Oval Definition:oval:com.redhat.rhsa:def:20191278
Revision Date:2019-05-27Version:635
Title:RHSA-2019:1278: pacemaker security update (Important)
Description:The Pacemaker cluster resource manager is a collection of technologies working together to maintain data integrity and application availability in the event of failures.

Security Fix(es):

  • pacemaker: Insufficient local IPC client-server authentication on the client's side can lead to local privesc (CVE-2018-16877)

  • pacemaker: Insufficient verification inflicted preference of uncontrolled processes can lead to DoS (CVE-2018-16878)

  • pacemaker: Information disclosure through use-after-free (CVE-2019-3885)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
  • Family:unixClass:patch
    Status:Reference(s):CVE-2018-16877
    CVE-2018-16878
    CVE-2019-3885
    RHSA-2019:1278
    RHSA-2019:1278-01
    Platform(s):Red Hat Enterprise Linux 7
    Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 7 is installed
  • AND
  • pacemaker is earlier than 0:1.1.19-8.el7_6.5
  • AND pacemaker is signed with Red Hat redhatrelease2 key
  • pacemaker-cli is earlier than 0:1.1.19-8.el7_6.5
  • AND pacemaker-cli is signed with Red Hat redhatrelease2 key
  • pacemaker-cluster-libs is earlier than 0:1.1.19-8.el7_6.5
  • AND pacemaker-cluster-libs is signed with Red Hat redhatrelease2 key
  • pacemaker-cts is earlier than 0:1.1.19-8.el7_6.5
  • AND pacemaker-cts is signed with Red Hat redhatrelease2 key
  • pacemaker-doc is earlier than 0:1.1.19-8.el7_6.5
  • AND pacemaker-doc is signed with Red Hat redhatrelease2 key
  • pacemaker-libs is earlier than 0:1.1.19-8.el7_6.5
  • AND pacemaker-libs is signed with Red Hat redhatrelease2 key
  • pacemaker-libs-devel is earlier than 0:1.1.19-8.el7_6.5
  • AND pacemaker-libs-devel is signed with Red Hat redhatrelease2 key
  • pacemaker-nagios-plugins-metadata is earlier than 0:1.1.19-8.el7_6.5
  • AND pacemaker-nagios-plugins-metadata is signed with Red Hat redhatrelease2 key
  • pacemaker-remote is earlier than 0:1.1.19-8.el7_6.5
  • AND pacemaker-remote is signed with Red Hat redhatrelease2 key
  • BACK