 
| Subject: | |
| From: | |
| Reply To: | |
| Date: | Tue, 8 Nov 2016 21:20:09 -0000 |
| Content-Type: | text/plain |
| Parts/Attachments: |
|
|
Synopsis: Important: pacemaker security update
Advisory ID: SLSA-2016:2675-1
Issue Date: 2016-11-08
CVE Numbers: CVE-2016-7035
--
Security Fix(es):
* An authorization flaw was found in Pacemaker, where it did not properly
guard its IPC interface. An attacker with an unprivileged account on a
Pacemaker node could use this flaw to, for example, force the Local
Resource Manager daemon to execute a script as root and thereby gain root
access on the machine. (CVE-2016-7035)
This issue was discovered by Jan "poki" Pokorny (Red Hat) and Alain Moulle
(ATOS/BULL).
--
SL6
x86_64
pacemaker-1.1.14-8.el6_8.2.x86_64.rpm
pacemaker-cli-1.1.14-8.el6_8.2.x86_64.rpm
pacemaker-cluster-libs-1.1.14-8.el6_8.2.i686.rpm
pacemaker-cluster-libs-1.1.14-8.el6_8.2.x86_64.rpm
pacemaker-cts-1.1.14-8.el6_8.2.x86_64.rpm
pacemaker-debuginfo-1.1.14-8.el6_8.2.i686.rpm
pacemaker-debuginfo-1.1.14-8.el6_8.2.x86_64.rpm
pacemaker-doc-1.1.14-8.el6_8.2.x86_64.rpm
pacemaker-libs-1.1.14-8.el6_8.2.i686.rpm
pacemaker-libs-1.1.14-8.el6_8.2.x86_64.rpm
pacemaker-libs-devel-1.1.14-8.el6_8.2.i686.rpm
pacemaker-libs-devel-1.1.14-8.el6_8.2.x86_64.rpm
pacemaker-remote-1.1.14-8.el6_8.2.x86_64.rpm
i386
pacemaker-1.1.14-8.el6_8.2.i686.rpm
pacemaker-cli-1.1.14-8.el6_8.2.i686.rpm
pacemaker-cluster-libs-1.1.14-8.el6_8.2.i686.rpm
pacemaker-cts-1.1.14-8.el6_8.2.i686.rpm
pacemaker-debuginfo-1.1.14-8.el6_8.2.i686.rpm
pacemaker-doc-1.1.14-8.el6_8.2.i686.rpm
pacemaker-libs-1.1.14-8.el6_8.2.i686.rpm
pacemaker-libs-devel-1.1.14-8.el6_8.2.i686.rpm
pacemaker-remote-1.1.14-8.el6_8.2.i686.rpm
- Scientific Linux Development Team
|
|
|
