Hash: SHA256

                   Red Hat Security Advisory

Synopsis:          Low: pcs security, bug fix, and enhancement update
Advisory ID:       RHSA-2021:4142-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2021:4142
Issue date:        2021-11-09
CVE Names:         CVE-2020-7656 CVE-2020-11023 

1. Summary:

An update for pcs is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact
of Low. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux HighAvailability (v. 8) - aarch64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux ResilientStorage (v. 8) - ppc64le, s390x, x86_64

3. Description:

The pcs packages provide a command-line configuration system for the
Pacemaker and Corosync utilities.

The following packages have been upgraded to a later upstream version: pcs
(0.10.10). (BZ#1935594)

Security Fix(es):

* jquery: Cross-site scripting (XSS) via