fence security update

CentOS Errata and Security Advisory CESA-2019:2037

The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster.

Security Fix(es):

• fence-agents: mis-handling of non-ASCII characters in guest comment fields (CVE-2019-10153)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-cr-announce/2019-August/032136.html

Affected packages:
fence-agents-aliyun
fence-agents-all
fence-agents-amt-ws
fence-agents-apc
fence-agents-apc-snmp
fence-agents-aws
fence-agents-azure-arm
fence-agents-bladecenter
fence-agents-brocade
fence-agents-cisco-mds
fence-agents-cisco-ucs
fence-agents-common
fence-agents-compute
fence-agents-drac5
fence-agents-eaton-snmp
fence-agents-emerson
fence-agents-eps
fence-agents-gce
fence-agents-heuristics-ping
fence-agents-hpblade
fence-agents-ibmblade
fence-agents-ifmib
fence-agents-ilo-moonshot
fence-agents-ilo-mp
fence-agents-ilo-ssh
fence-agents-ilo2
fence-agents-intelmodular
fence-agents-ipdu
fence-agents-ipmilan
fence-agents-kdump
fence-agents-mpath
fence-agents-redfish
fence-agents-rhevm
fence-agents-rsa
fence-agents-rsb
fence-agents-sbd
fence-agents-scsi
fence-agents-virsh
fence-agents-vmware-rest
fence-agents-vmware-soap
fence-agents-wti

Upstream details at:
https://access.redhat.com/errata/RHSA-2019:2037