[ALSA-2023:2652] Important: pcs security and bug fix update
Release date:
The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fix(es): * pcs: webpack: Regression of CVE-2023-28154 fixes in the AlmaLinux (CVE-2023-2319) * rubygem-rack: Denial of service in Multipart MIME parsing (CVE-2023-27530) * rubygem-rack: denial of service in header parsing (CVE-2023-27539) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Command 'pcs config checkpoint diff' does not show configuration differences between checkpoints (BZ#2180697) * Need a way to add a scsi fencing device to a cluster without requiring a restart of all cluster resources (BZ#2180704) * [WebUI] fence levels prevent loading of cluster status (BZ#2183180)
Updated packages listed below:
Architecture Package Checksum
aarch64 pcs-snmp-0.11.4-7.el9_2.aarch64.rpm 752b418fead18c891fcd70e11fd272f0133743c3e07443445b19712cde7fd174
aarch64 pcs-0.11.4-7.el9_2.aarch64.rpm b76f1fd2c78f7411cf70da4a8445e4dfdafe6e3a8ff442f15e832e1101e742aa
ppc64le pcs-snmp-0.11.4-7.el9_2.ppc64le.rpm 4a34a5c7362a0cf6312570c2ce689a8c53d1da659af7cb044684d24007919428
ppc64le pcs-0.11.4-7.el9_2.ppc64le.rpm e53cff54b0165d27c57618e1eaa1d742765f9dd7261349270e5174277e4086c8
s390x pcs-0.11.4-7.el9_2.s390x.rpm 3f23ad2d53078bf0db324df4c142a8cf0e61e975ea344898431e455ad219f963
s390x pcs-snmp-0.11.4-7.el9_2.s390x.rpm e909b66e2717478ee6249830cac935a27be7a68ab6c88e4a2db1d441c1e9eabb
x86_64 pcs-snmp-0.11.4-7.el9_2.x86_64.rpm 6ef9a5fa4ea1d4a5846854257e32b049e58c2c09fa59fae66acda3b73b2e9fbf
x86_64 pcs-0.11.4-7.el9_2.x86_64.rpm e5721798376dead763c4c633dcf5973b86ff4a0d45b1ee6fa525d8456467dc71
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.