File _patchinfo of Package patchinfo.23998

<patchinfo incident="23998">
  <issue tracker="bnc" id="1021689">AUDIT-TRACKER: resource-agents: ocfmon user created with "OCFMON" as default password</issue>
  <issue tracker="bnc" id="1146687">AUDIT-FIND: resource-agents: Static default credentials</issue>
  <issue tracker="bnc" id="1146690">AUDIT-FIND: resource-agents: Predictable tmp file in sapdb-nosha.sh</issue>
  <issue tracker="bnc" id="1146691">AUDIT-FIND: resource-agents: Predictable log file in /tmp in mariadb.in</issue>
  <issue tracker="bnc" id="1146692">AUDIT-FIND: resource-agents: Predictable tmp file in ClusterMon</issue>
  <issue tracker="bnc" id="1146766">AUDIT-FIND: resource-agents: Insecure default tmp file name in openstack-cinder-volume</issue>
  <issue tracker="bnc" id="1146776">AUDIT-FIND: resource-agents: Code execution via insecure tmp files in db2</issue>
  <issue tracker="bnc" id="1146784">AUDIT-FIND: resource-agents: Static tmp file in drbd.linbit</issue>
  <issue tracker="bnc" id="1146785">AUDIT-FIND: resource-agents: Static tmp file in oradg.sh.in</issue>
  <issue tracker="bnc" id="1146787">AUDIT-FIND: resource-agents: Static tmp file in caselib.in</issue>
  <issue tracker="bnc" id="1197956">L3: resource-agents: oracle RA lists monpassword as optional but fails unless provided</issue>
  <issue tracker="bnc" id="1199766"/>
  <issue tracker="bnc" id="1196164"/>
  <packager>varkoly</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for resource-agents</summary>
  <description>This update for resource-agents fixes the following issues:

Security:
- Fixed unsafe tmp files and tmp files directory. (bsc#1146690, bsc#1146691, bsc#1146692, bsc#1146766, bsc#1146776,
  bsc#1146784, bsc#1146785, bsc#1146787)
- Created ocfmon user no longer has a default password. If no password is set, the user will not be created.
  (bsc#1021689, bsc#1146687)
</description>
</patchinfo>