ALSA-2026:10710

[ALSA-2026:10710] Important: pcs security update

Type:

security

Severity:

important

Release date:

2026-04-28

Description:

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.  

Security Fix(es):  

  * lodash: lodash: Arbitrary code execution via untrusted input in template imports (CVE-2026-4800)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
ppc64le	pcs-snmp-0.11.10-1.el9_7.3.ppc64le.rpm	2c2322695018a3318a4fecfe94d69a480c6c1a5cac16b0a6022105b6440a8dad
ppc64le	pcs-0.11.10-1.el9_7.3.ppc64le.rpm	ce98cc2b0796bb10b102ebf38388261c9a09f89edeed30c1dbf6f770540f5558
s390x	pcs-0.11.10-1.el9_7.3.s390x.rpm	8376722c58372554ee4120f2e6e0189c212662f07e1f4f0ba135faa7606966f2
s390x	pcs-snmp-0.11.10-1.el9_7.3.s390x.rpm	d25f8c18d332443845115e47e3b4fcc9c11c0dadf0568ac0225698b40f36104f
x86_64	pcs-snmp-0.11.10-1.el9_7.3.x86_64.rpm	9fdbeea3180046934993d07147392b2cab8b09743b0c5654087930d920730178
x86_64	pcs-0.11.10-1.el9_7.3.x86_64.rpm	ae0c1602b27c0692045db2324d5ec59eeb21b256b529bbed92c9eda7c74961ab

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.