ELSA-2023-12595

ELSA-2023-12595 - pcs security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2023-07-20

Description


[0.11.4-7]
- Fix displaying differences between configuration checkpoints in "pcs config checkpoint diff" command
- Fix "pcs stonith update-scsi-devices" command which was broken since Pacemaker-2.1.5-rc1
- Fixed loading of cluster status in the web interface when fencing levels are configured
- Fixed a vulnerability in pcs-web-ui-node-modules
- Updated bundled rubygem rack
- Resolves: rhbz#2179901 rhbz#2180697 rhbz#2180704 rhbz#2180708 rhbz#2180978 rhbz#2183180

[0.11.4-6]
- Fixed broken filtering in create resource/fence device wizards in the web interface
- Added BuildRequires: pam - needed for tier0 tests during build
- Resolves: rhbz#2167471

[0.11.4-5]
- Fixed enabling/disabling sbd when cluster is not running
- Resolves: rhbz#2166249

[0.11.4-4]
- Rebuilt with fixed patches
- Resolves: rhbz#2158790 rhbz#2159454

[0.11.4-3]
- Allow time values in stonith-watchdog-time property
- Resource/stonith agent self-validation of instance attributes is now disabled by default, as many agents do not work with it properly.
- Updated bundled rubygems: rack, rack-protection, sinatra
- Added license for ruby2_keywords
- Resolves: rhbz#2158790 rhbz#2159454

[0.11.4-2]
- Fixed stopping of pcsd service using systemctl stop pcsd command
- Fixed smoke test execution during gating
- Added warning when omitting validation of misconfigured resource
- Fixed displaying of bool and integer values in pcs resource config command
- Updated bundled rubygems: ethon, rack-protection, sinatra
- Resolves: rhbz#2148124 rhbz#2151164 rhbz#2151524

[0.11.4-1]
- Rebased to latest upstream sources (see CHANGELOG.md)
- Updated pcs-web-ui
- Resolves: rhbz#1620043 rhbz#2019464 rhbz#2099653 rhbz#2109633 rhbz#2112293 rhbz#2116295 rhbz#2117600 rhbz#2117601

[0.11.3-5]
- Rebased to latest upstream sources (see CHANGELOG.md)
- Updated pcs-web-ui
- Added bundled rubygem: childprocess
- Removed bundled rubygem: open4
- Updated bundled rubygems: mustermann, rack, rack-protection, rack-test, sinatra, tilt
- Resolves: rhbz#1493416 rhbz#1796827 rhbz#2059147 rhbz#2092950 rhbz#2112079 rhbz#2112270 rhbz#2112293 rhbz#2117599 rhbz#2117601


Related CVEs


CVE-2023-27530
CVE-2023-27539
CVE-2023-2319

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 9 (aarch64) pcs-0.11.4-7.el9_2.src.rpm8ba10c98edbd439652a9240ee13bc22b-
pcs-0.11.4-7.el9_2.aarch64.rpm8063a4991ce672f1ed6876a10bc1cc74-
pcs-snmp-0.11.4-7.el9_2.aarch64.rpm993f42da0fc3fa64625938148f856b2c-
Oracle Linux 9 (x86_64) pcs-0.11.4-7.el9_2.src.rpm8ba10c98edbd439652a9240ee13bc22b-
pcs-0.11.4-7.el9_2.x86_64.rpm0f303b51db3f6cbc9900a3a978c0feec-
pcs-snmp-0.11.4-7.el9_2.x86_64.rpm0834345f76b052a08ad417e6b5a4612a-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete