Lucene search

K
suseSuseSUSE-SU-2018:1130-1
HistoryMay 02, 2018 - 9:10 p.m.

Security update for corosync (important)

2018-05-0221:10:07
lists.opensuse.org
20

EPSS

0.036

Percentile

91.7%

This update for corosync provides the following fixes:

  • CVE-2018-1084: Integer overflow in totemcrypto:authenticate_nss_2_3()
    could lead to command execution (bsc#1089346)
  • Providing an empty uid or gid results in coroparse adding uid 0.
    (bsc#1066585)
  • Fix a problem that was causing corosync memory to increase on ring
    breakup. (bsc#1083030)
  • Fix a problem with configuration file incompatibilities that was causing
    corosync to not work after upgrading from SLE-11-SP4-HA to SLE-12/15-HA.
    (bsc#1083561)