Ubuntu Security Notice 3462-1 - Jan PokornA1/2 and Alain Moulle discovered that Pacemaker incorrectly handled the IPC interface. A local attacker could possibly use this issue to execute arbitrary code with root privileges. Alain Moulle discovered that Pacemaker incorrectly handled authentication. A remote attacker could possibly use this issue to shut down connections, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS. Various other issues were also addressed.
4384b399869b60d559505c227d7dc753f73aa1b36d2bf6994fcaa90ab5ac8b80
Red Hat Security Advisory 2016-2578-02 - The Pacemaker cluster resource manager is a collection of technologies working together to provide data integrity and the ability to maintain application availability in the event of a failure. The following packages have been upgraded to a newer upstream version: pacemaker. Security Fix: It was found that the connection between a pacemaker cluster and a pacemaker_remote node could be shut down using a new unauthenticated connection. A remote attacker could use this flaw to cause a denial of service.
2460ab8eda8338aedda405b0fa29d1e926a6a23a7a588b52cc1626f20980a5e4