ol7_x86_64_u5_patch | |
| pcs-0.9.162-5.0.3.el7_5.1.x86_64.rpm | d3f72ba473e327d94f5bc5cdd01cb60de1a7b8fe1929b47b5cee75d35fe79c65 | ELSA-2022-7343 | ol7_x86_64_latest | |
| pcs-0.9.162-5.0.3.el7_5.1.x86_64.rpm | d3f72ba473e327d94f5bc5cdd01cb60de1a7b8fe1929b47b5cee75d35fe79c65 | ELSA-2022-7343 | ol7_x86_64_u5_patch | |
| pcs-snmp-0.9.162-5.0.3.el7_5.1.x86_64.rpm | 403ff56c26c0ae086f7c4a1b61dfd01d58ceb945bb2c04772db15b15ad0679d8 | ELSA-2022-7343 | ol7_x86_64_latest | |
| pcs-snmp-0.9.162-5.0.3.el7_5.1.x86_64.rpm | 403ff56c26c0ae086f7c4a1b61dfd01d58ceb945bb2c04772db15b15ad0679d8 | ELSA-2022-7343 | ol7_x86_64_u5_patch | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
