logo
DATABASE RESOURCES PRICING ABOUT US

Security update for pacemaker (important)

Description

An update that solves three vulnerabilities and has one errata is now available. Description: This update for pacemaker fixes the following issues: Security issues fixed: - CVE-2019-3885: Fixed an information disclosure in log output. (bsc#1131357) - CVE-2018-16877: Fixed a local privilege escalation through insufficient IPC client-server authentication. (bsc#1131356) - CVE-2018-16878: Fixed a denial of service through insufficient verification inflicted preference of uncontrolled processes. (bsc#1131353) Non-security issue fixed: - crmd: delete resource from lrmd when appropriate to avoid timeouts with crmsh (bsc#1117381). This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-1400=1


Affected Package


OS OS Version Package Name Package Version
openSUSE Leap 15.0 - openSUSE Leap 15.0 (i586 x86_64):
openSUSE Leap 15.0 - openSUSE Leap 15.0 (i586 x86_64):
openSUSE Leap 15.0 - openSUSE Leap 15.0 (noarch):

Related