Lucene search

K
suseSuseOPENSUSE-SU-2016:2965-1
HistoryDec 01, 2016 - 6:13 p.m.

Security update for pacemaker (important)

2016-12-0118:13:18
lists.opensuse.org
19

0.023 Low

EPSS

Percentile

89.7%

This update for pacemaker fixes the following issues:

Security issues fixed:

  • CVE-2016-7797: Notify other clients of a new connection only if the
    handshake has completed (bsc#967388, bsc#1002767).
  • CVE-2016-7035: Fixed improper IPC guarding in pacemaker (bsc#1007433).

Bug fixes:

  • bsc#1003565: crmd: Record pending operations in the CIB before they are
    performed
  • bsc#1000743: pengine: Do not fence a maintenance node if it shuts down
    cleanly
  • bsc#987348: ping: Avoid temporary files for fping check
  • bsc#986644: libcrmcommon: report errors consistently when waiting for
    data on connection
  • bsc#986644: remote: Correctly calculate the remaining timeouts when
    receiving messages

This update was imported from the SUSE:SLE-12-SP2:Update update project.