Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Red Hat Enterprise Linux 8: RHSA-2021:4142-01 Low: pcs Update

red hat
Calendar Grey November 9, 2021
Dist Redhat Esm H88
An advisory for pcs updates in Red Hat, addressing low severity issues with security impacts on enterprise systems.
An update for pcs is now available for Red Hat Enterprise Linux 8

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Summary

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.
The following packages have been upgraded to a later upstream version: pcs (0.10.10). (BZ#1935594)
Security Fix(es):
* jquery: Cross-site scripting (XSS) via

Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2021:4142-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:4142
Issue date: 2021-11-09

Topic

An update for pcs is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impactof Low. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.

Topics%20covered

Topics Covered

security advisory Red Hat XSS low severity pcs update untrusted code execution

Relevant Releases Architectures

Red Hat Enterprise Linux HighAvailability (v. 8) - aarch64, ppc64le, s390x, x86_64

Red Hat Enterprise Linux ResilientStorage (v. 8) - ppc64le, s390x, x86_64

Bugs Fixed

1290830 - [RFE] pcs command is missing a way to retrieve the status of a single resource

1432097 - pcs status nodes shows incomplete information when both standby and maintenance modes are set for a node

1678273 - Moving the last resource from a group may result in an invalid CIB

1690419 - Improve guest node error message when pacemaker_remote is running

1720221 - [RFE] Add support for corosync option totem.block_unlisted_ips

1759995 - [RFE] Need ability to add/remove storage devices with scsi fencing

1841019 - [TechPreview Exit][RFE] Add a 'local' cluster setup command

1850004 - CVE-2020-11023 jquery: Untrusted code execution via

1850119 - CVE-2020-7656 jquery: Cross-site scripting (XSS) via

Your message here