Synopsis: Moderate: pacemaker security, bug fix, and enhancement update
Advisory ID: SLSA-2016:2578-2
Issue Date: 2016-11-03
CVE Numbers: CVE-2016-7797
—
The following packages have been upgraded to a newer upstream version:
pacemaker (1.1.15).
Security Fix(es):
* It was found that the connection between a pacemaker cluster and a
pacemaker_remote node could be shut down using a new unauthenticated
connection. A remote attacker could use this flaw to cause a denial of
service. (CVE-2016-7797)
Additional Changes:
—
SL7
x86_64
pacemaker-1.1.15-11.el7.x86_64.rpm
pacemaker-cli-1.1.15-11.el7.x86_64.rpm
pacemaker-cluster-libs-1.1.15-11.el7.i686.rpm
pacemaker-cluster-libs-1.1.15-11.el7.x86_64.rpm
pacemaker-cts-1.1.15-11.el7.x86_64.rpm
pacemaker-debuginfo-1.1.15-11.el7.i686.rpm
pacemaker-debuginfo-1.1.15-11.el7.x86_64.rpm
pacemaker-doc-1.1.15-11.el7.x86_64.rpm
pacemaker-libs-1.1.15-11.el7.i686.rpm
pacemaker-libs-1.1.15-11.el7.x86_64.rpm
pacemaker-libs-devel-1.1.15-11.el7.i686.rpm
pacemaker-libs-devel-1.1.15-11.el7.x86_64.rpm
pacemaker-nagios-plugins-metadata-1.1.15-11.el7.x86_64.rpm
pacemaker-remote-1.1.15-11.el7.x86_64.rpm
– Scientific Linux Development Team
