Fedora 34: keepalived 2021-255eff1bb5 | LinuxSecurity.com

Advisories

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2021-255eff1bb5
2021-12-23 01:25:07.749465
--------------------------------------------------------------------------------

Name        : keepalived
Product     : Fedora 34
Version     : 2.2.4
Release     : 2.fc34
URL         : https://www.keepalived.org/
Summary     : High Availability monitor built upon LVS, VRRP and service pollers
Description :
Keepalived provides simple and robust facilities for load balancing
and high availability to Linux system and Linux based infrastructures.
The load balancing framework relies on well-known and widely used
Linux Virtual Server (IPVS) kernel module providing Layer4 load
balancing. Keepalived implements a set of checkers to dynamically and
adaptively maintain and manage load-balanced server pool according
their health. High availability is achieved by VRRP protocol. VRRP is
a fundamental brick for router failover. In addition, keepalived
implements a set of hooks to the VRRP finite state machine providing
low-level and high-speed protocol interactions. Keepalived frameworks
can be used independently or all together to provide resilient
infrastructures.

--------------------------------------------------------------------------------
Update Information:

Fix dbus policy (#2027158, CVE-2021-442255)
--------------------------------------------------------------------------------
ChangeLog:

* Tue Dec 14 2021 Ryan O'Hara  - 2.2.4-2
- Fix dbus policy (#2027158, CVE-2021-442255)
* Tue Dec 14 2021 Ryan O'Hara  - 2.2.4-1
- Update to 2.2.4 (#1996274)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1996274 - keepalived-2.2.4 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1996274
  [ 2 ] Bug #2027158 - CVE-2021-44225 keepalived: dbus access control bypass [fedora-34]
        https://bugzilla.redhat.com/show_bug.cgi?id=2027158
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2021-255eff1bb5' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

Fedora 34: keepalived 2021-255eff1bb5

December 22, 2021

Summary

Keepalived provides simple and robust facilities for load balancing

and high availability to Linux system and Linux based infrastructures.

The load balancing framework relies on well-known and widely used

Linux Virtual Server (IPVS) kernel module providing Layer4 load

balancing. Keepalived implements a set of checkers to dynamically and

adaptively maintain and manage load-balanced server pool according

their health. High availability is achieved by VRRP protocol. VRRP is

a fundamental brick for router failover. In addition, keepalived

implements a set of hooks to the VRRP finite state machine providing

low-level and high-speed protocol interactions. Keepalived frameworks

can be used independently or all together to provide resilient

infrastructures.

Update Information:

Fix dbus policy (#2027158, CVE-2021-442255)

Change Log

* Tue Dec 14 2021 Ryan O'Hara - 2.2.4-2 - Fix dbus policy (#2027158, CVE-2021-442255) * Tue Dec 14 2021 Ryan O'Hara - 2.2.4-1 - Update to 2.2.4 (#1996274)

References

[ 1 ] Bug #1996274 - keepalived-2.2.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1996274 [ 2 ] Bug #2027158 - CVE-2021-44225 keepalived: dbus access control bypass [fedora-34] https://bugzilla.redhat.com/show_bug.cgi?id=2027158

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-255eff1bb5' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
Name : keepalived
Product : Fedora 34
Version : 2.2.4
Release : 2.fc34
URL : https://www.keepalived.org/
Summary : High Availability monitor built upon LVS, VRRP and service pollers

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.