21 matches found
RHSA-2026:2484 Red Hat Security Advisory: pcs security update
Bulletin has no description...
RHSA-2026:2465 Red Hat Security Advisory: pcs security update
Bulletin has no description...
OESA-2025-1905 pcs security update
pcs is a corosync and pacemaker configuration tool. It permits users to easily view, modify and create pacemaker based clusters. Security Fixes: Tornado is a Python web framework and asynchronous networking library. When Tornado's multipart/form-data parser encounters certain errors, it logs a...
booth security update
An update is available for booth. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Booth cluster ticket manager is a component to bridge high availability...
booth security update
An update is available for booth. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Booth cluster ticket manager is a component to bridge high availability...
Important: Red Hat Security Advisory: booth security update
An update for booth is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Important: booth security update
The Booth cluster ticket manager is a component to bridge high availability clusters spanning multiple sites, in particular, to provide decision inputs to local Pacemaker cluster resource managers. It operates as a distributed consensus-based service, presumably on a separate physical network...
RHEL 8 : booth (RHSA-2024:3657)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3657 advisory. The Booth cluster ticket manager is a component to bridge high availability clusters spanning multiple sites, in particular, to provide decision inpu...
USN-6711-1: CRM shell vulnerability
Vincent Berg discovered that CRM shell incorrectly handled certain commands. An local attacker could possibly use this issue to execute arbitrary code via shell code injection to the crm history commandline...
SUSE CVE-2022-2735
A vulnerability was found in the PCS project. This issue occurs due to incorrect permissions on a Unix socket used for internal communication between PCS daemons. A privilege escalation could happen by obtaining an authentication token for a hacluster user. With the "hacluster" token, this flaw...
pcs: obtaining an authentication token for hacluster user could lead to privilege escalation
A vulnerability was found in the PCS project. This issue occurs due to incorrect permissions on a Unix socket used for internal communication between PCS daemons. A privilege escalation could happen by obtaining an authentication token for a hacluster user. With the "hacluster" token, this flaw...
Moderate: Red Hat Security Advisory: booth security update
An update for booth is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
sos bug fix and enhancement update
The sos package contains a set of utilities that gather information from system hardware, logs, and configuration files. The information can then be used for diagnostic purposes and debugging. Bug Fixes and Enhancements: sos collect fails to get node list from a pacemaker cluster BZ2071695 Tracke...
ALBA-2022:4744 sos bug fix and enhancement update
The sos package contains a set of utilities that gather information from system hardware, logs, and configuration files. The information can then be used for diagnostic purposes and debugging. Bug Fixes and Enhancements: sos collect fails to get node list from a pacemaker cluster BZ2071695 Tracke...
sos bug fix and enhancement update
An update is available for sos. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The sos package contains a set of utilities that gather information from system...
CVE-2010-2496
stonith-ng in pacemaker and cluster-glue passed passwords as commandline parameters, making it possible for local attackers to gain access to passwords of the HA stack and potentially influence its operations. This is fixed in cluster-glue 1.0.6 and newer, and pacemaker 1.1.3 and newer...
Moderate: Red Hat Security Advisory: pacemaker security update
An update for pacemaker is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
Important: Red Hat Security Advisory: pacemaker security update
An update for pacemaker is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
RHEL 6 : pacemaker (RHSA-2016:2675)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2016:2675 advisory. The Pacemaker cluster resource manager is a collection of technologies working together to provide data integrity and the ability to maintain...
pacemaker: pacemaker remote nodes vulnerable to hijacking, resulting in a DoS attack
It was found that the connection between a pacemaker cluster and a pacemakerremote node could be shut down using a new unauthenticated connection. A remote attacker could use this flaw to cause a denial of service...