Oval Definition:	oval:com.redhat.rhsa:def:20162675
Revision Date: 2016-11-08 Version: 635 Title: RHSA-2016:2675: pacemaker security update (Important) Description: The Pacemaker cluster resource manager is a collection of technologies working together to provide data integrity and the ability to maintain application availability in the event of a failure. Security Fix(es): An authorization flaw was found in Pacemaker, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain root access on the machine. (CVE-2016-7035) This issue was discovered by Jan "poki" Pokorny (Red Hat) and Alain Moulle (ATOS/BULL). Family: unix Class: patch Status: Reference(s): CVE-2016-7035 RHSA-2016:2675 RHSA-2016:2675-00 RHSA-2016:2675-01 RHSA-2016:2675-01 Platform(s): Red Hat Enterprise Linux 6 Product(s): Definition Synopsis Red Hat Enterprise Linux must be installed OR Package Information Red Hat Enterprise Linux 6 is installed AND pacemaker is earlier than 0:1.1.14-8.el6_8.2 AND pacemaker is signed with Red Hat redhatrelease2 key pacemaker-cli is earlier than 0:1.1.14-8.el6_8.2 AND pacemaker-cli is signed with Red Hat redhatrelease2 key pacemaker-cluster-libs is earlier than 0:1.1.14-8.el6_8.2 AND pacemaker-cluster-libs is signed with Red Hat redhatrelease2 key pacemaker-cts is earlier than 0:1.1.14-8.el6_8.2 AND pacemaker-cts is signed with Red Hat redhatrelease2 key pacemaker-doc is earlier than 0:1.1.14-8.el6_8.2 AND pacemaker-doc is signed with Red Hat redhatrelease2 key pacemaker-libs is earlier than 0:1.1.14-8.el6_8.2 AND pacemaker-libs is signed with Red Hat redhatrelease2 key pacemaker-libs-devel is earlier than 0:1.1.14-8.el6_8.2 AND pacemaker-libs-devel is signed with Red Hat redhatrelease2 key pacemaker-remote is earlier than 0:1.1.14-8.el6_8.2 AND pacemaker-remote is signed with Red Hat redhatrelease2 key
BACK