Two security issues were discovered in pcs, a corosync and pacemaker configuration tool: CVE-2022-1049 It was discovered that expired accounts were still able to login via PAM. CVE-2022-2735 Ondrej Mular discovered that incorrect permissions on a Unix socket setup for internal communication could result in privilege escalation.