- Issued:
- 2020-11-10
- Updated:
- 2020-11-10
RHSA-2020:5004 - Security Advisory
Synopsis
Low: resource-agents security and bug fix update
Type/Severity
Security Advisory: Low
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for resource-agents is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The resource-agents packages provide the Pacemaker and RGManager service managers with a set of scripts. These scripts interface with several services to allow operating in a high-availability (HA) environment.
Security Fix(es):
- python-httplib2: CRLF injection via an attacker controlled unescaped part of uri for httplib2.Http.request function (CVE-2020-11078)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- gcp-vpc-move-vip: An existing alias IP range is removed when a second alias IP range is added (BZ#1846732)
- sybaseASE: Resource fails to complete a probe operation without access to $sybase_home [RHEL 7] (BZ#1848673)
- azure-lb: Resource fails intermittently due to nc output redirection to pidfile (BZ#1850779)
- azure-events: handle exceptions in urlopen (RHEL7) (BZ#1862121)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
Affected Products
- Red Hat Enterprise Linux Resilient Storage for x86_64 7 x86_64
- Red Hat Enterprise Linux for SAP Applications for x86_64 7 x86_64
- Red Hat Enterprise Linux for SAP HANA for x86_64 7 x86_64
- Red Hat Enterprise Linux High Availability for x86_64 7 x86_64
- Red Hat Enterprise Linux Resilient Storage for IBM z Systems 7 s390x
- Red Hat Enterprise Linux High Availability for IBM z Systems 7 s390x
- Red Hat Enterprise Linux for SAP Applications for Power, little endian 7 ppc64le
- Red Hat Enterprise Linux for SAP HANA for Power, little endian 7 ppc64le
- Red Hat Enterprise Linux Resilient Storage for Power, little endian 7 ppc64le
- Red Hat Enterprise Linux High Availability for Power, little endian 7 ppc64le
Fixes
- BZ - 1845937 - CVE-2020-11078 python-httplib2: CRLF injection via an attacker controlled unescaped part of uri for httplib2.Http.request function
- BZ - 1848673 - sybaseASE: Resource fails to complete a probe operation without access to $sybase_home [RHEL 7]
- BZ - 1862121 - azure-events: handle exceptions in urlopen (RHEL7)
CVEs
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux Resilient Storage for x86_64 7
| SRPM | |
|---|---|
| resource-agents-4.1.1-61.el7_9.4.src.rpm | SHA-256: c215e8acd0c97a5518dc74035b9a8ce37a99d39263f18fe1bd4622903e6345b5 |
| x86_64 | |
| resource-agents-4.1.1-61.el7_9.4.x86_64.rpm | SHA-256: e4c65a7a612889ff8d7df7e126acc3de032b24141bb41f38487e245fc12ff5d3 |
| resource-agents-aliyun-4.1.1-61.el7_9.4.x86_64.rpm | SHA-256: b6b541fd66f83738bd5556bc4c2ae60d98898294dac2d15c62f577afec6680e9 |
| resource-agents-debuginfo-4.1.1-61.el7_9.4.x86_64.rpm | SHA-256: bc0b203e39b8d5d187c0c8cdbff75de7b99fe070c19381bbc97ce1a0dc7a577d |
| resource-agents-gcp-4.1.1-61.el7_9.4.x86_64.rpm | SHA-256: 42d361604d8f9c23be804bf1c2b72f411e10434549e0e16d661d5b3643b20616 |
Red Hat Enterprise Linux for SAP Applications for x86_64 7
| SRPM | |
|---|---|
| resource-agents-4.1.1-61.el7_9.4.src.rpm | SHA-256: c215e8acd0c97a5518dc74035b9a8ce37a99d39263f18fe1bd4622903e6345b5 |
| x86_64 | |
| resource-agents-debuginfo-4.1.1-61.el7_9.4.x86_64.rpm | SHA-256: bc0b203e39b8d5d187c0c8cdbff75de7b99fe070c19381bbc97ce1a0dc7a577d |
| resource-agents-sap-4.1.1-61.el7_9.4.x86_64.rpm | SHA-256: 7f7b34e011174ab0efe261f37173d0d3611e2058d60df8d0e501489b821c729f |
| sap-cluster-connector-3.0.1-37.el7_9.4.x86_64.rpm | SHA-256: edb24051077061bca96f66a46986bd64032468ae4296dcdce36c09ffa7e296f3 |
Red Hat Enterprise Linux for SAP HANA for x86_64 7
| SRPM | |
|---|---|
| resource-agents-4.1.1-61.el7_9.4.src.rpm | SHA-256: c215e8acd0c97a5518dc74035b9a8ce37a99d39263f18fe1bd4622903e6345b5 |
| x86_64 | |
| resource-agents-debuginfo-4.1.1-61.el7_9.4.x86_64.rpm | SHA-256: bc0b203e39b8d5d187c0c8cdbff75de7b99fe070c19381bbc97ce1a0dc7a577d |
| resource-agents-sap-hana-4.1.1-61.el7_9.4.x86_64.rpm | SHA-256: b48a4987d835e604232d3683eb5eb0e9540721b94ba06e42c0e628cfbf153c88 |
| resource-agents-sap-hana-scaleout-0.164.0-6.el7_9.4.x86_64.rpm | SHA-256: 5e5f2e44c9124912e52937711ed9c29c57e11c61e5379a29a33970087a20300d |
Red Hat Enterprise Linux High Availability for x86_64 7
| SRPM | |
|---|---|
| resource-agents-4.1.1-61.el7_9.4.src.rpm | SHA-256: c215e8acd0c97a5518dc74035b9a8ce37a99d39263f18fe1bd4622903e6345b5 |
| x86_64 | |
| resource-agents-4.1.1-61.el7_9.4.x86_64.rpm | SHA-256: e4c65a7a612889ff8d7df7e126acc3de032b24141bb41f38487e245fc12ff5d3 |
| resource-agents-aliyun-4.1.1-61.el7_9.4.x86_64.rpm | SHA-256: b6b541fd66f83738bd5556bc4c2ae60d98898294dac2d15c62f577afec6680e9 |
| resource-agents-debuginfo-4.1.1-61.el7_9.4.x86_64.rpm | SHA-256: bc0b203e39b8d5d187c0c8cdbff75de7b99fe070c19381bbc97ce1a0dc7a577d |
| resource-agents-gcp-4.1.1-61.el7_9.4.x86_64.rpm | SHA-256: 42d361604d8f9c23be804bf1c2b72f411e10434549e0e16d661d5b3643b20616 |
Red Hat Enterprise Linux Resilient Storage for IBM z Systems 7
| SRPM | |
|---|---|
| resource-agents-4.1.1-61.el7_9.4.src.rpm | SHA-256: c215e8acd0c97a5518dc74035b9a8ce37a99d39263f18fe1bd4622903e6345b5 |
| s390x | |
| resource-agents-4.1.1-61.el7_9.4.s390x.rpm | SHA-256: abe8a456d7f5a7facd588133e5e73da6d64780a238ebd0922d852499d55fa8f1 |
| resource-agents-debuginfo-4.1.1-61.el7_9.4.s390x.rpm | SHA-256: 45af133da97304fc60f425929c623104a1447ab25a3fc69c2095033416ed8cf3 |
Red Hat Enterprise Linux High Availability for IBM z Systems 7
| SRPM | |
|---|---|
| resource-agents-4.1.1-61.el7_9.4.src.rpm | SHA-256: c215e8acd0c97a5518dc74035b9a8ce37a99d39263f18fe1bd4622903e6345b5 |
| s390x | |
| resource-agents-4.1.1-61.el7_9.4.s390x.rpm | SHA-256: abe8a456d7f5a7facd588133e5e73da6d64780a238ebd0922d852499d55fa8f1 |
| resource-agents-debuginfo-4.1.1-61.el7_9.4.s390x.rpm | SHA-256: 45af133da97304fc60f425929c623104a1447ab25a3fc69c2095033416ed8cf3 |
Red Hat Enterprise Linux for SAP Applications for Power, little endian 7
| SRPM | |
|---|---|
| resource-agents-4.1.1-61.el7_9.4.src.rpm | SHA-256: c215e8acd0c97a5518dc74035b9a8ce37a99d39263f18fe1bd4622903e6345b5 |
| ppc64le | |
| resource-agents-debuginfo-4.1.1-61.el7_9.4.ppc64le.rpm | SHA-256: e49793585e2c0990c987fe468aac38794ce36f57ee69c0df541af5514442ef15 |
| resource-agents-sap-4.1.1-61.el7_9.4.ppc64le.rpm | SHA-256: 778cc668dd360af911a9ba4a7ce89beabc69ef6063c3e4f8f81874bdb14cfe94 |
| sap-cluster-connector-3.0.1-37.el7_9.4.ppc64le.rpm | SHA-256: aeba8316da935ffcd52e4e11a5b12c07abb0b81f1705e1e390d8515f6c653299 |
Red Hat Enterprise Linux for SAP HANA for Power, little endian 7
| SRPM | |
|---|---|
| resource-agents-4.1.1-61.el7_9.4.src.rpm | SHA-256: c215e8acd0c97a5518dc74035b9a8ce37a99d39263f18fe1bd4622903e6345b5 |
| ppc64le | |
| resource-agents-debuginfo-4.1.1-61.el7_9.4.ppc64le.rpm | SHA-256: e49793585e2c0990c987fe468aac38794ce36f57ee69c0df541af5514442ef15 |
| resource-agents-sap-hana-4.1.1-61.el7_9.4.ppc64le.rpm | SHA-256: 2be2f79ab5f86bb6a9d768ee1ce33f44b923c957e09fc6238d73656afe545d96 |
| resource-agents-sap-hana-scaleout-0.164.0-6.el7_9.4.ppc64le.rpm | SHA-256: 8a6d554cef843ba9d3ddaa7c46ca076e849a21ee9d0c838ec404626ccbedae82 |
Red Hat Enterprise Linux Resilient Storage for Power, little endian 7
| SRPM | |
|---|---|
| resource-agents-4.1.1-61.el7_9.4.src.rpm | SHA-256: c215e8acd0c97a5518dc74035b9a8ce37a99d39263f18fe1bd4622903e6345b5 |
| ppc64le | |
| resource-agents-4.1.1-61.el7_9.4.ppc64le.rpm | SHA-256: 2aa5beb0accb80bcecf774b639319e84a213009a744a07564daded4387519d3a |
| resource-agents-debuginfo-4.1.1-61.el7_9.4.ppc64le.rpm | SHA-256: e49793585e2c0990c987fe468aac38794ce36f57ee69c0df541af5514442ef15 |
Red Hat Enterprise Linux High Availability for Power, little endian 7
| SRPM | |
|---|---|
| resource-agents-4.1.1-61.el7_9.4.src.rpm | SHA-256: c215e8acd0c97a5518dc74035b9a8ce37a99d39263f18fe1bd4622903e6345b5 |
| ppc64le | |
| resource-agents-4.1.1-61.el7_9.4.ppc64le.rpm | SHA-256: 2aa5beb0accb80bcecf774b639319e84a213009a744a07564daded4387519d3a |
| resource-agents-debuginfo-4.1.1-61.el7_9.4.ppc64le.rpm | SHA-256: e49793585e2c0990c987fe468aac38794ce36f57ee69c0df541af5514442ef15 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.