Lucene search

CentOS ProjectCESA-2016:2578

HistoryNov 25, 2016 - 4:01 p.m.

pacemaker security update

2016-11-2516:01:25

CentOS Project

lists.centos.org

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.023 Low

EPSS

Percentile

89.7%

JSON

CentOS Errata and Security Advisory CESA-2016:2578

The Pacemaker cluster resource manager is a collection of technologies working together to provide data integrity and the ability to maintain application availability in the event of a failure.

The following packages have been upgraded to a newer upstream version: pacemaker (1.1.15). (BZ#1304771)

Security Fix(es):

It was found that the connection between a pacemaker cluster and a pacemaker_remote node could be shut down using a new unauthenticated connection. A remote attacker could use this flaw to cause a denial of service. (CVE-2016-7797)

Red Hat would like to thank Alain Moulle (ATOS/BULL) for reporting this issue.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-cr-announce/2016-November/029912.html

Affected packages:
pacemaker
pacemaker-cli
pacemaker-cluster-libs
pacemaker-cts
pacemaker-doc
pacemaker-libs
pacemaker-libs-devel
pacemaker-nagios-plugins-metadata
pacemaker-remote

Upstream details at:
https://access.redhat.com/errata/RHSA-2016:2578

OSVersionArchitecturePackageVersionFilename
CentOS7x86_64pacemaker< 1.1.15-11.el7pacemaker-1.1.15-11.el7.x86_64.rpm
CentOS7x86_64pacemaker-cli< 1.1.15-11.el7pacemaker-cli-1.1.15-11.el7.x86_64.rpm
CentOS7i686pacemaker-cluster-libs< 1.1.15-11.el7pacemaker-cluster-libs-1.1.15-11.el7.i686.rpm
CentOS7x86_64pacemaker-cluster-libs< 1.1.15-11.el7pacemaker-cluster-libs-1.1.15-11.el7.x86_64.rpm
CentOS7x86_64pacemaker-cts< 1.1.15-11.el7pacemaker-cts-1.1.15-11.el7.x86_64.rpm
CentOS7x86_64pacemaker-doc< 1.1.15-11.el7pacemaker-doc-1.1.15-11.el7.x86_64.rpm
CentOS7i686pacemaker-libs< 1.1.15-11.el7pacemaker-libs-1.1.15-11.el7.i686.rpm
CentOS7x86_64pacemaker-libs< 1.1.15-11.el7pacemaker-libs-1.1.15-11.el7.x86_64.rpm
CentOS7i686pacemaker-libs-devel< 1.1.15-11.el7pacemaker-libs-devel-1.1.15-11.el7.i686.rpm
CentOS7x86_64pacemaker-libs-devel< 1.1.15-11.el7pacemaker-libs-devel-1.1.15-11.el7.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
CentOS	7	x86_64	pacemaker	< 1.1.15-11.el7	pacemaker-1.1.15-11.el7.x86_64.rpm
CentOS	7	x86_64	pacemaker-cli	< 1.1.15-11.el7	pacemaker-cli-1.1.15-11.el7.x86_64.rpm
CentOS	7	i686	pacemaker-cluster-libs	< 1.1.15-11.el7	pacemaker-cluster-libs-1.1.15-11.el7.i686.rpm
CentOS	7	x86_64	pacemaker-cluster-libs	< 1.1.15-11.el7	pacemaker-cluster-libs-1.1.15-11.el7.x86_64.rpm
CentOS	7	x86_64	pacemaker-cts	< 1.1.15-11.el7	pacemaker-cts-1.1.15-11.el7.x86_64.rpm
CentOS	7	x86_64	pacemaker-doc	< 1.1.15-11.el7	pacemaker-doc-1.1.15-11.el7.x86_64.rpm
CentOS	7	i686	pacemaker-libs	< 1.1.15-11.el7	pacemaker-libs-1.1.15-11.el7.i686.rpm
CentOS	7	x86_64	pacemaker-libs	< 1.1.15-11.el7	pacemaker-libs-1.1.15-11.el7.x86_64.rpm
CentOS	7	i686	pacemaker-libs-devel	< 1.1.15-11.el7	pacemaker-libs-devel-1.1.15-11.el7.i686.rpm
CentOS	7	x86_64	pacemaker-libs-devel	< 1.1.15-11.el7	pacemaker-libs-devel-1.1.15-11.el7.x86_64.rpm