Moderate: Red Hat Security Advisory: pacemaker security update

An update for pacemaker is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

pacemaker: ACL restrictions bypass

An ACL bypass flaw was found in Pacemaker. This flaw allows an attacker with a local account on the cluster and in the haclient group to use IPC communication with various daemons to directly perform certain tasks that would be prevented if they had gone through configured ACLs. The highest threa...

Moderate: Red Hat Security Advisory: pacemaker security update

An update for pacemaker is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

Scientific Linux Security Update : pacemaker on SL7.x i686/x86_64 (2020:5453)

The remote Scientific Linux 7 host has packages installed that are affected by a vulnerability as referenced in the SLSA-2020:5453-1 advisory. - pacemaker: ACL restrictions bypass CVE-2020-25654 Note that Nessus has not tested for this issue but has instead relied only on the application's...

RHEL 8 : pacemaker (RHSA-2020:5423)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:5423 advisory. The Pacemaker cluster resource manager is a collection of technologies working together to maintain data integrity and application availability in th...

Fedora 32 : pacemaker (2020-2cbe0089e2)

Wed Nov 18 2020 Klaus Wenninger - 2.0.5-0.7.rc3 - a little more syncing with upstream spec-file - Tue Nov 17 2020 Klaus Wenninger - 2.0.5-0.6.rc3 - Update for new upstream tarball for release candidate: Pacemaker-2.0.5-rc3 for full details, see included ChangeLog file or...

Fedora 33 : pacemaker (2020-3d0e38b9e7)

Wed Nov 18 2020 Klaus Wenninger - 2.0.5-0.7.rc3 - a little more syncing with upstream spec-file Tue Nov 17 2020 Klaus Wenninger - 2.0.5-0.6.rc3 - Update for new upstream tarball for release candidate: Pacemaker-2.0.5-rc3 for full details, see included ChangeLog file or...

[SECURITY] Fedora 33 Update: pacemaker-2.0.5-0.7.rc3.fc33

Pacemaker is an advanced, scalable High-Availability cluster resource manager. It supports more than 16 node clusters with significant capabilities for managing resources and dependencies. It will run scripts at initialization, when machines go up or down, when related resources fail and can be...

[SECURITY] Fedora 32 Update: pacemaker-2.0.5-0.7.rc3.fc32

Pacemaker is an advanced, scalable High-Availability cluster resource manager. It supports more than 16 node clusters with significant capabilities for managing resources and dependencies. It will run scripts at initialization, when machines go up or down, when related resources fail and can be...

Fedora: Security Advisory for pacemaker (FEDORA-2020-2cbe0089e2)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for pacemaker (FEDORA-2020-3d0e38b9e7)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2020-25654

An ACL bypass flaw was found in pacemaker. An attacker having a local account on the cluster and in the haclient group could use IPC communication with various daemons directly to perform certain tasks that they would be prevented by ACLs from doing if they went through the configuration...

CVE-2020-25654

An ACL bypass flaw was found in pacemaker. An attacker having a local account on the cluster and in the haclient group could use IPC communication with various daemons directly to perform certain tasks that they would be prevented by ACLs from doing if they went through the configuration...

DEBIAN-CVE-2020-25654

An ACL bypass flaw was found in pacemaker. An attacker having a local account on the cluster and in the haclient group could use IPC communication with various daemons directly to perform certain tasks that they would be prevented by ACLs from doing if they went through the configuration...

Design/Logic Flaw

An ACL bypass flaw was found in pacemaker. An attacker having a local account on the cluster and in the haclient group could use IPC communication with various daemons directly to perform certain tasks that they would be prevented by ACLs from doing if they went through the configuration...

CVE-2020-25654

CVE-2020-25654 affects Pacemaker: an ACL bypass flaw where a local attacker in the haclient group can use IPC to communicate with various daemons and perform tasks disallowed by ACLs. Documented impact includes potential bypass of ACL restrictions via IPC instead of configuration. Multiple adviso...

CVE-2020-25654

An ACL bypass flaw was found in pacemaker. An attacker having a local account on the cluster and in the haclient group could use IPC communication with various daemons directly to perform certain tasks that they would be prevented by ACLs from doing if they went through the configuration...

CVE-2020-25654

An ACL bypass flaw was found in pacemaker. An attacker having a local account on the cluster and in the haclient group could use IPC communication with various daemons directly to perform certain tasks that they would be prevented by ACLs from doing if they went through the configuration...

resource security update

CentOS Errata and Security Advisory CESA-2020:5004 An update for resource-agents is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

[SECURITY] [DLA 2447-2] pacemaker regression update

Debian LTS Advisory DLA-2447-2 [email protected] https://www.debian.org/lts/security/ Markus Koschany November 17, 2020 https://wiki.debian.org/LTS Package : pacemaker Version : 1.1.16-1+deb9u2 Debian Bug : 974563 The update of pacemaker released as DLA-2447-1 caused a regression when t...