This update for keepalived to version 2.0.10 fixes the following issues:
Security issues fixed (bsc#1015141):
- CVE-2018-19044: Fixed a check for pathnames with symlinks when writing
data to a temporary file upon a call to PrintData or PrintStats
- CVE-2018-19045: Fixed mode when creating new temporary files upon a call
to PrintData or PrintStats
- CVE-2018-19046: Fixed a check for existing plain files when writing data
to a temporary file upon a call to PrintData or PrintStats
Non-security issues fixed:
- Replace references to /var/adm/fillup-templates with new %_fillupdir
macro (boo#1069468)
- Use getaddrinfo instead of gethostbyname to workaround glibc
gethostbyname function buffer overflow (bsc#949238)
For the full list of changes refer to:
<a href=“http://www.keepalived.org/changelog.html”>http://www.keepalived.org/changelog.html</a>