[ALSA-2025:8254] Important: pcs security update
Type:
security
Severity:
important
Release date:
2026-04-09
Description:
The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fix(es): * rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser (CVE-2025-46727) * tornado: Tornado Multipart Form-Data Denial of Service (CVE-2025-47287) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
ppc64le pcs-snmp-0.10.18-2.el8_10.5.alma.1.ppc64le.rpm 21f7526f20b0b5077b94eaa7372c54e52c2e85443485778770fc2e41d51c1282
ppc64le pcs-0.10.18-2.el8_10.5.alma.1.ppc64le.rpm e4445b7daf55df565448613a1be610f4effcf1baca751bca6830054adfc7f161
s390x pcs-snmp-0.10.18-2.el8_10.5.alma.1.s390x.rpm 18c795ddfe0909a49d30f5b91430613d626899f2963e96a85d0e3dd40f0d6cf4
s390x pcs-0.10.18-2.el8_10.5.alma.1.s390x.rpm 8ed29dd3fb6bfd2b7ee14af09ccbc24fa5bb0ad714301a79e6585652344349fa
x86_64 pcs-0.10.18-2.el8_10.5.alma.1.x86_64.rpm 93c0fd7e95b63d22a41d9be879ff12bd901f50c1ae6056cdbaf14d9ec95065e7
x86_64 pcs-snmp-0.10.18-2.el8_10.5.alma.1.x86_64.rpm eac0d10512078833851323dc126b92dd8e5d314242533a4e2d25448b9440ec1f
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.