| Revision Date: | 2019-04-26 | Version: | 1 |
| Title: | Security update for pacemaker (Important) |
| Description: |
This update for pacemaker fixes the following issues:
Security issues fixed:
- CVE-2019-3885: Fixed an information disclosure in log output. (bsc#1131357) - CVE-2018-16877: Fixed a local privilege escalation through insufficient IPC client-server authentication. (bsc#1131356) - CVE-2018-16878: Fixed a denial of service through insufficient verification inflicted preference of uncontrolled processes. (bsc#1131353)
Non-security issue fixed:
- scheduler: Respect the order of constraints when relevant resources are being probed. (bsc#1117934, bsc#1128374)
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1117381
1117934
1128374
1128772
1131353
1131356
1131357
CVE-2018-16877
CVE-2018-16878
CVE-2019-3885
SUSE-SU-2019:1047-1
|
| Platform(s): | SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Software Development Kit 12 SP4
| Product(s): | |
| Definition Synopsis |
| Release Information SUSE Linux Enterprise Desktop 12 SP4 is installed
OR SUSE Linux Enterprise Server 12 SP4 is installed
OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
OR SUSE Linux Enterprise Software Development Kit 12 SP4 is installed
AND Package Information
libpacemaker-devel-1.1.19+20181105.ccd6b5b10-3.10.1 is installed
OR pacemaker-cts-1.1.19+20181105.ccd6b5b10-3.10.1 is installed
|