[ubuntu/bionic-updates] pacemaker 1.1.18-0ubuntu1.1 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Tue Apr 23 12:28:32 UTC 2019
pacemaker (1.1.18-0ubuntu1.1) bionic-security; urgency=medium
* SECURITY UPDATE: DoS and local privilege escalation in client-server
authentication
- debian/patches/CVE-2018-1687x-1.patch: make crm_pid_active more
precise as to when detections fail in include/crm_internal.h,
lib/common/utils.c.
- debian/patches/CVE-2018-1687x-2.patch: add new helpers to allow IPC
client side to authenticate the server in configure.ac,
include/crm/common/Makefile.am, include/crm/common/ipc.h,
include/crm/common/ipc_internal.h, lib/common/ipc.c.
- debian/patches/CVE-2018-1687x-3.patch: pacemakerd to trust
pre-existing processes via new checks instead in mcp/pacemaker.c.
- debian/patches/CVE-2018-1687x-4.patch: other daemons to authenticate
IPC servers of fellow processes in lib/cluster/corosync.c,
lib/cluster/cpg.c, lib/common/ipc.c, mcp/corosync.c.
- debian/patches/CVE-2018-1687x-5.patch: CPG users to be careful about
now-more-probable rival processes in attrd/main.c, cib/main.c,
crmd/main.c, fencing/main.c, lib/cluster/cpg.c.
- debian/patches/CVE-2018-1687x-6.patch: fix possible NULL pointer
dereference in crmd/control.c.
- debian/libcrmcommon3.symbols: added new symbols.
- CVE-2018-16877
- CVE-2018-16878
* SECURITY UPDATE: information disclosure via use-after-free
- debian/patches/CVE-2019-3885.patch: fix alert handling in
lib/services/services.c, lib/services/services_linux.c.
- CVE-2019-3885
Date: 2019-04-18 13:45:14.574875+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/pacemaker/1.1.18-0ubuntu1.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Bionic-changes
mailing list