OVAL Reference oval:org.opensuse.security:def:96158

Oval Definition:

oval:org.opensuse.security:def:96158

Revision Date:	2020-10-27	Version:	1
Title:	Security update for pacemaker (Important)
Description:	This update for pacemaker fixes the following issues: Update to 2.0.4: - based: use crm_exit to free qb-logging - cibsecret: don't use pssh -q option unless supported - crm_error: use g_free for a proper match - crm_mon: NULL output-pointer when buffer is freed - crm_resource: avoid unnecessary issus with dynamic allocation - crm_ticket: avoid unnecessary issues with dynamic allocation - executor: restrict certain IPC requests to Pacemaker daemons (CVE-2020-25654, bsc#1177916) - fencer: avoid infinite loop if device is removed during operation - fencer: restrict certain IPC requests to privileged users (CVE-2020-25654, bsc#1177916) - libcrmcommon: free basename after setting prgname - libcrmcommon: return ENOMEM directly instead of errno - libpe_status: Modify filtering of inactive resources. - libreplace: closedir when bailing out dir traversal - move bcond_with/without up front for e.g. pcmk_release - pacemakerd: ignore shutdown requests from unprivileged users (CVE-2020-25654, bsc#1177916) - resources: attribute name parameter doesn't have to be unique - rpm: add spec option for enabling CIB secrets - rpm: put user-configurable items at top of spec - rpm: use the user/group ID 90 for haclient/hacluster to be consistent with cluster-glue (bsc#1167171) - scheduler: Add the node name back to bundle instances. - silence some false positives static analysis stumbled over - tools: check resource separately from managing parameter in cibsecret - tools: free IPC memory after closing connection - tools: improve cibsecret help - tools: verify newly created CIB connection is not NULL
Family:	unix	Class:	patch
Status:		Reference(s):	1167171 1173668 1175557 1177916 CVE-2020-25654 SUSE-SU-2020:3054-1
Platform(s):	SUSE Linux Enterprise High Availability 15 SP2 SUSE Linux Enterprise High Performance Computing 15 SP2 SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Storage 7 SUSE Manager Proxy 4.1 SUSE Manager Server 4.1	Product(s):
Definition Synopsis
SUSE Linux Enterprise High Availability 15 SP2 is installed AND Package Information libpacemaker-devel-2.0.4+20200616.2deceaa3a-3.3.1 is installed OR libpacemaker3-2.0.4+20200616.2deceaa3a-3.3.1 is installed OR pacemaker-2.0.4+20200616.2deceaa3a-3.3.1 is installed OR pacemaker-cli-2.0.4+20200616.2deceaa3a-3.3.1 is installed OR pacemaker-cts-2.0.4+20200616.2deceaa3a-3.3.1 is installed OR pacemaker-remote-2.0.4+20200616.2deceaa3a-3.3.1 is installed

BACK