You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa pcs

Sigurnosni nedostaci programskog paketa pcs

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LDE

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

– ————————————————————————-
Debian Security Advisory DSA-4169-1 security@debian.org
https://www.debian.org/security/ Yves-Alexis Perez
April 11, 2018 https://www.debian.org/security/faq
– ————————————————————————-

Package : pcs
CVE ID : CVE-2018-1086
Debian Bug : 895313

Cédric Buissart from Red Hat discovered an information disclosure bug in pcs, a
pacemaker command line interface and GUI. The REST interface normally doesn’t
allow passing –debug parameter to prevent information leak, but the check
wasn’t sufficient.

For the stable distribution (stretch), this problem has been fixed in
version 0.9.155+dfsg-2+deb9u1.

We recommend that you upgrade your pcs packages.

For the detailed security status of pcs please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/pcs

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
—–BEGIN PGP SIGNATURE—–

iQEzBAEBCgAdFiEE8vi34Qgfo83x35gF3rYcyPpXRFsFAlrNxsYACgkQ3rYcyPpX
RFsDlggAy2SHmo+lw4mEkodTH6bISba9cSLBBkalg4bhPmWLHnDw9PFIrUKV6HzB
RoNzoMrsJsi4NDutw0aV9YjyuLYd/OmX8rMP/4zaI/bA4wMkz2EBQ6TkTGIlbYl7
ljTZWSBflfAqU18zIf1gH7jkDN+M3EkWfyJJVCj3KRRwMOCJtgL0GLAJLDB3jn41
Np56spr5F2i+iscpPYVDpJLrPp7A0d+HaVTMLhdlpTK09iUiLiH42MdvYgfdU3z3
LV77zWBR4VgUkqbYcfx2GHupstwC5toYDg771Ukaj69T2N/45wOthlUcSY4dQZlH
8g9WbQwWVJBR4P01nKeUuN/FWgpHtA==
=oRuL
—–END PGP SIGNATURE—–

AutorPetar Bertok
Cert idNCERT-REF-2018-04-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top