RLSA-2023:2652 --- pcsID: oval:org.secpod.oval:def:5800170 | Date: (C)2023-06-19 (M)2024-04-29 |
Class: PATCH | Family: unix |
The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fix: * pcs: webpack: Regression of CVE-2023-28154 fixes in the Rocky Linux * rubygem-rack: Denial of service in Multipart MIME parsing * rubygem-rack: denial of service in header parsing For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Bug Fix: * Command "pcs config checkpoint diff" does not show configuration differences between checkpoints * Need a way to add a scsi fencing device to a cluster without requiring a restart of all cluster resources * [WebUI] fence levels prevent loading of cluster status