ELSA-2024-2953

ELSA-2024-2953 - pcs security update

Type:SECURITY
Severity:MODERATE
Release Date:2024-05-23

Description


[0.10.18-2.0.1]
- Replace HAM-logo.png with a generic one

[0.10.18-2]
- Fixed CVE-2024-25126, CVE-2024-26141, CVE-2024-26146 in bundled dependency rack
Resolves: RHEL-26445, RHEL-26447, RHEL-26449

[0.10.18-1]
- Rebased to the latest sources (see CHANGELOG.md)
Resolves: RHEL-7741

[0.10.17-6]
- Rebased to the latest upstream sources (see CHANGELOG.md)
- Remove the preview of the new pcs web interface
Resolves: RHEL-17280

[0.10.17-5]
- Rebased to the latest upstream sources (see CHANGELOG.md)
Resolves: RHEL-7584, RHEL-7668, RHEL-7729, RHEL-7731, RHEL-7732, RHEL-7741, RHEL-7742, RHEL-7743, RHEL-7745, RHEL-8467
- Tightened permissions of bundled rubygems to be 755 or stricter
Resolves: RHEL-7715

[0.10.17-4]
- No changes, fixed an error in the new quality control process
- Resolves: RHEL-15218

[0.10.17-3]
- No changes, testing a new quality control process
- Resolves: RHEL-15218

[0.10.17-2]
- Make use of filters when extracting tarballs to enhance security if provided by Python (pcs config restore command)
- Do not display duplicate records in commands pcs property [config] --all and pcs property describe
- Resolves: rhbz#2218841 rhbz#2219388

[0.10.17-1]
- Rebased to the latest upstream sources (see CHANGELOG.md)
- Updated bundled rubygems: tilt, puma
- Resolves: rhbz#2112259 rhbz#2163439 rhbz#2166289

[0.10.16-1]
- Rebased to the latest upstream sources (see CHANGELOG.md)
- Updated bundled dependencies: dacite
- Added bundled rubygems: nio4r, puma
- Removed bundled rubygems: daemons, eventmachine, thin
- Updated bundled rubygems: backports, rack, rack-test, tilt
- Resolves: rhbz#1957591 rhbz#2022748 rhbz#2160555 rhbz#2163439 rhbz#2166289 rhbz#2166294 rhbz#2176490 rhbz#2178700 rhbz#2178707 rhbz#2179010 rhbz#2180378 rhbz#2189958

[0.10.15-4]
- Fixed enabling/disabling sbd when cluster is not running
- Added BuildRequires: pam - needed for tier0 tests during build
- Resolves: rhbz#2166243

[0.10.15-3]
- Allow time values in stonith-watchdog-time property
- Resource/stonith agent self-validation of instance attributes is now disabled by default, as many agents do not work with it properly
- Updated bundled rubygems: rack, rack-protection, sinatra
- Added license for ruby2_keywords
- Resolves: rhbz#2158804 rhbz#2159455

[0.10.15-2]
- Added warning when omitting validation of misconfigured resource
- Fixed displaying of bool and integer values in pcs resource config command
- Updated bundled rubygems: ethon, json, rack-protection, sinatra
- Resolves: rhbz#2151166 rhbz#2151511

[0.10.15-1]
- Rebased to latest upstream sources (see CHANGELOG.md)
- Updated Python bundled dependency dateutil
- Resolves: rhbz#2112002 rhbz#2112263 rhbz#2112291 rhbz#2132582

[0.10.14-6]
- Rebased to latest upstream sources (see CHANGELOG.md)
- Updated rubygem bundled packages: mustermann, rack, rack-protection, rack-test, sinatra, tilt
- Resolves: rhbz#1816852 rhbz#1918527 rhbz#2112267 rhbz#2112291

[0.10.14-4]
- Fixed enable sbd from webui
- Resolves: rhbz#2117650

[0.10.14-3]
- Fixed pcs quorum device remove
- Resolves: rhbz#2115326

[0.10.14-2]
- Fixed booth ticket mode value case insensitive
- Fixed booth sync check whether /etc/booth exists
- Resolves: rhbz#1786964 rhbz#1791670

[0.10.14-1]
- Rebased to latest upstream sources (see CHANGELOG.md)
- Updated bundled rubygems: rack
- Resolves: rhbz#2059500 rhbz#2096787 rhbz#2097383 rhbz#2097391 rhbz#2097392 rhbz#2097393

[0.10.13-1]
- Rebased to latest upstream sources (see CHANGELOG.md)
- Updated pcs-web-ui
- Updated bundled rubygems: backports, daemons, ethon ffi, json, ruby2_keywords, thin
- Resolves: rhbz#1730232 rhbz#1786964 rhbz#1791661 rhbz#1791670 rhbz#1874624 rhbz#1909904 rhbz#1950551 rhbz#1954099 rhbz#2019894 rhbz#2023845 rhbz#2059500 rhbz#2064805 rhbz#2068456

[0.10.12-7]
- Updated bundled rubygems: sinatra, rack-protection
- Resolves: rhbz#2081332

[0.10.12-6]
- Fixed processing agents not conforming to OCF schema
- Resolves: rhbz#2050274

[0.10.12-5]
- Fixed snmp client
- Resolves: rhbz#2047983

[0.10.12-4]
- Fixed cluster destroy in web ui
- Fixed covscan issue in web ui
- Resolves: rhbz#1970508

[0.10.12-3]
- Fixed 'pcs resource move --autodelete' command
- Fixed removing of unavailable fence-scsi storage device
- Fixed ocf validation of ocf linbit drdb agent
- Fixed creating empty cib
- Updated pcs-web-ui
- Resolves: rhbz#1990784 rhbz#2022463 rhbz#2032997 rhbz#2036633

[0.10.12-2]
- Fixed rsc update cmd when unable to get agent metadata
- Fixed enabling corosync-qdevice
- Resolves: rhbz#1384485 rhbz#2028902

[0.10.12-1]
- Rebased to latest upstream sources (see CHANGELOG.md)
- Updated pcs-web-ui
- Resolves: rhbz#1552470 rhbz#1997011 rhbz#2017311 rhbz#2017312 rhbz#2024543 rhbz#2012128

[0.10.11-2]
- Rebased to latest upstream sources (see CHANGELOG.md)
- Removed 'export PYTHONCOERCECLOCALE=0'
- Resolves: rhbz#1384485 rhbz#1936833 rhbz#1968088 rhbz#1990784 rhbz#2012128

[0.10.11-1]
- Rebased to latest upstream sources (see CHANGELOG.md)
- Updated pcs-web-ui
- Enabled wui patching
- Resolves: rhbz#1533090 rhbz#1970508 rhbz#1997011 rhbz#2003066 rhbz#2003068 rhbz#2012128

[0.10.10-2]
- Fixed create resources with depth operation attribute
- Resolves: rhbz#1998454

[0.10.10-1]
- Rebased to latest upstream sources (see CHANGELOG.md)
- Updated pcs-web-ui
- Resolves: rhbz#1885293 rhbz#1847102 rhbz#1935594

[0.10.9-1]
- Rebased to latest upstream sources (see CHANGELOG.md)
- Resolves: rhbz#1432097 rhbz#1847102 rhbz#1935594 rhbz#1984901

[0.10.8-4]
- Rebased to latest upstream sources (see CHANGELOG.md)
- Resolves: rhbz#1759995 rhbz#1872378 rhbz#1935594

[0.10.8-3]
- Rebased to latest upstream sources (see CHANGELOG.md)
- Gating changes
- Resolves: rhbz#1678273 rhbz#1690419 rhbz#1750240 rhbz#1759995 rhbz#1872378 rhbz#1909901 rhbz#1935594

[0.10.8-2]
- Rebased to latest upstream sources (see CHANGELOG.md)
- Updated pcs-web-ui
- Resolves: rhbz#1285269 rhbz#1290830 rhbz#1720221 rhbz#1841019 rhbz#1854238 rhbz#1882291 rhbz#1885302 rhbz#1886342 rhbz#1896458 rhbz#1922996 rhbz#1927384 rhbz#1927394 rhbz#1930886 rhbz#1935594

[0.10.8-1]
- Rebased to latest upstream sources (see CHANGELOG.md)
- Updated pcs-web-ui
- Updated python bundled dependencies: dacite, dataclasses
- Resolves: rhbz#1457314 rhbz#1619818 rhbz#1667066 rhbz#1762816 rhbz#1794062 rhbz#1845470 rhbz#1856397 rhbz#1877762 rhbz#1917286

[0.10.7-3]
- Rebased to latest upstream sources (see CHANGELOG.md)
- Add BuildRequires: make
- Resolves: rhbz#1667061 rhbz#1667066 rhbz#1774143 rhbz#1885658

[0.10.7-2]
- Rebased to latest upstream sources (see CHANGELOG.md)
- Changed BuildRequires from git to git-core
- Resolves: rhbz#1869399 rhbz#1885658 rhbz#1896379

[0.10.7-1]
- Rebased to latest upstream sources (see CHANGELOG.md)
- Added python bundled dependency dateutil
- Fixed virtual bundle provides for ember, handelbars, jquery and jquery-ui
- Resolves: rhbz#1222691 rhbz#1741056 rhbz#1851335 rhbz#1862966 rhbz#1869399 rhbz#1873691 rhbz#1875301 rhbz#1883445 rhbz#1885658 rhbz#1885841

[0.10.6-4]
- Fixed invalid CIB error caused by resource and operation defaults with mixed and-or rules
- Updated pcs-web-ui
- Resolves: rhbz#1867516

[0.10.6-3]
- Added Upgrade CIB if user specifies on-fail=demote
- Fixed rpmdiff issue with binary stripping checker
- Fixed removing non-empty tag by removing tagged resource group or clone
- Resolves: rhbz#1843079 rhbz#1857295

[0.10.6-2]
- Added resource and operation defaults that apply to specific resource/operation types
- Added Requires/BuildRequires: python3-pyparsing
- Added Requires: logrotate
- Fixed resource and stonith documentation
- Fixed rubygem licenses
- Fixed update_times()
- Updated rubygem rack to version 2.2.3
- Removed BuildRequires execstack (it is not needed)
- Resolves: rhbz#1805082 rhbz#1817547

[0.10.6-1]
- Rebased to latest upstream sources (see CHANGELOG.md)
- Added python bundled dependencies: dacite, dataclasses
- Added new bundled rubygem ruby2_keywords
- Updated rubygem bundled packages: backports, ethon, ffi, json, mustermann, rack, rack_protection, rack_test, sinatra, tilt
- Updated pcs-web-ui
- Updated test run, only tier0 tests are running during build
- Removed BuildRequires needed for tier1 tests which were removed for build (pacemaker-cli, fence_agents-*, fence_virt, booth-site)
- Resolves: rhbz#1387358 rhbz#1684676 rhbz#1722970 rhbz#1778672 rhbz#1782553 rhbz#1790460 rhbz#1805082 rhbz#1810017 rhbz#1817547 rhbz#1830552 rhbz#1832973 rhbz#1833114 rhbz#1833506 rhbz#1838853 rhbz#1839637

[0.10.4-6]
- Fixed communication between python and ruby daemons
- Resolves: rhbz#1783106

[0.10.4-5]
- Fixed link to sbd man page from sbd enable doc
- Fixed safe-disabling clones, groups, bundles
- Fixed sinatra wrapper performance issue
- Fixed detecting fence history support
- Fixed cookie options
- Updated hint for 'resource create ... master'
- Updated gating tests execution, smoke tests run from upstream sources
- Resolves: rhbz#1750427 rhbz#1781303 rhbz#1783106 rhbz#1793574

[0.10.4-4]
- Fix testsuite for pacemaker-2.0.3-4
- Resolves: rhbz#1792946

[0.10.4-3]
- Added basic resource views in new webUI


Related CVEs


CVE-2024-26141
CVE-2024-25126
CVE-2024-26146

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By AdvisoryChannel Label
Oracle Linux 8 (aarch64) pcs-0.10.18-2.0.1.el8_10.src.rpm2d718ed4c79176d611b4e44af3b14357-ol8_aarch64_addons
pcs-0.10.18-2.0.1.el8_10.aarch64.rpmddae3c1c8e36c1757a1d26e2ada5244a-ol8_aarch64_addons
pcs-snmp-0.10.18-2.0.1.el8_10.aarch64.rpm857e9c3c5d034ee3adf6d6b6e20cd624-ol8_aarch64_addons
Oracle Linux 8 (x86_64) pcs-0.10.18-2.0.1.el8_10.src.rpm2d718ed4c79176d611b4e44af3b14357-ol8_x86_64_addons
pcs-0.10.18-2.0.1.el8_10.x86_64.rpmc9fb5abd1b925046d0b8d6e3bc7be57e-ol8_x86_64_addons
pcs-snmp-0.10.18-2.0.1.el8_10.x86_64.rpm8ddd576d87cfb26986fb6d6913d76e6e-ol8_x86_64_addons



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete