Fedora alert FEDORA-2015-8788 (pcs)
| From: | updates@fedoraproject.org | |
| To: | package-announce@lists.fedoraproject.org | |
| Subject: | [SECURITY] Fedora 21 Update: pcs-0.9.137-4.fc21 | |
| Date: | Thu, 04 Jun 2015 20:16:31 +0000 | |
| Message-ID: | <20150604201632.93047608A486@bastion01.phx2.fedoraproject.org> |
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-8788 2015-05-25 20:39:54 -------------------------------------------------------------------------------- Name : pcs Product : Fedora 21 Version : 0.9.137 Release : 4.fc21 URL : http://github.com/feist/pcs Summary : Pacemaker Configuration System Description : pcs is a corosync and pacemaker configuration tool. It permits users to easily view, modify and created pacemaker based clusters. -------------------------------------------------------------------------------- Update Information: Fix for CVE-2015-1848, CVE-2015-3983 (sessions not signed) -------------------------------------------------------------------------------- ChangeLog: * Fri May 22 2015 Tomas Jelinek <tojeline@redhat.com> - 0.9.137-4 - Fix for CVE-2015-1848, CVE-2015-3983 (sessions not signed) * Fri Mar 27 2015 Tomas Jelinek <tojeline@redhat.com> - 0.9.137-3 - Fixed postinstall, preuninstall and postuinstall scripts (rhbz#1096224) * Wed Dec 17 2014 Chris Feist <cfeist@redhat.com> - 0.9.137-2 - Bind to 0.0.0.0 instead of ipv6 address by default * Tue Dec 16 2014 Chris Feist <cfeist@redhat.com> - 0.9.137-1 - Re-synced to upstream sources -------------------------------------------------------------------------------- References: [ 1 ] Bug #1208294 - CVE-2015-1848 CVE-2015-3983 pcs: improper web session variable signing https://bugzilla.redhat.com/show_bug.cgi?id=1208294 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update pcs' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-...