An update for pacemaker is now available for openEuler-20.03-LTS-SP3 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2022-1900 Final 1.0 1.0 2022-09-09 Initial 2022-09-09 2022-09-09 openEuler SA Tool V1.0 2022-09-09 pacemaker security update An update for pacemaker is now available for openEuler-20.03-LTS-SP3. Pacemaker is an advanced, scalable High-Availability cluster resource manager. Security Fix(es): An ACL bypass flaw was found in pacemaker. An attacker having a local account on the cluster and in the haclient group could use IPC communication with various daemons directly to perform certain tasks that they would be prevented by ACLs from doing if they went through the configuration.(CVE-2020-25654) An update for pacemaker is now available for openEuler-20.03-LTS-SP3. openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. High pacemaker https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1900 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2020-25654 https://nvd.nist.gov/vuln/detail/CVE-2020-25654 openEuler-20.03-LTS-SP3 pacemaker-cli-2.0.3-3.oe1.aarch64.rpm pacemaker-2.0.3-3.oe1.aarch64.rpm pacemaker-debugsource-2.0.3-3.oe1.aarch64.rpm pacemaker-debuginfo-2.0.3-3.oe1.aarch64.rpm pacemaker-libs-devel-2.0.3-3.oe1.aarch64.rpm pacemaker-remote-2.0.3-3.oe1.aarch64.rpm pacemaker-cluster-libs-2.0.3-3.oe1.aarch64.rpm pacemaker-libs-2.0.3-3.oe1.aarch64.rpm pacemaker-nagios-plugins-metadata-2.0.3-3.oe1.noarch.rpm pacemaker-schemas-2.0.3-3.oe1.noarch.rpm pacemaker-cts-2.0.3-3.oe1.noarch.rpm pacemaker-doc-2.0.3-3.oe1.noarch.rpm pacemaker-2.0.3-3.oe1.src.rpm pacemaker-2.0.3-3.oe1.x86_64.rpm pacemaker-cli-2.0.3-3.oe1.x86_64.rpm pacemaker-debugsource-2.0.3-3.oe1.x86_64.rpm pacemaker-libs-2.0.3-3.oe1.x86_64.rpm pacemaker-remote-2.0.3-3.oe1.x86_64.rpm pacemaker-debuginfo-2.0.3-3.oe1.x86_64.rpm pacemaker-cluster-libs-2.0.3-3.oe1.x86_64.rpm pacemaker-libs-devel-2.0.3-3.oe1.x86_64.rpm An ACL bypass flaw was found in pacemaker. An attacker having a local account on the cluster and in the haclient group could use IPC communication with various daemons directly to perform certain tasks that they would be prevented by ACLs from doing if they went through the configuration. 2022-09-09 CVE-2020-25654 openEuler-20.03-LTS-SP3 High 7.2 AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H pacemaker security update 2022-09-09 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1900