SUSE: 2016:2869-1 Important: Pacemaker IPC Issues Fixed
suse
November 22, 2016
An update that solves two vulnerabilities and has 5 fixes An update that solves two vulnerabilities and has 5 fixes An update that solves two vulnerabilities and has 5 fixes is now...
Summary
This update for pacemaker fixes the following issues: Security issues fixed: - CVE-2016-7797: Notify other clients of a new connection only if the handshake has completed (bsc#967388, bsc#1002767). - CVE-2016-7035: Fixed improper IPC guarding in pacemaker (bsc#1007433). Bug fixes: - bsc#1003565: crmd: Record pending operations in the CIB before they are performed - bsc#1000743: pengine: Do not fence a maintenance node if it shuts down cleanly - bsc#987348: ping: Avoid temporary files for fping check - bsc#986644: libcrmcommon: report errors consistently when waiting for data on connection - bsc#986644: remote: Correctly calculate the remaining timeouts when receiving messages Patch Instructions: To install this SUSE Security Update use YaST online_update.
References
#1000743 #1002767 #1003565 #1007433 #967388
#986644 #987348
Cross- CVE-2016-7035 CVE-2016-7797
Affected Products:
SUSE Linux Enterprise Software Development Kit 12-SP2
SUSE Linux Enterprise High Availability 12-SP2
https://www.suse.com/security/cve/CVE-2016-7035.html
https://www.suse.com/security/cve/CVE-2016-7797.html
https://bugzilla.suse.com/1000743
https://bugzilla.suse.com/1002767
https://bugzilla.suse.com/1003565
https://bugzilla.suse.com/1007433
https://bugzilla.suse.com/967388
https://bugzilla.suse.com/986644
https://bugzilla.suse.com/987348
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2016:2869-1
Rating: important
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!