An update for pacemaker is now available for openEuler-20.03-LTS-SP3
Security Advisory
openeuler-security@openeuler.org
openEuler security committee
openEuler-SA-2022-1900
Final
1.0
1.0
2022-09-09
Initial
2022-09-09
2022-09-09
openEuler SA Tool V1.0
2022-09-09
pacemaker security update
An update for pacemaker is now available for openEuler-20.03-LTS-SP3.
Pacemaker is an advanced, scalable High-Availability cluster resource manager.
Security Fix(es):
An ACL bypass flaw was found in pacemaker. An attacker having a local account on the cluster and in the haclient group could use IPC communication with various daemons directly to perform certain tasks that they would be prevented by ACLs from doing if they went through the configuration.(CVE-2020-25654)
An update for pacemaker is now available for openEuler-20.03-LTS-SP3.
openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
High
pacemaker
https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1900
https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2020-25654
https://nvd.nist.gov/vuln/detail/CVE-2020-25654
openEuler-20.03-LTS-SP3
pacemaker-cli-2.0.3-3.oe1.aarch64.rpm
pacemaker-2.0.3-3.oe1.aarch64.rpm
pacemaker-debugsource-2.0.3-3.oe1.aarch64.rpm
pacemaker-debuginfo-2.0.3-3.oe1.aarch64.rpm
pacemaker-libs-devel-2.0.3-3.oe1.aarch64.rpm
pacemaker-remote-2.0.3-3.oe1.aarch64.rpm
pacemaker-cluster-libs-2.0.3-3.oe1.aarch64.rpm
pacemaker-libs-2.0.3-3.oe1.aarch64.rpm
pacemaker-nagios-plugins-metadata-2.0.3-3.oe1.noarch.rpm
pacemaker-schemas-2.0.3-3.oe1.noarch.rpm
pacemaker-cts-2.0.3-3.oe1.noarch.rpm
pacemaker-doc-2.0.3-3.oe1.noarch.rpm
pacemaker-2.0.3-3.oe1.src.rpm
pacemaker-2.0.3-3.oe1.x86_64.rpm
pacemaker-cli-2.0.3-3.oe1.x86_64.rpm
pacemaker-debugsource-2.0.3-3.oe1.x86_64.rpm
pacemaker-libs-2.0.3-3.oe1.x86_64.rpm
pacemaker-remote-2.0.3-3.oe1.x86_64.rpm
pacemaker-debuginfo-2.0.3-3.oe1.x86_64.rpm
pacemaker-cluster-libs-2.0.3-3.oe1.x86_64.rpm
pacemaker-libs-devel-2.0.3-3.oe1.x86_64.rpm
An ACL bypass flaw was found in pacemaker. An attacker having a local account on the cluster and in the haclient group could use IPC communication with various daemons directly to perform certain tasks that they would be prevented by ACLs from doing if they went through the configuration.
2022-09-09
CVE-2020-25654
openEuler-20.03-LTS-SP3
High
7.2
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
pacemaker security update
2022-09-09
https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1900