Oracle alert ELSA-2018-1060 (pcs)

From:
    	       Errata Announcements for Oracle Linux <el-errata@oss.oracle.com> 
To:
    	       el-errata@oss.oracle.com 
Subject:
    	       [El-errata] ELSA-2018-1060 Important: Oracle Linux 7 pcs security update 
Date:
    	       Mon, 30 Apr 2018 18:07:19 -0700
Message-ID:
    	       <94ce52d5-6230-52dd-bdbb-be198a781c66@oracle.com>
Oracle Linux Security Advisory ELSA-2018-1060

http://linux.oracle.com/errata/ELSA-2018-1060.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
pcs-0.9.162-5.0.3.el7_5.1.x86_64.rpm
pcs-snmp-0.9.162-5.0.3.el7_5.1.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/pcs-0.9.162-5.0.3...

Description of changes:

[0.9.162-5.0.3.el7_5.1]
- Unlike RHEL we DO have corosync/pacemaker for aarch64 on EL7
- replace logo pcsd/public/favicon.ico in tarball
- remove Source1 HAM-logo.png

[0.9.162-5.el7_5.1]
- Fixed CVE-2018-1086 pcs: Debug parameter removal bypass, allowing 
information disclosure
- Fixed CVE-2018-1079 pcs: Privilege escalation via authorized user 
malicious REST call
- Fixed CVE-2018-1000119 rack-protection: Timing attack in 
authenticity_token.rb
- Resolves: rhbz#1557253

_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata

From:		Errata Announcements for Oracle Linux <el-errata@oss.oracle.com>
To:		el-errata@oss.oracle.com
Subject:		[El-errata] ELSA-2018-1060 Important: Oracle Linux 7 pcs security update
Date:		Mon, 30 Apr 2018 18:07:19 -0700
Message-ID:		<94ce52d5-6230-52dd-bdbb-be198a781c66@oracle.com>