SUSE: 2020:3073-1 Critical IPC Vulnerability Detected in Pacemaker
suse
October 28, 2020
An update that solves one vulnerability and has three fixes is now available
Summary
This update for pacemaker fixes the following issues: - executor: restrict certain IPC requests to Pacemaker daemons (CVE-2020-25654, bsc#1177916) - extra: add vim modelines to agents - extra: quote shell variables in agent code where appropriate (bsc#1175557) - extra: remove trailing whitespace from agent code - extra: update agent boilerplate (copyright/license notices) - extra: use 4-space indents in resource agent code - extra: use ":=" where appropriate in agent code - fencer: restrict certain IPC requests to privileged users (CVE-2020-25654, bsc#1177916) - move bcond_with/without up front for e.g. pcmk_release - pacemakerd: ignore shutdown requests from unprivileged users (CVE-2020-25654, bsc#1177916) - rpm: add spec option for enabling CIB secrets - rpm: put user-configurable items at top of spec
References
#1167171 #1173668 #1175557 #1177916
Cross- CVE-2020-25654
Affected Products:
SUSE Linux Enterprise High Availability 15-SP1
https://www.suse.com/security/cve/CVE-2020-25654.html
https://bugzilla.suse.com/1167171
https://bugzilla.suse.com/1173668
https://bugzilla.suse.com/1175557
https://bugzilla.suse.com/1177916
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2020:3073-1
Rating: important
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!