Fedora: 2017-04-03 Moderate Security Update for pcs XSS Vulnerability

fedora

April 3, 2017

- Security fix for CVE-2017-2661: Improper node name field validation when creating clusters leads to XSS - Re-added support for clufter as it is now available for Python 3

Summary

pcs is a corosync and pacemaker configuration tool. It permits users to

easily view, modify and create pacemaker based clusters.

Update Information:

- Security fix for CVE-2017-2661: Improper node name field validation when creating clusters leads to XSS - Re-added support for clufter as it is now available for Python 3

Topics Covered

security advisory update Fedora XSS configuration tool pcs Python 3 support

Change Log

References

[ 1 ] Bug #1428948 - CVE-2017-2661 pcs: Improper node name field validation when creating clusters leads to XSS https://bugzilla.redhat.com/show_bug.cgi?id=1428948

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade pcs' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity

important

Lowest

Low

Medium

High

Critical

Name: pcs

Product: Fedora 24

Version: 0.9.156

Release: 2.fc24

URL: https://github.com/ClusterLabs/pcs

Summary: Pacemaker Configuration System

Topics Covered

security advisory update Fedora XSS configuration tool pcs Python 3 support

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks