It was discovered that an update for PCS package in RHBA-2023:2151 erratum released as part of Red Hat Enterprise Linux 9.2 failed to include the fix for the Webpack issue CVE-2023-28154 (for PCS package), which was previously addressed in Red Hat Enterprise Linux 9.1 via erratum RHSA-2023:1591. The CVE-2023-2319 was assigned to that Red Hat specific security regression in Red Hat Enterprise Linux 9.2.
CPE | Name | Operator | Version |
---|---|---|---|
pcs | eq | 0.11.4-6.el9 | |
enterprise_linux_high_availability | eq | 9.0 | |
enterprise_linux_high_availability_eus | eq | 9.2 |