Joined: 12 May 2004
|Posted: Sun Oct 08, 2017 8:26 pm Post subject: [ GLSA 201710-08 ] Pacemaker
|Gentoo Linux Security Advisory
Title: Pacemaker: Multiple vulnerabilities (GLSA 201710-08)
Exploitable: local, remote
Bug(s): #546550, #599194
Multiple vulnerabilities have been found in Pacemaker, the worst of
which could result in the execution of arbitrary code.
Pacemaker is an Open Source, High Availability resource manager suitable
for both small and large clusters.
Vulnerable: < 1.1.16
Unaffected: >= 1.1.16
Architectures: All supported architectures
Multiple vulnerabilities have been discovered in Pacemaker. Please
review the referenced CVE identifiers for details.
A remote attacker could execute arbitrary code or a local attacker could
There is no known workaround at this time.
All Pacemaker users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=sys-cluster/pacemaker-1.1.16 "