Description:
The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.
Security Fix(es):
* rubygem-rack: Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters (CVE-2025-59830)
* rack: Rack's unbounded multipart preamble buffering enables DoS (memory exhaustion) (CVE-2025-61770)
* rack: Rack's multipart parser buffers large non?file fields entirely in memory, enabling DoS (memory exhaustion) (CVE-2025-61771)
* rack: Rack memory exhaustion denial of service (CVE-2025-61772)
* rubygem-rack: Unbounded read in `Rack::Request` form parsing can lead to memory exhaustion (CVE-2025-61919)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
| Architecture |
Package |
Checksum |
| ppc64le |
pcs-0.11.10-1.el9_7.1.ppc64le.rpm |
5102360b59337949189a0c41f0f8dc7d944cd16d2e90b8e7d6e794fede7919a5 |
| ppc64le |
pcs-snmp-0.11.10-1.el9_7.1.ppc64le.rpm |
9e6289da5120ab0853da8020a0ebfa5655a73b53799d03ba8695151bc0eeed96 |
| s390x |
pcs-0.11.10-1.el9_7.1.s390x.rpm |
4a55abbf3df92ac782dfc8a41a721ad0747b94b40576046ca7563c3bbb07f7ec |
| s390x |
pcs-snmp-0.11.10-1.el9_7.1.s390x.rpm |
74b30ffa9909e408bfaa38363b9c89ad4f58eb809806dc05baec574376045caa |
| x86_64 |
pcs-snmp-0.11.10-1.el9_7.1.x86_64.rpm |
49b55c1add996f92b05ae1b87d487778f7600a7cec1c80622dad873562ac181a |
| x86_64 |
pcs-0.11.10-1.el9_7.1.x86_64.rpm |
bcb159016b074cd207f0a45de053ea1ad61103682f70950e086aae5b89a96771 |
