ALSA-2024:2113

[ALSA-2024:2113] Moderate: pcs security update

Type:

security

Severity:

moderate

Release date:

2024-05-07

Description:

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.

Security Fix(es):

* rubygem-rack: Denial of Service Vulnerability in Rack Content-Type Parsing (CVE-2024-25126)
* rubygem-rack: Possible DoS Vulnerability with Range Header in Rack (CVE-2024-26141)
* rubygem-rack: Possible Denial of Service Vulnerability in Rack Header Parsing (CVE-2024-26146)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	pcs-0.11.7-2.el9_4.aarch64.rpm	4ea9cd634e961335e4ea19e84289e96858fd113824259aecc5e65e2bdd7f97e5
aarch64	pcs-snmp-0.11.7-2.el9_4.aarch64.rpm	68a1cd8ffb7918bf7dc6328117e03b8223a7e61500231b058871bd9f9bdc60fb
ppc64le	pcs-0.11.7-2.el9_4.ppc64le.rpm	aa7a9e9b8904d4c28c010560a1dd34e9ac3c8cb19622ff82cb18b6585f48f375
ppc64le	pcs-snmp-0.11.7-2.el9_4.ppc64le.rpm	d29b9002ce7042923fae0b34af1709d9a3ee0ca4a803294db310655b9c990c88
s390x	pcs-0.11.7-2.el9_4.s390x.rpm	05fab9a397e3d8c8f2b1a5aa89d4cb7c7fb3c5762d5fcb101b8826cc9a39a520
s390x	pcs-snmp-0.11.7-2.el9_4.s390x.rpm	ce4966e4e8957588173579130c1e552b9b01b4bff18fadb9edfcc62908c3b0b0
x86_64	pcs-snmp-0.11.7-2.el9_4.x86_64.rpm	7aec6341b5930bbb45727b7137ae6cfa352dafbe1dc31093aa1b15312c4b5677
x86_64	pcs-0.11.7-2.el9_4.x86_64.rpm	aa0a80470ba28c1506c35d81da2ad9be31eec3a8322a590d926bfb23d38fa50f

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.