ELSA-2024-2113

ELSA-2024-2113 - pcs security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2024-05-02

Description

[0.11.7-2]
- Fixed CVE-2024-25126, CVE-2024-26141, CVE-2024-26146 in bundled dependency rack
Resolves: RHEL-26446, RHEL-26448, RHEL-26450

[0.11.7-1]
- Rebased to the latest sources (see CHANGELOG.md)
Resolves: RHEL-7740

[0.11.6-6]
- Rebased to the latest upstream sources (see CHANGELOG.md)
Resolves: RHEL-7582, RHEL-7583, RHEL-7669, RHEL-7672, RHEL-7697, RHEL-7698, RHEL-7700, RHEL-7703, RHEL-7719, RHEL-7725, RHEL-7730, RHEL-7738, RHEL-7739, RHEL-7740, RHEL-7744, RHEL-7746
- TLS cipher setting in pcsd now follows system-wide crypto policies by default
Resolves: RHEL-7724
- Tightened permissions of bundled rubygems to be 755 or stricter
Resolves: RHEL-7716

[0.11.6-5]
- No changes, fixing an error in a new quality control process
- Resolves: RHEL-15217

[0.11.6-4]
- No changes, testing a new quality control process
- Resolves: RHEL-15217

Related CVEs

CVE-2024-26146

CVE-2024-25126

CVE-2024-26141

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label
Oracle Linux 9 (aarch64)	pcs-0.11.7-2.el9_4.src.rpm	9fab33cef74d9045885d622106b8352e2e3107e4124351e9d4641985e9e86c84	-	ol9_aarch64_addons
	pcs-0.11.7-2.el9_4.aarch64.rpm	edda3bc7e4caa420695ad325dae529a149e73d3f75a9c50ec055e29814e91395	-	ol9_aarch64_addons
	pcs-snmp-0.11.7-2.el9_4.aarch64.rpm	698156ebb6083d08a1d030ffe4845f0683df4712ef173113de88158bd0b07ea5	-	ol9_aarch64_addons
Oracle Linux 9 (x86_64)	pcs-0.11.7-2.el9_4.src.rpm	9fab33cef74d9045885d622106b8352e2e3107e4124351e9d4641985e9e86c84	-	ol9_x86_64_addons
	pcs-0.11.7-2.el9_4.x86_64.rpm	ab61abf71015d6be625760e01bfc8b2c1de1a7d01f2940a9ecb24f26771c8266	-	ol9_x86_64_addons
	pcs-snmp-0.11.7-2.el9_4.x86_64.rpm	2473cddb91b38fe534d89322ba8039714c784facd401a111e5d28fc468f73f06	-	ol9_x86_64_addons

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team