Oval Definition:oval:com.redhat.rhsa:def:20162578
Revision Date:2016-11-03Version:641
Title:RHSA-2016:2578: pacemaker security, bug fix, and enhancement update (Moderate)
Description:The Pacemaker cluster resource manager is a collection of technologies working together to provide data integrity and the ability to maintain application availability in the event of a failure.

  • The following packages have been upgraded to a newer upstream version: pacemaker (1.1.15). (BZ#1304771)

    Security Fix(es):

  • It was found that the connection between a pacemaker cluster and a pacemaker_remote node could be shut down using a new unauthenticated connection. A remote attacker could use this flaw to cause a denial of service. (CVE-2016-7797)

    Red Hat would like to thank Alain Moulle (ATOS/BULL) for reporting this issue.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2016-7797
    RHSA-2016:2578
    RHSA-2016:2578-01
    RHSA-2016:2578-02
    RHSA-2016:2578-02
    Platform(s):Red Hat Enterprise Linux 7
    Red Hat Enterprise Linux 7 (please do not use for >= RHEL-7.5)
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 7 is installed
  • AND
  • pacemaker is earlier than 0:1.1.15-11.el7
  • AND pacemaker is signed with Red Hat redhatrelease2 key
  • pacemaker-cli is earlier than 0:1.1.15-11.el7
  • AND pacemaker-cli is signed with Red Hat redhatrelease2 key
  • pacemaker-cluster-libs is earlier than 0:1.1.15-11.el7
  • AND pacemaker-cluster-libs is signed with Red Hat redhatrelease2 key
  • pacemaker-cts is earlier than 0:1.1.15-11.el7
  • AND pacemaker-cts is signed with Red Hat redhatrelease2 key
  • pacemaker-doc is earlier than 0:1.1.15-11.el7
  • AND pacemaker-doc is signed with Red Hat redhatrelease2 key
  • pacemaker-libs is earlier than 0:1.1.15-11.el7
  • AND pacemaker-libs is signed with Red Hat redhatrelease2 key
  • pacemaker-libs-devel is earlier than 0:1.1.15-11.el7
  • AND pacemaker-libs-devel is signed with Red Hat redhatrelease2 key
  • pacemaker-nagios-plugins-metadata is earlier than 0:1.1.15-11.el7
  • AND pacemaker-nagios-plugins-metadata is signed with Red Hat redhatrelease2 key
  • pacemaker-remote is earlier than 0:1.1.15-11.el7
  • AND pacemaker-remote is signed with Red Hat redhatrelease2 key
    • Definition Synopsis
  • Release Information
  • Red Hat Enterprise Linux 7 Client is installed
  • OR Red Hat Enterprise Linux 7 Server is installed
  • OR Red Hat Enterprise Linux 7 Workstation is installed
  • OR Red Hat Enterprise Linux 7 ComputeNode is installed
  • AND Package Information
  • pacemaker-cluster-libs is earlier than 0:1.1.15-11.el7
  • AND pacemaker-cluster-libs is signed with Red Hat redhatrelease2 key
  • OR
  • pacemaker-cli is earlier than 0:1.1.15-11.el7
  • AND pacemaker-cli is signed with Red Hat redhatrelease2 key
  • OR
  • pacemaker-nagios-plugins-metadata is earlier than 0:1.1.15-11.el7
  • AND pacemaker-nagios-plugins-metadata is signed with Red Hat redhatrelease2 key
  • OR
  • pacemaker-doc is earlier than 0:1.1.15-11.el7
  • AND pacemaker-doc is signed with Red Hat redhatrelease2 key
  • OR
  • pacemaker-libs-devel is earlier than 0:1.1.15-11.el7
  • AND pacemaker-libs-devel is signed with Red Hat redhatrelease2 key
  • OR
  • pacemaker is earlier than 0:1.1.15-11.el7
  • AND pacemaker is signed with Red Hat redhatrelease2 key
  • OR
  • pacemaker-remote is earlier than 0:1.1.15-11.el7
  • AND pacemaker-remote is signed with Red Hat redhatrelease2 key
  • OR
  • pacemaker-cts is earlier than 0:1.1.15-11.el7
  • AND pacemaker-cts is signed with Red Hat redhatrelease2 key
  • OR
  • pacemaker-libs is earlier than 0:1.1.15-11.el7
  • AND pacemaker-libs is signed with Red Hat redhatrelease2 key
    • BACK