Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 493
Alerts This Week
Warning Icon 1 493

Fedora 21 Pacemaker Security Update - CVE-2015-1867 Critical Fix

fedora
Calendar Grey November 1, 2015
Dist Fedora Esm H88
This security bulletin outlines information regarding CVE-2015-1867 in the Fedora 21 pacemaker, featuring essential updates and resolutions.
Security fix for CVE-2015-1867: issue allegedly present in pacemaker-1.1.12, fixed in pacemaker-1.1.13

Summary

Pacemaker is an advanced, scalable High-Availability cluster resource

manager for Corosync, CMAN and/or Linux-HA.

It supports more than 16 node clusters with significant capabilities

for managing resources and dependencies.

It will run scripts at initialization, when machines go up or down,

when related resources fail and can be configured to periodically check

resource health.

Available rpmbuild rebuild options:

--with(out) : doc coverage profiling pre_release upstart_job

Update Information:

Security fix for CVE-2015-1867: issue allegedly present in pacemaker-1.1.12, fixed in pacemaker-1.1.13. * * * pacemaker-1.1.13-3.fc{21,22,23} - Update to Pacemaker-1.1.13 post-release + patches (sync) - Add nagios-plugins-metadata subpackage enabling support of selected Nagios plugins as resources recognized by Pacemaker - Several specfile improvements: drop irrelevant stuff, rehash the included/excluded files + dependencies, add check scriptlet, reflect current packaging practice, do minor cleanups (mostly adopted from another spec)

Change Log

References


[ 1 ] Bug #1211370 - CVE-2015-1867 pacemaker: acl read-only access allow role assignment https://bugzilla.redhat.com/show_bug.cgi?id=1211370

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update pacemaker' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: pacemaker
Product: Fedora 21
Version: 1.1.13
Release: 3.fc21
Summary: Scalable High-Availability cluster resource manager

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.