RHSA-2024:2132 -- Redhat fence-agents, fence-virtID: oval:org.secpod.oval:def:509271 | Date: (C)2024-06-25 (M)2024-06-24 |
Class: PATCH | Family: unix |
The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fix: urllib3: Request body not stripped after redirect from 303 status changes request method to GET pycryptodome: side-channel leakage for OAEP decryption in PyCryptodome and pycryptodomex jinja2: HTML attribute injection when passing user input as keys to xmlattr filter For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes linked from the References section.
Platform: |
Red Hat Enterprise Linux 9 |
Product: |
fence-agents |
fence-virt |