ALSA-2025:0308

[ALSA-2025:0308] Important: fence-agents security update

Type:

security

Severity:

important

Release date:

2025-01-15

Description:

The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster.   

Security Fix(es):  

  * fence-agents: Jinja has a sandbox breakout through indirect reference to format method [almalinux-9.5.z] (CVE-2024-56326)
  * fence-agents: Jinja has a sandbox breakout through malicious filenames [almalinux-9.5.z] (CVE-2024-56201)

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	fence-agents-kubevirt-4.10.0-76.el9_5.4.alma.1.aarch64.rpm	c3139fefb93b6f751cbe1e3e4ad0c3e56bbe5ec177857cfae6202eb506f71147
noarch	fence-agents-common-4.10.0-76.el9_5.4.alma.1.noarch.rpm	55f869cd3725fd7d4c3e074266e3a5c5f2607df66964b9532e66b966a6d02933
noarch	fence-agents-ibm-powervs-4.10.0-76.el9_5.4.alma.1.noarch.rpm	69d8b3153192e1d7336a369dcb8317760b1e3f1f4d96b982a91aee420e1698ad
noarch	fence-agents-ibm-vpc-4.10.0-76.el9_5.4.alma.1.noarch.rpm	979642e28a5f5d597147c9497136ff0c49325cc5bb3069aa5a2b0b489a5f7482
noarch	fence-agents-virsh-4.10.0-76.el9_5.4.alma.1.noarch.rpm	9bdd4de968c776fd7ffd2d658d439af61f8d8e9b34807436cb9e18cfc2ee1cf4
ppc64le	fence-agents-kubevirt-4.10.0-76.el9_5.4.alma.1.ppc64le.rpm	381ec76f17d4e10fb6e556272efba03e021a45b318dbdfca511e3b32b5039936
ppc64le	fence-agents-compute-4.10.0-76.el9_5.4.alma.1.ppc64le.rpm	f430d3739cb713dd583bd1d525e02702cb106dd8aea964cd459bdffe183703ee
s390x	fence-agents-kubevirt-4.10.0-76.el9_5.4.alma.1.s390x.rpm	e7f559f96ea6ecefa44a0ef500d478de711212b7881cc230829382c30e973f2d
x86_64	fence-virtd-4.10.0-76.el9_5.4.alma.1.x86_64.rpm	07bfb39a0c03ec9be2d87cc3defdb1eedd94e51011369979a4bf50e1bab02c9f
x86_64	fence-agents-kubevirt-4.10.0-76.el9_5.4.alma.1.x86_64.rpm	0984dd4b605c93b29ea3c2a30269842539064b12edc3a3a3bde10d1fe1954557
x86_64	fence-virtd-cpg-4.10.0-76.el9_5.4.alma.1.x86_64.rpm	169f0f8187d631e31e0ef68c270d1db00e9842de29258b6343c396d9f3ed748c
x86_64	fence-virtd-tcp-4.10.0-76.el9_5.4.alma.1.x86_64.rpm	2caaada9adb8865a3c53fea3e3c23a291473ae0cbcbc72f82edea1e5d2d46e72
x86_64	fence-virt-4.10.0-76.el9_5.4.alma.1.x86_64.rpm	3f93ac6b3289ca4adefdfb94679500493bb11d01942ac70f82037e0e75345472
x86_64	fence-virtd-multicast-4.10.0-76.el9_5.4.alma.1.x86_64.rpm	4894076293394d15b360c94c19292b9a465ebc7b6d3145e818c15ded060a1b9a
x86_64	fence-agents-compute-4.10.0-76.el9_5.4.alma.1.x86_64.rpm	b0e2c3b4fb8f63f87e86d46a110f5cffa66f2823c17c7169f39a9795d12096f8
x86_64	fence-virtd-libvirt-4.10.0-76.el9_5.4.alma.1.x86_64.rpm	cc886b43604ddb8a65a6998ab758e6303ac4e9dd61b813b2115fa503647c75b3
x86_64	fence-virtd-serial-4.10.0-76.el9_5.4.alma.1.x86_64.rpm	fbb01609b03711d04f73c2b849923b72ca7051c13fe0fa670830c329d52dde68

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.