RHBA-2016:1658 - Bug Fix Advisory

Topic

Updated cman packages that fix one bug are now available for Red Hat Enterprise
Linux 5.

Description

The Cluster Manager (cman) utility provides user-level services for managing a
Linux cluster.

This update fixes the following bug:

• Due to security concerns, the Secure Sockets Layer version 3 (SSLv3)

has been deprecated on the Cisco Unified Computing System (UCS) hardware
with the UCS firmware. However, the prior version of the fence_cisco_ucs fence
agent did not allow the Transport Layer Security version 1 (TLSv1) protocol
version to be used instead. As a consequence, fence_cisco_ucs did not work with
Cisco UCS devices running the latest firmware, which could cause security
issues. The underlying code has been fixed so that fence_cisco_ucs now uses
TLSv1.3 instead of SSLv3. Now, fence_cisco_ucs works as expected with Cisco UCS
hardware running the latest firmware. (BZ#1321592)

• Fence agents that connected using the SSH protocol previously failed to log in

if an identity file was used as the method of authentication. The bug has been
fixed, and the aforementioned fence agents now successfully authenticate through
an identity file. (BZ#1206604)

Users of cman are advised to upgrade to these updated packages, which fix this
bug.

Solution

Before applying this update, make sure all previously released errata relevant
to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

• Red Hat Enterprise Linux Server 5 x86_64
• Red Hat Enterprise Linux Server 5 ia64
• Red Hat Enterprise Linux Server 5 i386
• Red Hat Enterprise Linux Workstation 5 x86_64
• Red Hat Enterprise Linux Workstation 5 i386
• Red Hat Enterprise Linux for Power, big endian 5 ppc

Fixes

CVEs

(none)

References

(none)