Oval Definition:oval:com.redhat.rhsa:def:20181169
Revision Date:2018-04-17Version:636
Title:RHSA-2018:1169: corosync security update (Important)
Description:The corosync packages provide the Corosync Cluster Engine and C APIs for Red Hat Enterprise Linux cluster software.

Security Fix(es):

  • corosync: Integer overflow in exec/totemcrypto.c:authenticate_nss_2_3() function (CVE-2018-1084)

    For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

    Red Hat would like to thank Citrix Security Response Team for reporting this issue.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2018-1084
    RHSA-2018:1169
    RHSA-2018:1169-00
    RHSA-2018:1169-01
    Platform(s):Red Hat Enterprise Linux 7
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 7 is installed
  • AND
  • corosync is earlier than 0:2.4.3-2.el7_5.1
  • AND corosync is signed with Red Hat redhatrelease2 key
  • corosync-qdevice is earlier than 0:2.4.3-2.el7_5.1
  • AND corosync-qdevice is signed with Red Hat redhatrelease2 key
  • corosync-qnetd is earlier than 0:2.4.3-2.el7_5.1
  • AND corosync-qnetd is signed with Red Hat redhatrelease2 key
  • corosynclib is earlier than 0:2.4.3-2.el7_5.1
  • AND corosynclib is signed with Red Hat redhatrelease2 key
  • corosynclib-devel is earlier than 0:2.4.3-2.el7_5.1
  • AND corosynclib-devel is signed with Red Hat redhatrelease2 key
    • BACK