RHSA-2007:0640 - Security Advisory

Topic

Updated conga packages that correct a security flaw and provide bug fixes
and add enhancements are now available.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

Description

The Conga package is a web-based administration tool for remote cluster and
storage management.

A flaw was found in ricci during a code audit. A remote attacker who is
able to connect to ricci could cause ricci to temporarily refuse additional
connections, a denial of service (CVE-2007-4136).

Fixes in this updated package include:

• The nodename is now set for manual fencing.
• The node log no longer displays in random order.
• A bug that prevented a node from responding when a cluster was deleted is

now fixed.

• A PAM configuration that incorrectly called the deprecated module

pam_stack was removed.

• A bug that prevented some quorum disk configurations from being accepted

is now fixed.

• Setting multicast addresses now works properly.
• rpm -V on luci no longer fails.
• The user interface rendering time for storage interface is now faster.
• An error message that incorrectly appeared when rebooting nodes during

cluster creation was removed.

• Cluster snaps configuration (an unsupported feature) has been removed

altogether to prevent user confusion.

• A user permission bug resulting from a luci code error is now fixed.
• luci and ricci init script return codes are now LSB-compliant.
• VG creation on cluster nodes now defaults to "clustered".
• An SELinux AVC bug that prevented users from setting up shared storage on

nodes is now fixed.

• An access error that occurred when attempting to access a cluster node

after its cluster was deleted is now fixed.

• IP addresses can now be used to create clusters.
• Attempting to configure a fence device no longer results in an

AttributeError.

• Attempting to create a new fence device to a valid cluster no longer

results in a KeyError.

• Several minor user interface validation errors have been fixed, such as

enforcing cluster name length and fence port, etc.

• A browser lock-up that could occur during storage configuration has been

fixed.

• Virtual service creation now works without error.
• The fence_xvm tag is no longer misspelled in the cluster.conf file.
• Luci failover forms are complete and working.
• Rebooting a fresh cluster install no longer generates an error message.
• A bug that prevented failed cluster services from being started is now

fixed.

• A bug that caused some cluster operations (e.g., node delete) to fail on

clusters with mixed-cased cluster names is now fixed.

• Global cluster resources can be reused when constructing cluster

services.

Enhancements in this updated package include:

• Users can now access Conga through Internet Explorer 6.
• Dead nodes can now be evicted from a cluster.
• Shared storage on new clusters is now enabled by default.
• The fence user-interface flow is now simpler.
• A port number is now shown in ricci error messages.
• The kmod-gfs-xen kernel module is now installed when creating a cluster.
• Cluster creation status is now shown visually.
• User names are now sorted for display.
• The fence_xvmd tag can now be added from the dom0 cluster nodes.
• The ampersand character (&) can now be used in fence names.
• All packaged files are now installed with proper owners and permissions.
• New cluster node members are now properly initialized.
• Storage operations can now be completed even if an LVM snapshot is present.
• Users are now informed via dialog when nodes are rebooted as part of a

cluster operation.

• Failover domains are now properly listed for virtual services and

traditional clustered services.

• Luci can now create and distribute keys for fence_xvmd.

All Conga users are advised to upgrade to this update, which applies these
fixes and enhancements.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Affected Products

• Red Hat Enterprise Linux High Availability for x86_64 5 x86_64
• Red Hat Enterprise Linux High Availability for x86_64 5 ia64
• Red Hat Enterprise Linux High Availability for x86_64 5 i386
• Red Hat Enterprise Linux High Availability (for RHEL Server) from RHUI 5 x86_64
• Red Hat Enterprise Linux High Availability (for RHEL Server) from RHUI 5 i386

Fixes

• BZ - 212006 - create cluster does not show status as cluster is being created
• BZ - 212022 - cannot create cluster using ip addresses
• BZ - 213083 - luci - should display usernames in some logical/sorted order (usability)
• BZ - 218964 - luci - adding node to a cluster - confirm dialog displays cluster name in place of node name (minor)
• BZ - 221899 - Node log displayed in partially random order
• BZ - 222051 - Combining reauthentication/deletion options in one luci display can cause user confusion (usability - post RHEL5 GA)
• BZ - 223162 - Error trying to create a new fence device for a cluster node
• BZ - 224011 - SELinux AVC denied { read } for pid=2390 comm="mdadm" - accessing storage on a node
• BZ - 225164 - Conga allows creation/rename of clusters with name greater than 15 characters
• BZ - 225206 - Cluster cannot be deleted (from 'Manage Systems') - but no error results
• BZ - 225588 - luci web app does not enforce selection of fence port
• BZ - 225747 - Create/delete cluster - then access disk on node = Generic error on host: cluster tools: cman_tool errored
• BZ - 225782 - Need more luci service information on startup - no info written to log about failed start cause
• BZ - 226700 - cman cluster needs restart when going from >=3 to 2 nodes and 2 to >= 3 nodes
• BZ - 227682 - saslauthd[2274]: Deprecated pam_stack module called from service "ricci"
• BZ - 227743 - Intermittent/recurring problem - when cluster is deleted, sometimes a node is not affected
• BZ - 227758 - Entering bad password when creating a new cluster = UnboundLocalError: local variable 'e' referenced before assignment
• BZ - 227852 - Lack of debugging information in logs - support issue
• BZ - 229027 - luci failover domain forms are missing/empty
• BZ - 230447 - fence_xvm is incorrectly listed as "xmv" in virtual cluster
• BZ - 230452 - Advanced options parameters settings don't do anything
• BZ - 230454 - Unable to configure a virtual service
• BZ - 230457 - kmod-gfs-xen not installed with Conga install
• BZ - 230461 - 'enable shared storage' option cleared whenever there is a configuration error
• BZ - 230469 - Must manually edit cluster.conf on the dom0 cluster to add "<fence_xvmd/>"
• BZ - 238655 - conga does not set the "nodename" attribute for manual fencing
• BZ - 238726 - Conga provides no way to remove a dead node from a cluster
• BZ - 239327 - Online User Manual needs modification
• BZ - 239388 - conga storage: default VG creation should be clustered if a cluster node
• BZ - 239389 - conga cluster: make 'enable shared storage' the default
• BZ - 240034 - rpm verify fails on luci
• BZ - 240361 - Conga storage UI front-end is too slow rendering storage
• BZ - 241415 - Installation using Conga shows "error" in message during reboot cycle.
• BZ - 241418 - Conga tries to configurage cluster snaps, though they are not available.
• BZ - 241706 - Eliminate confusion in add fence flow
• BZ - 241727 - can't set user permissions in luci
• BZ - 242668 - luci init script can return non-LSB-compliant return codes
• BZ - 243701 - ricci init script can exit with non-LSB-compliant return codes
• BZ - 244146 - Add port number to message when ricci is not started/firewalled on cluster nodes.
• BZ - 244878 - Successful login results in an infinite redirection loop with MSIE
• BZ - 245202 - Conga needs to support Internet Explorer 6.0 and later
• BZ - 248317 - luci sets incorrect permissions on /usr/lib64/luci and /var/lib/luci
• BZ - 249066 - AttributeError when attempting to configure a fence device
• BZ - 249086 - Unable to add a new fence device to cluster
• BZ - 249091 - RFE: tell user they are about to kill all their nodes
• BZ - 249291 - delete node task fails to do all items listed in the help document
• BZ - 249641 - conga is unable to do storage operations if there is an lvm snapshot present
• BZ - 249868 - Use of failover domain not correctly shown
• BZ - 250443 - storage name warning utility produces a storm of warnings which can lock your browser
• BZ - 250834 - ZeroDivisionError when attempting to click an empty lvm volume group
• BZ - 253914 - conga doesn't allow you to reuse nfs export and nfs client resources
• BZ - 253994 - Cannot specify multicast address for a cluster
• BZ - 254038 - Impossible to set many valid quorum disk configurations via conga
• BZ - 336101 - CVE-2007-4136 ricci is vulnerable to a connect DoS attack

CVEs

• CVE-2007-4136

References

• http://www.redhat.com/security/updates/classification/#moderate