Synopsis
Important: pcs security update
Type/Severity
Security Advisory: Important
Topic
An update for pcs is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.
Security Fix(es):
- pcs: Privilege escalation via authorized user malicious REST call (CVE-2018-1079)
- pcs: Debug parameter removal bypass, allowing information disclosure (CVE-2018-1086)
- rack-protection: Timing attack in authenticity_token.rb (CVE-2018-1000119)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
The CVE-2018-1079 issue was discovered by Ondrej Mular (Red Hat) and the CVE-2018-1086 issue was discovered by Cedric Buissart (Red Hat).
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
Affected Products
-
Red Hat Enterprise Linux High Availability for x86_64 7 x86_64
-
Red Hat Enterprise Linux High Availability for x86_64 - Extended Update Support 7.7 x86_64
-
Red Hat Enterprise Linux High Availability for x86_64 - Extended Update Support 7.6 x86_64
-
Red Hat Enterprise Linux High Availability for x86_64 - Extended Update Support 7.5 x86_64
-
Red Hat Enterprise Linux Resilient Storage for x86_64 7 x86_64
-
Red Hat Enterprise Linux Resilient Storage for x86_64 - Extended Update Support 7.7 x86_64
-
Red Hat Enterprise Linux Resilient Storage for x86_64 - Extended Update Support 7.6 x86_64
-
Red Hat Enterprise Linux Resilient Storage for x86_64 - Extended Update Support 7.5 x86_64
-
Red Hat Enterprise Linux Resilient Storage for IBM z Systems 7 s390x
-
Red Hat Enterprise Linux High Availability for IBM z Systems 7 s390x
-
Red Hat Enterprise Linux Resilient Storage for Power, little endian 7 ppc64le
-
Red Hat Enterprise Linux Resilient Storage for IBM Power LE - Extended Update Support 7.7 ppc64le
-
Red Hat Enterprise Linux Resilient Storage for IBM Power LE - Extended Update Support 7.6 ppc64le
-
Red Hat Enterprise Linux Resilient Storage for IBM Power LE - Extended Update Support 7.5 ppc64le
-
Red Hat Enterprise Linux High Availability for Power, little endian 7 ppc64le
-
Red Hat Enterprise Linux High Availability (for IBM Power LE) - Extended Update Support 7.7 ppc64le
-
Red Hat Enterprise Linux High Availability (for IBM Power LE) - Extended Update Support 7.6 ppc64le
-
Red Hat Enterprise Linux High Availability (for IBM Power LE) - Extended Update Support 7.5 ppc64le
-
Red Hat Enterprise Linux High Availability (for IBM Power LE) - Update Services for SAP Solutions 7.7 ppc64le
-
Red Hat Enterprise Linux High Availability (for IBM Power LE) - Update Services for SAP Solutions 7.6 ppc64le
-
Red Hat Enterprise Linux High Availability - Update Services for SAP Solutions 7.7 x86_64
-
Red Hat Enterprise Linux High Availability - Update Services for SAP Solutions 7.6 x86_64
Fixes
- BZ - 1534027 - CVE-2018-1000119 rack-protection: Timing attack in authenticity_token.rb
- BZ - 1550243 - CVE-2018-1079 pcs: Privilege escalation via authorized user malicious REST call
- BZ - 1557366 - CVE-2018-1086 pcs: Debug parameter removal bypass, allowing information disclosure
CVEs
References
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux High Availability for x86_64 7
SRPM |
pcs-0.9.162-5.el7_5.1.src.rpm
|
SHA-256: 0090721156cb420b67ccd48232fb7677f70f7c3fe92e479b71ad4c8930a5b316 |
x86_64 |
pcs-0.9.162-5.el7_5.1.x86_64.rpm
|
SHA-256: 1555f9e0fda290e982c7623561a62842dfc6a402c9e276204a7771647d6cc327 |
pcs-debuginfo-0.9.162-5.el7_5.1.x86_64.rpm
|
SHA-256: 4a9fc7ac430b85b57ce4eeafb70075349383d5cb4caba64c409b2e958c2a6856 |
pcs-snmp-0.9.162-5.el7_5.1.x86_64.rpm
|
SHA-256: e14d06f4f285d81ed227fe7ee8d1beb606612ead212a0057d5d75c013df3463a |
Red Hat Enterprise Linux High Availability for x86_64 - Extended Update Support 7.7
SRPM |
pcs-0.9.162-5.el7_5.1.src.rpm
|
SHA-256: 0090721156cb420b67ccd48232fb7677f70f7c3fe92e479b71ad4c8930a5b316 |
x86_64 |
pcs-0.9.162-5.el7_5.1.x86_64.rpm
|
SHA-256: 1555f9e0fda290e982c7623561a62842dfc6a402c9e276204a7771647d6cc327 |
pcs-debuginfo-0.9.162-5.el7_5.1.x86_64.rpm
|
SHA-256: 4a9fc7ac430b85b57ce4eeafb70075349383d5cb4caba64c409b2e958c2a6856 |
pcs-snmp-0.9.162-5.el7_5.1.x86_64.rpm
|
SHA-256: e14d06f4f285d81ed227fe7ee8d1beb606612ead212a0057d5d75c013df3463a |
Red Hat Enterprise Linux High Availability for x86_64 - Extended Update Support 7.6
SRPM |
pcs-0.9.162-5.el7_5.1.src.rpm
|
SHA-256: 0090721156cb420b67ccd48232fb7677f70f7c3fe92e479b71ad4c8930a5b316 |
x86_64 |
pcs-0.9.162-5.el7_5.1.x86_64.rpm
|
SHA-256: 1555f9e0fda290e982c7623561a62842dfc6a402c9e276204a7771647d6cc327 |
pcs-debuginfo-0.9.162-5.el7_5.1.x86_64.rpm
|
SHA-256: 4a9fc7ac430b85b57ce4eeafb70075349383d5cb4caba64c409b2e958c2a6856 |
pcs-snmp-0.9.162-5.el7_5.1.x86_64.rpm
|
SHA-256: e14d06f4f285d81ed227fe7ee8d1beb606612ead212a0057d5d75c013df3463a |
Red Hat Enterprise Linux High Availability for x86_64 - Extended Update Support 7.5
SRPM |
pcs-0.9.162-5.el7_5.1.src.rpm
|
SHA-256: 0090721156cb420b67ccd48232fb7677f70f7c3fe92e479b71ad4c8930a5b316 |
x86_64 |
pcs-0.9.162-5.el7_5.1.x86_64.rpm
|
SHA-256: 1555f9e0fda290e982c7623561a62842dfc6a402c9e276204a7771647d6cc327 |
pcs-debuginfo-0.9.162-5.el7_5.1.x86_64.rpm
|
SHA-256: 4a9fc7ac430b85b57ce4eeafb70075349383d5cb4caba64c409b2e958c2a6856 |
pcs-snmp-0.9.162-5.el7_5.1.x86_64.rpm
|
SHA-256: e14d06f4f285d81ed227fe7ee8d1beb606612ead212a0057d5d75c013df3463a |
Red Hat Enterprise Linux Resilient Storage for x86_64 7
SRPM |
pcs-0.9.162-5.el7_5.1.src.rpm
|
SHA-256: 0090721156cb420b67ccd48232fb7677f70f7c3fe92e479b71ad4c8930a5b316 |
x86_64 |
pcs-0.9.162-5.el7_5.1.x86_64.rpm
|
SHA-256: 1555f9e0fda290e982c7623561a62842dfc6a402c9e276204a7771647d6cc327 |
pcs-debuginfo-0.9.162-5.el7_5.1.x86_64.rpm
|
SHA-256: 4a9fc7ac430b85b57ce4eeafb70075349383d5cb4caba64c409b2e958c2a6856 |
pcs-snmp-0.9.162-5.el7_5.1.x86_64.rpm
|
SHA-256: e14d06f4f285d81ed227fe7ee8d1beb606612ead212a0057d5d75c013df3463a |
Red Hat Enterprise Linux Resilient Storage for x86_64 - Extended Update Support 7.7
SRPM |
pcs-0.9.162-5.el7_5.1.src.rpm
|
SHA-256: 0090721156cb420b67ccd48232fb7677f70f7c3fe92e479b71ad4c8930a5b316 |
x86_64 |
pcs-0.9.162-5.el7_5.1.x86_64.rpm
|
SHA-256: 1555f9e0fda290e982c7623561a62842dfc6a402c9e276204a7771647d6cc327 |
pcs-debuginfo-0.9.162-5.el7_5.1.x86_64.rpm
|
SHA-256: 4a9fc7ac430b85b57ce4eeafb70075349383d5cb4caba64c409b2e958c2a6856 |
pcs-snmp-0.9.162-5.el7_5.1.x86_64.rpm
|
SHA-256: e14d06f4f285d81ed227fe7ee8d1beb606612ead212a0057d5d75c013df3463a |
Red Hat Enterprise Linux Resilient Storage for x86_64 - Extended Update Support 7.6
SRPM |
pcs-0.9.162-5.el7_5.1.src.rpm
|
SHA-256: 0090721156cb420b67ccd48232fb7677f70f7c3fe92e479b71ad4c8930a5b316 |
x86_64 |
pcs-0.9.162-5.el7_5.1.x86_64.rpm
|
SHA-256: 1555f9e0fda290e982c7623561a62842dfc6a402c9e276204a7771647d6cc327 |
pcs-debuginfo-0.9.162-5.el7_5.1.x86_64.rpm
|
SHA-256: 4a9fc7ac430b85b57ce4eeafb70075349383d5cb4caba64c409b2e958c2a6856 |
pcs-snmp-0.9.162-5.el7_5.1.x86_64.rpm
|
SHA-256: e14d06f4f285d81ed227fe7ee8d1beb606612ead212a0057d5d75c013df3463a |
Red Hat Enterprise Linux Resilient Storage for x86_64 - Extended Update Support 7.5
SRPM |
pcs-0.9.162-5.el7_5.1.src.rpm
|
SHA-256: 0090721156cb420b67ccd48232fb7677f70f7c3fe92e479b71ad4c8930a5b316 |
x86_64 |
pcs-0.9.162-5.el7_5.1.x86_64.rpm
|
SHA-256: 1555f9e0fda290e982c7623561a62842dfc6a402c9e276204a7771647d6cc327 |
pcs-debuginfo-0.9.162-5.el7_5.1.x86_64.rpm
|
SHA-256: 4a9fc7ac430b85b57ce4eeafb70075349383d5cb4caba64c409b2e958c2a6856 |
pcs-snmp-0.9.162-5.el7_5.1.x86_64.rpm
|
SHA-256: e14d06f4f285d81ed227fe7ee8d1beb606612ead212a0057d5d75c013df3463a |
Red Hat Enterprise Linux Resilient Storage for IBM z Systems 7
SRPM |
pcs-0.9.162-5.el7_5.1.src.rpm
|
SHA-256: 0090721156cb420b67ccd48232fb7677f70f7c3fe92e479b71ad4c8930a5b316 |
s390x |
pcs-0.9.162-5.el7_5.1.s390x.rpm
|
SHA-256: 49e133b6ae0f282e744e3aff32f65a5bd143998eb98aa5a6620b1c640fb3d6d2 |
pcs-debuginfo-0.9.162-5.el7_5.1.s390x.rpm
|
SHA-256: 35ddd4697f780d7fc237368f5164ad70270a84591f4f8cd8646f4b96ad217ae5 |
pcs-snmp-0.9.162-5.el7_5.1.s390x.rpm
|
SHA-256: c572bff4b40cff092c184af45191f96a7dc7e9d58d77ab5612919aa8a1692338 |
Red Hat Enterprise Linux High Availability for IBM z Systems 7
SRPM |
pcs-0.9.162-5.el7_5.1.src.rpm
|
SHA-256: 0090721156cb420b67ccd48232fb7677f70f7c3fe92e479b71ad4c8930a5b316 |
s390x |
pcs-0.9.162-5.el7_5.1.s390x.rpm
|
SHA-256: 49e133b6ae0f282e744e3aff32f65a5bd143998eb98aa5a6620b1c640fb3d6d2 |
pcs-debuginfo-0.9.162-5.el7_5.1.s390x.rpm
|
SHA-256: 35ddd4697f780d7fc237368f5164ad70270a84591f4f8cd8646f4b96ad217ae5 |
pcs-snmp-0.9.162-5.el7_5.1.s390x.rpm
|
SHA-256: c572bff4b40cff092c184af45191f96a7dc7e9d58d77ab5612919aa8a1692338 |
Red Hat Enterprise Linux Resilient Storage for Power, little endian 7
SRPM |
pcs-0.9.162-5.el7_5.1.src.rpm
|
SHA-256: 0090721156cb420b67ccd48232fb7677f70f7c3fe92e479b71ad4c8930a5b316 |
ppc64le |
pcs-0.9.162-5.el7_5.1.ppc64le.rpm
|
SHA-256: 95fdaeecc7526e7639a684a7edf5c586e55ff379da1d1cac41d877c52abd401c |
pcs-debuginfo-0.9.162-5.el7_5.1.ppc64le.rpm
|
SHA-256: d55b9609a93f5d863949900631d9d5a499473acb386d523650836abbc63ee171 |
pcs-snmp-0.9.162-5.el7_5.1.ppc64le.rpm
|
SHA-256: 659356ff474f2b4445c7b30efeedfa029643d0eb8a377bb2fea5662780239542 |
Red Hat Enterprise Linux Resilient Storage for IBM Power LE - Extended Update Support 7.7
SRPM |
pcs-0.9.162-5.el7_5.1.src.rpm
|
SHA-256: 0090721156cb420b67ccd48232fb7677f70f7c3fe92e479b71ad4c8930a5b316 |
ppc64le |
pcs-0.9.162-5.el7_5.1.ppc64le.rpm
|
SHA-256: 95fdaeecc7526e7639a684a7edf5c586e55ff379da1d1cac41d877c52abd401c |
pcs-debuginfo-0.9.162-5.el7_5.1.ppc64le.rpm
|
SHA-256: d55b9609a93f5d863949900631d9d5a499473acb386d523650836abbc63ee171 |
pcs-snmp-0.9.162-5.el7_5.1.ppc64le.rpm
|
SHA-256: 659356ff474f2b4445c7b30efeedfa029643d0eb8a377bb2fea5662780239542 |
Red Hat Enterprise Linux Resilient Storage for IBM Power LE - Extended Update Support 7.6
SRPM |
pcs-0.9.162-5.el7_5.1.src.rpm
|
SHA-256: 0090721156cb420b67ccd48232fb7677f70f7c3fe92e479b71ad4c8930a5b316 |
ppc64le |
pcs-0.9.162-5.el7_5.1.ppc64le.rpm
|
SHA-256: 95fdaeecc7526e7639a684a7edf5c586e55ff379da1d1cac41d877c52abd401c |
pcs-debuginfo-0.9.162-5.el7_5.1.ppc64le.rpm
|
SHA-256: d55b9609a93f5d863949900631d9d5a499473acb386d523650836abbc63ee171 |
pcs-snmp-0.9.162-5.el7_5.1.ppc64le.rpm
|
SHA-256: 659356ff474f2b4445c7b30efeedfa029643d0eb8a377bb2fea5662780239542 |
Red Hat Enterprise Linux Resilient Storage for IBM Power LE - Extended Update Support 7.5
SRPM |
pcs-0.9.162-5.el7_5.1.src.rpm
|
SHA-256: 0090721156cb420b67ccd48232fb7677f70f7c3fe92e479b71ad4c8930a5b316 |
ppc64le |
pcs-0.9.162-5.el7_5.1.ppc64le.rpm
|
SHA-256: 95fdaeecc7526e7639a684a7edf5c586e55ff379da1d1cac41d877c52abd401c |
pcs-debuginfo-0.9.162-5.el7_5.1.ppc64le.rpm
|
SHA-256: d55b9609a93f5d863949900631d9d5a499473acb386d523650836abbc63ee171 |
pcs-snmp-0.9.162-5.el7_5.1.ppc64le.rpm
|
SHA-256: 659356ff474f2b4445c7b30efeedfa029643d0eb8a377bb2fea5662780239542 |
Red Hat Enterprise Linux High Availability for Power, little endian 7
SRPM |
pcs-0.9.162-5.el7_5.1.src.rpm
|
SHA-256: 0090721156cb420b67ccd48232fb7677f70f7c3fe92e479b71ad4c8930a5b316 |
ppc64le |
pcs-0.9.162-5.el7_5.1.ppc64le.rpm
|
SHA-256: 95fdaeecc7526e7639a684a7edf5c586e55ff379da1d1cac41d877c52abd401c |
pcs-debuginfo-0.9.162-5.el7_5.1.ppc64le.rpm
|
SHA-256: d55b9609a93f5d863949900631d9d5a499473acb386d523650836abbc63ee171 |
pcs-snmp-0.9.162-5.el7_5.1.ppc64le.rpm
|
SHA-256: 659356ff474f2b4445c7b30efeedfa029643d0eb8a377bb2fea5662780239542 |
Red Hat Enterprise Linux High Availability (for IBM Power LE) - Extended Update Support 7.7
SRPM |
pcs-0.9.162-5.el7_5.1.src.rpm
|
SHA-256: 0090721156cb420b67ccd48232fb7677f70f7c3fe92e479b71ad4c8930a5b316 |
ppc64le |
pcs-0.9.162-5.el7_5.1.ppc64le.rpm
|
SHA-256: 95fdaeecc7526e7639a684a7edf5c586e55ff379da1d1cac41d877c52abd401c |
pcs-debuginfo-0.9.162-5.el7_5.1.ppc64le.rpm
|
SHA-256: d55b9609a93f5d863949900631d9d5a499473acb386d523650836abbc63ee171 |
pcs-snmp-0.9.162-5.el7_5.1.ppc64le.rpm
|
SHA-256: 659356ff474f2b4445c7b30efeedfa029643d0eb8a377bb2fea5662780239542 |
Red Hat Enterprise Linux High Availability (for IBM Power LE) - Extended Update Support 7.6
SRPM |
pcs-0.9.162-5.el7_5.1.src.rpm
|
SHA-256: 0090721156cb420b67ccd48232fb7677f70f7c3fe92e479b71ad4c8930a5b316 |
ppc64le |
pcs-0.9.162-5.el7_5.1.ppc64le.rpm
|
SHA-256: 95fdaeecc7526e7639a684a7edf5c586e55ff379da1d1cac41d877c52abd401c |
pcs-debuginfo-0.9.162-5.el7_5.1.ppc64le.rpm
|
SHA-256: d55b9609a93f5d863949900631d9d5a499473acb386d523650836abbc63ee171 |
pcs-snmp-0.9.162-5.el7_5.1.ppc64le.rpm
|
SHA-256: 659356ff474f2b4445c7b30efeedfa029643d0eb8a377bb2fea5662780239542 |
Red Hat Enterprise Linux High Availability (for IBM Power LE) - Extended Update Support 7.5
SRPM |
pcs-0.9.162-5.el7_5.1.src.rpm
|
SHA-256: 0090721156cb420b67ccd48232fb7677f70f7c3fe92e479b71ad4c8930a5b316 |
ppc64le |
pcs-0.9.162-5.el7_5.1.ppc64le.rpm
|
SHA-256: 95fdaeecc7526e7639a684a7edf5c586e55ff379da1d1cac41d877c52abd401c |
pcs-debuginfo-0.9.162-5.el7_5.1.ppc64le.rpm
|
SHA-256: d55b9609a93f5d863949900631d9d5a499473acb386d523650836abbc63ee171 |
pcs-snmp-0.9.162-5.el7_5.1.ppc64le.rpm
|
SHA-256: 659356ff474f2b4445c7b30efeedfa029643d0eb8a377bb2fea5662780239542 |
Red Hat Enterprise Linux High Availability (for IBM Power LE) - Update Services for SAP Solutions 7.7
SRPM |
pcs-0.9.162-5.el7_5.1.src.rpm
|
SHA-256: 0090721156cb420b67ccd48232fb7677f70f7c3fe92e479b71ad4c8930a5b316 |
ppc64le |
pcs-0.9.162-5.el7_5.1.ppc64le.rpm
|
SHA-256: 95fdaeecc7526e7639a684a7edf5c586e55ff379da1d1cac41d877c52abd401c |
pcs-debuginfo-0.9.162-5.el7_5.1.ppc64le.rpm
|
SHA-256: d55b9609a93f5d863949900631d9d5a499473acb386d523650836abbc63ee171 |
pcs-snmp-0.9.162-5.el7_5.1.ppc64le.rpm
|
SHA-256: 659356ff474f2b4445c7b30efeedfa029643d0eb8a377bb2fea5662780239542 |
Red Hat Enterprise Linux High Availability (for IBM Power LE) - Update Services for SAP Solutions 7.6
SRPM |
pcs-0.9.162-5.el7_5.1.src.rpm
|
SHA-256: 0090721156cb420b67ccd48232fb7677f70f7c3fe92e479b71ad4c8930a5b316 |
ppc64le |
pcs-0.9.162-5.el7_5.1.ppc64le.rpm
|
SHA-256: 95fdaeecc7526e7639a684a7edf5c586e55ff379da1d1cac41d877c52abd401c |
pcs-debuginfo-0.9.162-5.el7_5.1.ppc64le.rpm
|
SHA-256: d55b9609a93f5d863949900631d9d5a499473acb386d523650836abbc63ee171 |
pcs-snmp-0.9.162-5.el7_5.1.ppc64le.rpm
|
SHA-256: 659356ff474f2b4445c7b30efeedfa029643d0eb8a377bb2fea5662780239542 |
Red Hat Enterprise Linux High Availability - Update Services for SAP Solutions 7.7
SRPM |
pcs-0.9.162-5.el7_5.1.src.rpm
|
SHA-256: 0090721156cb420b67ccd48232fb7677f70f7c3fe92e479b71ad4c8930a5b316 |
x86_64 |
pcs-0.9.162-5.el7_5.1.x86_64.rpm
|
SHA-256: 1555f9e0fda290e982c7623561a62842dfc6a402c9e276204a7771647d6cc327 |
pcs-debuginfo-0.9.162-5.el7_5.1.x86_64.rpm
|
SHA-256: 4a9fc7ac430b85b57ce4eeafb70075349383d5cb4caba64c409b2e958c2a6856 |
pcs-snmp-0.9.162-5.el7_5.1.x86_64.rpm
|
SHA-256: e14d06f4f285d81ed227fe7ee8d1beb606612ead212a0057d5d75c013df3463a |
Red Hat Enterprise Linux High Availability - Update Services for SAP Solutions 7.6
SRPM |
pcs-0.9.162-5.el7_5.1.src.rpm
|
SHA-256: 0090721156cb420b67ccd48232fb7677f70f7c3fe92e479b71ad4c8930a5b316 |
x86_64 |
pcs-0.9.162-5.el7_5.1.x86_64.rpm
|
SHA-256: 1555f9e0fda290e982c7623561a62842dfc6a402c9e276204a7771647d6cc327 |
pcs-debuginfo-0.9.162-5.el7_5.1.x86_64.rpm
|
SHA-256: 4a9fc7ac430b85b57ce4eeafb70075349383d5cb4caba64c409b2e958c2a6856 |
pcs-snmp-0.9.162-5.el7_5.1.x86_64.rpm
|
SHA-256: e14d06f4f285d81ed227fe7ee8d1beb606612ead212a0057d5d75c013df3463a |