Description:
The resource-agents packages provide the Pacemaker and RGManager service managers with a set of scripts. These scripts interface with several services to allow operating in a high-availability (HA) environment.
Security Fix(es):
* urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion (CVE-2025-66418)
* urllib3: urllib3 Streaming API improperly handles highly compressed data (CVE-2025-66471)
* urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API) (CVE-2026-21441)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
| Architecture |
Package |
Checksum |
| ppc64le |
resource-agents-paf-4.9.0-54.el8_10.27.ppc64le.rpm |
d8da07827a9a5cc01b79f691a8d027d476dcff5b5056aeda8ea2d73997ac2224 |
| ppc64le |
resource-agents-4.9.0-54.el8_10.27.ppc64le.rpm |
f7a03737957ef8aed6314bcb216d54f230cb0e10246673f983be7e70aff90258 |
| s390x |
resource-agents-4.9.0-54.el8_10.27.s390x.rpm |
2519338098570d90827157ce0322df4406fa2a939cb6040d1bde7dda6be57a99 |
| s390x |
resource-agents-paf-4.9.0-54.el8_10.27.s390x.rpm |
e090d1bb8a50643c62a5405ca05da2a3d9bd1d841f20c7f9ab41500d7bad0fa6 |
| x86_64 |
resource-agents-gcp-4.9.0-54.el8_10.27.x86_64.rpm |
4e3b79ddd2f94f336e70adbc3f16f82d7fffa1b7b3ae47bee22dc11c3599fe00 |
| x86_64 |
resource-agents-aliyun-4.9.0-54.el8_10.27.x86_64.rpm |
c0bd9dbc9b68259109503ef64767c2383c99d71dda0e008981a481edc51a4762 |
| x86_64 |
resource-agents-paf-4.9.0-54.el8_10.27.x86_64.rpm |
c21c51e4732039ac600631caa3b2c0e62f07cc47b6944ec1f4dc77de8b6dbbf0 |
| x86_64 |
resource-agents-4.9.0-54.el8_10.27.x86_64.rpm |
e48bef6b7239eb01919a830cd05e2fe50f9d7f3f658c3801fbd7dec584d66ce4 |
