Overview

File _patchinfo of Package patchinfo.12398

<patchinfo incident="12398">
  <issue tracker="bnc" id="1032511">Resource unnecessarily restarts after cleaning up a dependency resource</issue>
  <issue tracker="bnc" id="1130122">crm cleanup caused unnecessary resource restart</issue>
  <issue tracker="bnc" id="1127716">pacemaker: reordering of a group with a blocked device make additional changes</issue>
  <issue tracker="bnc" id="1136712">crmd crashes on updating Pacemaker with SIGABRT, cib address in already in use</issue>
  <issue tracker="bnc" id="1131356">VUL-0: CVE-2018-16877: pacemaker:  Insufficient local IPC client-server authentication on the client's side</issue>
  <issue tracker="bnc" id="1140519">crm cleanup rsc does not always work on blocked resources</issue>
  <issue tracker="bnc" id="1131353">VUL-0: CVE-2018-16878: pacemaker: Insufficient verification inflicted preference of uncontrolled processes</issue>
  <issue tracker="bnc" id="1135317">Clear Failed Fencing Actions Messages Not working</issue>
  <issue tracker="bnc" id="1133866">L3: Cleaning up a SAPHana M/S resource causes a 10 minute delay on cluster transition</issue>
  <issue tracker="cve" id="2018-16878"/>
  <issue tracker="cve" id="2018-16877"/>
  <category>security</category>
  <rating>important</rating>
  <packager>yan_gao</packager>
  <description>This update for pacemaker fixes the following issues:

Security issues fixed:

- CVE-2018-16877: Fixed insufficient local IPC client-server authentication on the client's side. (bsc#1131356)
- CVE-2018-16878: Fixed insufficient verification inflicted preference of uncontrolled processes (bsc#1131353)

Other issues fixed:

- stonith_admin --help: specify the usage of --cleanup (bsc#1135317)
- scheduler: wait for probe actions to complete to prevent unnecessary restart/re-promote of dependent resources (bsc#1130122, bsc#1032511)
- controller: confirm cancel of failed monitors (bsc#1133866)
- controller: improve failed recurring action messages (bsc#1133866)
- controller: directly acknowledge unrecordable operation results (bsc#1133866)
- controller: be more tolerant of malformed executor events (bsc#1133866)
- libcrmcommon: return error when applying XML diffs containing unknown operations (bsc#1127716)
- libcrmcommon: avoid possible use-of-NULL when applying XML diffs (bsc#1127716)
- libcrmcommon: correctly apply XML diffs with multiple move/create changes (bsc#1127716)
- libcrmcommon: return proper code if testing pid is denied (bsc#1131353, bsc#1131356)
- libcrmcommon: avoid use-of-NULL when checking whether process is active (bsc#1131353, bsc#1131356)
- tools: run main loop for crm_resource clean-up with resource (bsc#1140519)
- contoller,scheduler: guard hash table deletes (bsc#1136712)
</description>
  <summary>Security update for pacemaker</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places