Debian Security Advisory 5226-1

Debian Security Advisory 5226-1: Posted Sep 28, 2022; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5226-1 - Two security issues were discovered in pcs, a corosync and pacemaker configuration tool.; tags | advisory; systems | linux, debian; advisories | CVE-2022-1049, CVE-2022-2735; SHA-256 | 6063675b6309f8ba39ab444e7fce5c743b477418ff598c15909fc9e571447b45; Download | Favorite | View

Debian Security Advisory 5226-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5226-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
September 06, 2022                    https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : pcs
CVE ID         : CVE-2022-1049 CVE-2022-2735
Debian Bug     : 1018930

Two security issues were discovered in pcs, a corosync and pacemaker
configuration tool:

CVE-2022-1049

    It was discovered that expired accounts were still able to login
    via PAM.

CVE-2022-2735

    Ondrej Mular discovered that incorrect permissions on a Unix socket
    setup for internal communication could result in privilege escalation.

For the stable distribution (bullseye), these problems have been fixed in
version 0.10.8-1+deb11u1.

We recommend that you upgrade your pcs packages.

For the detailed security status of pcs please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/pcs

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmMXrBoACgkQEMKTtsN8
TjZbNw/+JEaehkReY/Lbozb1EcscbhLLYzXr46nidKH5KBOmKmtDKBP9mircsPnD
P57YR1Ce/N7BYfNmRTwTj69u20Ed9YlwiYCri1reQ9i+JwUysrKj/vul4d0KEUEN
yN72XJHXZvrWDuS52rhncybvGsnaiubSajUCPj6QfuACCZC7FiNCBJUeR7ppcOOu
SeXTT0fYFuzugWzo4PnjumekxlPCr4xZXnhM8wW9TLA7Xn5R6Pzdu3YjrcjbWH9G
Wl4GqWY1+Nw4ST20vfAQdQ2/jIO5hCRWwXAdUoRKqsoop6d/Pco9bY3YLPhtn+4r
SBkKDQHJDd5Ofn8aO3znmPFEnmEHt5z0L+smS5DhLNBEe9LxyQB2Wcihy4FDlMya
YgbnhOQFRKare7Nrb4FLHubO7meeQC+4QWl2NAHyEs5FY60BjHlhxXSv5QaQi42B
sC6NX4+D36lY0eoyZXLLeLX5Y3kIolA+cA+0LraqjgL4epkU7kkgPtNcEPmdl05W
0RWKPaoLnk3ZBA38QSsJG9A7V+zKqI57aD2N2NgIBQG771XnPjvHDNmEV4ym/U56
o+CJYfJaIRRgyPUUX0EhyjNIo2/N5mzMyowvC5Z5zD/PmFWayO+++Pr0rsVo3k1D
LOZzwYngWQYLiNev+GRsE6rlTRC6KlZRZl1DdyNtYNHuzBDGrU8=
=Ld4t
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 288 files
Ubuntu 102 files
Gentoo 29 files
indoushka 26 files
Debian 17 files
Sina Kheirkhah 7 files
tmrswrr 7 files
Rodolfo Tavares 4 files
jheysel-r7 2 files
Pierre Kim 2 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,082)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,534)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,527)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,402)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,689)
UNIX (9,431)
UnixWare (187)
Windows (6,667)
Other

Debian Security Advisory 5226-1

Debian Security Advisory 5226-1

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 5226-1

Share This

Debian Security Advisory 5226-1

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems