Issued:: 2025-09-02
Updated:: 2025-09-02

RHSA-2025:14999 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: resource-agents security update

Type/Severity

Security Advisory: Moderate

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for resource-agents is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The resource-agents packages provide the Pacemaker and RGManager service managers with a set of scripts. These scripts interface with several services to allow operating in a high-availability (HA) environment.

Security Fix(es):

requests: Requests vulnerable to .netrc credentials leak via malicious URLs (CVE-2024-47081)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux High Availability for x86_64 8 x86_64
Red Hat Enterprise Linux High Availability for ARM 64 8 aarch64
Red Hat Enterprise Linux Resilient Storage for x86_64 8 x86_64
Red Hat Enterprise Linux Resilient Storage for IBM z Systems 8 s390x
Red Hat Enterprise Linux High Availability for IBM z Systems 8 s390x
Red Hat Enterprise Linux Resilient Storage for Power, little endian 8 ppc64le
Red Hat Enterprise Linux High Availability for Power, little endian 8 ppc64le
Red Hat Enterprise Linux High Availability for ARM 64 - Extended Life Cycle 8.10 aarch64
Red Hat Enterprise Linux High Availability for Power, little endian - Extended Life Cycle 8.10 ppc64le
Red Hat Enterprise Linux High Availability for IBM z Systems - Extended Life Cycle 8.10 s390x
Red Hat Enterprise Linux High Availability for x86_64 - Extended Life Cycle 8.10 x86_64
Red Hat Enterprise Linux Resilient Storage for Power, little endian - Extended Life Cycle 8.10 ppc64le
Red Hat Enterprise Linux Resilient Storage for IBM z Systems - Extended Life Cycle 8.10 s390x
Red Hat Enterprise Linux Resilient Storage for x86_64 - Extended Life Cycle 8.10 x86_64

Fixes

BZ - 2371272 - CVE-2024-47081 requests: Requests vulnerable to .netrc credentials leak via malicious URLs

CVEs

CVE-2024-47081

References

https://access.redhat.com/security/updates/classification/#moderate

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux High Availability for x86_64 8

SRPM
resource-agents-4.9.0-54.el8_10.16.src.rpm	SHA-256: 0e756b9df4e07d6f30fc12328d1d917340cd27bd95737c213330eb94b8242f5a
x86_64
resource-agents-4.9.0-54.el8_10.16.x86_64.rpm	SHA-256: 040ca13dd7123bf1e09d894f80f9b093632555c433427da1997db6208b05fe32
resource-agents-aliyun-4.9.0-54.el8_10.16.x86_64.rpm	SHA-256: 2891c8398f48e5b8da48cb6ada3894695e58ee8c6d11b4811d2e2631f86e22d1
resource-agents-aliyun-debuginfo-4.9.0-54.el8_10.16.x86_64.rpm	SHA-256: be7ae7e3c9821239183be0c902bab93cec25bc5283cef3158b6cf94335b88b08
resource-agents-debuginfo-4.9.0-54.el8_10.16.x86_64.rpm	SHA-256: ba70e4bf30a87aae74908cd5ffe4ccb25b63d4e9c93cc5722de79798451307c2
resource-agents-debugsource-4.9.0-54.el8_10.16.x86_64.rpm	SHA-256: e02436096bda6ab6b8aad46656a0c4849b1ce303e02a8914197b223cad70778e
resource-agents-gcp-4.9.0-54.el8_10.16.x86_64.rpm	SHA-256: 49726e4137d092ffd558915cd9afc1acf564b0eb2cd85a430ca266db212d1372
resource-agents-paf-4.9.0-54.el8_10.16.x86_64.rpm	SHA-256: 51addbf02f12840ce9f25ccf5564294b6dec29e719bf9c4e4a9386a5ac30c181

Red Hat Enterprise Linux High Availability for ARM 64 8

SRPM
resource-agents-4.9.0-54.el8_10.16.src.rpm	SHA-256: 0e756b9df4e07d6f30fc12328d1d917340cd27bd95737c213330eb94b8242f5a
aarch64
resource-agents-4.9.0-54.el8_10.16.aarch64.rpm	SHA-256: 6774c7c3ed1a7ab4fde0d03caa09f4e92650932b55f5c285b25a4180c5b50945
resource-agents-debuginfo-4.9.0-54.el8_10.16.aarch64.rpm	SHA-256: 8d018958fdadf7bf685f6df8be78e5b60bb36dd4094a6a102e792bf23ca69ccc
resource-agents-debugsource-4.9.0-54.el8_10.16.aarch64.rpm	SHA-256: 04077763dc2fafe3afdcd3e2296a478fe62043d2c3fe5a6606c60ec54bfdab32
resource-agents-paf-4.9.0-54.el8_10.16.aarch64.rpm	SHA-256: f61034dda2ecd220010c981d61fc0ca87a44b5dac80c600fade1eec4110894a6

Red Hat Enterprise Linux Resilient Storage for x86_64 8

SRPM
resource-agents-4.9.0-54.el8_10.16.src.rpm	SHA-256: 0e756b9df4e07d6f30fc12328d1d917340cd27bd95737c213330eb94b8242f5a
x86_64
resource-agents-4.9.0-54.el8_10.16.x86_64.rpm	SHA-256: 040ca13dd7123bf1e09d894f80f9b093632555c433427da1997db6208b05fe32
resource-agents-aliyun-4.9.0-54.el8_10.16.x86_64.rpm	SHA-256: 2891c8398f48e5b8da48cb6ada3894695e58ee8c6d11b4811d2e2631f86e22d1
resource-agents-aliyun-debuginfo-4.9.0-54.el8_10.16.x86_64.rpm	SHA-256: be7ae7e3c9821239183be0c902bab93cec25bc5283cef3158b6cf94335b88b08
resource-agents-debuginfo-4.9.0-54.el8_10.16.x86_64.rpm	SHA-256: ba70e4bf30a87aae74908cd5ffe4ccb25b63d4e9c93cc5722de79798451307c2
resource-agents-debugsource-4.9.0-54.el8_10.16.x86_64.rpm	SHA-256: e02436096bda6ab6b8aad46656a0c4849b1ce303e02a8914197b223cad70778e
resource-agents-gcp-4.9.0-54.el8_10.16.x86_64.rpm	SHA-256: 49726e4137d092ffd558915cd9afc1acf564b0eb2cd85a430ca266db212d1372
resource-agents-paf-4.9.0-54.el8_10.16.x86_64.rpm	SHA-256: 51addbf02f12840ce9f25ccf5564294b6dec29e719bf9c4e4a9386a5ac30c181

Red Hat Enterprise Linux Resilient Storage for IBM z Systems 8

SRPM
resource-agents-4.9.0-54.el8_10.16.src.rpm	SHA-256: 0e756b9df4e07d6f30fc12328d1d917340cd27bd95737c213330eb94b8242f5a
s390x
resource-agents-4.9.0-54.el8_10.16.s390x.rpm	SHA-256: 2448ab9d8df5370d9c030b6d8f05d55c1bd421794f5aa8fb1f6bf69cb41e8a83
resource-agents-debuginfo-4.9.0-54.el8_10.16.s390x.rpm	SHA-256: 30729b7b4be641a248fbb60d95eefa88f8d74967e1ed48d722aa505b2665d89b
resource-agents-debugsource-4.9.0-54.el8_10.16.s390x.rpm	SHA-256: d0cdf5bfbf36506558911bfbb7018b490ead56c0aeb8412e012113b40e83b5b8
resource-agents-paf-4.9.0-54.el8_10.16.s390x.rpm	SHA-256: e49fcddb5be8627c9adfe4713fcf2cbe5ad67381f03d321ed3684a503f2ba9b3

Red Hat Enterprise Linux High Availability for IBM z Systems 8

SRPM
resource-agents-4.9.0-54.el8_10.16.src.rpm	SHA-256: 0e756b9df4e07d6f30fc12328d1d917340cd27bd95737c213330eb94b8242f5a
s390x
resource-agents-4.9.0-54.el8_10.16.s390x.rpm	SHA-256: 2448ab9d8df5370d9c030b6d8f05d55c1bd421794f5aa8fb1f6bf69cb41e8a83
resource-agents-debuginfo-4.9.0-54.el8_10.16.s390x.rpm	SHA-256: 30729b7b4be641a248fbb60d95eefa88f8d74967e1ed48d722aa505b2665d89b
resource-agents-debugsource-4.9.0-54.el8_10.16.s390x.rpm	SHA-256: d0cdf5bfbf36506558911bfbb7018b490ead56c0aeb8412e012113b40e83b5b8
resource-agents-paf-4.9.0-54.el8_10.16.s390x.rpm	SHA-256: e49fcddb5be8627c9adfe4713fcf2cbe5ad67381f03d321ed3684a503f2ba9b3

Red Hat Enterprise Linux Resilient Storage for Power, little endian 8

SRPM
resource-agents-4.9.0-54.el8_10.16.src.rpm	SHA-256: 0e756b9df4e07d6f30fc12328d1d917340cd27bd95737c213330eb94b8242f5a
ppc64le
resource-agents-4.9.0-54.el8_10.16.ppc64le.rpm	SHA-256: da881f0da1a79be6a8ddd8530e2e183f7398f5b41ee741805bc17cf6cff2aa79
resource-agents-debuginfo-4.9.0-54.el8_10.16.ppc64le.rpm	SHA-256: b1a1677ed51d4a68f5be662c061ab9aeda01095587ab4ddd07665686b2e56219
resource-agents-debugsource-4.9.0-54.el8_10.16.ppc64le.rpm	SHA-256: b8f1701823ecb5c3e3d76a5e3882f75eb96e323b1fb11e3b7a06b0fa653dddd9
resource-agents-paf-4.9.0-54.el8_10.16.ppc64le.rpm	SHA-256: b89f7fd170ec4fb9884c322716eeb9eb20fe6c61d4b51cba4cf0ce6a59e61a9c

Red Hat Enterprise Linux High Availability for Power, little endian 8

SRPM
resource-agents-4.9.0-54.el8_10.16.src.rpm	SHA-256: 0e756b9df4e07d6f30fc12328d1d917340cd27bd95737c213330eb94b8242f5a
ppc64le
resource-agents-4.9.0-54.el8_10.16.ppc64le.rpm	SHA-256: da881f0da1a79be6a8ddd8530e2e183f7398f5b41ee741805bc17cf6cff2aa79
resource-agents-debuginfo-4.9.0-54.el8_10.16.ppc64le.rpm	SHA-256: b1a1677ed51d4a68f5be662c061ab9aeda01095587ab4ddd07665686b2e56219
resource-agents-debugsource-4.9.0-54.el8_10.16.ppc64le.rpm	SHA-256: b8f1701823ecb5c3e3d76a5e3882f75eb96e323b1fb11e3b7a06b0fa653dddd9
resource-agents-paf-4.9.0-54.el8_10.16.ppc64le.rpm	SHA-256: b89f7fd170ec4fb9884c322716eeb9eb20fe6c61d4b51cba4cf0ce6a59e61a9c

Red Hat Enterprise Linux High Availability for ARM 64 - Extended Life Cycle 8.10

SRPM
resource-agents-4.9.0-54.el8_10.16.src.rpm	SHA-256: 0e756b9df4e07d6f30fc12328d1d917340cd27bd95737c213330eb94b8242f5a
aarch64
resource-agents-4.9.0-54.el8_10.16.aarch64.rpm	SHA-256: 6774c7c3ed1a7ab4fde0d03caa09f4e92650932b55f5c285b25a4180c5b50945
resource-agents-debuginfo-4.9.0-54.el8_10.16.aarch64.rpm	SHA-256: 8d018958fdadf7bf685f6df8be78e5b60bb36dd4094a6a102e792bf23ca69ccc
resource-agents-debugsource-4.9.0-54.el8_10.16.aarch64.rpm	SHA-256: 04077763dc2fafe3afdcd3e2296a478fe62043d2c3fe5a6606c60ec54bfdab32
resource-agents-paf-4.9.0-54.el8_10.16.aarch64.rpm	SHA-256: f61034dda2ecd220010c981d61fc0ca87a44b5dac80c600fade1eec4110894a6

Red Hat Enterprise Linux High Availability for Power, little endian - Extended Life Cycle 8.10

SRPM
resource-agents-4.9.0-54.el8_10.16.src.rpm	SHA-256: 0e756b9df4e07d6f30fc12328d1d917340cd27bd95737c213330eb94b8242f5a
ppc64le
resource-agents-4.9.0-54.el8_10.16.ppc64le.rpm	SHA-256: da881f0da1a79be6a8ddd8530e2e183f7398f5b41ee741805bc17cf6cff2aa79
resource-agents-debuginfo-4.9.0-54.el8_10.16.ppc64le.rpm	SHA-256: b1a1677ed51d4a68f5be662c061ab9aeda01095587ab4ddd07665686b2e56219
resource-agents-debugsource-4.9.0-54.el8_10.16.ppc64le.rpm	SHA-256: b8f1701823ecb5c3e3d76a5e3882f75eb96e323b1fb11e3b7a06b0fa653dddd9
resource-agents-paf-4.9.0-54.el8_10.16.ppc64le.rpm	SHA-256: b89f7fd170ec4fb9884c322716eeb9eb20fe6c61d4b51cba4cf0ce6a59e61a9c

Red Hat Enterprise Linux High Availability for IBM z Systems - Extended Life Cycle 8.10

SRPM
resource-agents-4.9.0-54.el8_10.16.src.rpm	SHA-256: 0e756b9df4e07d6f30fc12328d1d917340cd27bd95737c213330eb94b8242f5a
s390x
resource-agents-4.9.0-54.el8_10.16.s390x.rpm	SHA-256: 2448ab9d8df5370d9c030b6d8f05d55c1bd421794f5aa8fb1f6bf69cb41e8a83
resource-agents-debuginfo-4.9.0-54.el8_10.16.s390x.rpm	SHA-256: 30729b7b4be641a248fbb60d95eefa88f8d74967e1ed48d722aa505b2665d89b
resource-agents-debugsource-4.9.0-54.el8_10.16.s390x.rpm	SHA-256: d0cdf5bfbf36506558911bfbb7018b490ead56c0aeb8412e012113b40e83b5b8
resource-agents-paf-4.9.0-54.el8_10.16.s390x.rpm	SHA-256: e49fcddb5be8627c9adfe4713fcf2cbe5ad67381f03d321ed3684a503f2ba9b3

Red Hat Enterprise Linux High Availability for x86_64 - Extended Life Cycle 8.10

SRPM
resource-agents-4.9.0-54.el8_10.16.src.rpm	SHA-256: 0e756b9df4e07d6f30fc12328d1d917340cd27bd95737c213330eb94b8242f5a
x86_64
resource-agents-4.9.0-54.el8_10.16.x86_64.rpm	SHA-256: 040ca13dd7123bf1e09d894f80f9b093632555c433427da1997db6208b05fe32
resource-agents-aliyun-4.9.0-54.el8_10.16.x86_64.rpm	SHA-256: 2891c8398f48e5b8da48cb6ada3894695e58ee8c6d11b4811d2e2631f86e22d1
resource-agents-aliyun-debuginfo-4.9.0-54.el8_10.16.x86_64.rpm	SHA-256: be7ae7e3c9821239183be0c902bab93cec25bc5283cef3158b6cf94335b88b08
resource-agents-debuginfo-4.9.0-54.el8_10.16.x86_64.rpm	SHA-256: ba70e4bf30a87aae74908cd5ffe4ccb25b63d4e9c93cc5722de79798451307c2
resource-agents-debugsource-4.9.0-54.el8_10.16.x86_64.rpm	SHA-256: e02436096bda6ab6b8aad46656a0c4849b1ce303e02a8914197b223cad70778e
resource-agents-gcp-4.9.0-54.el8_10.16.x86_64.rpm	SHA-256: 49726e4137d092ffd558915cd9afc1acf564b0eb2cd85a430ca266db212d1372
resource-agents-paf-4.9.0-54.el8_10.16.x86_64.rpm	SHA-256: 51addbf02f12840ce9f25ccf5564294b6dec29e719bf9c4e4a9386a5ac30c181

Red Hat Enterprise Linux Resilient Storage for Power, little endian - Extended Life Cycle 8.10

SRPM
resource-agents-4.9.0-54.el8_10.16.src.rpm	SHA-256: 0e756b9df4e07d6f30fc12328d1d917340cd27bd95737c213330eb94b8242f5a
ppc64le
resource-agents-4.9.0-54.el8_10.16.ppc64le.rpm	SHA-256: da881f0da1a79be6a8ddd8530e2e183f7398f5b41ee741805bc17cf6cff2aa79
resource-agents-debuginfo-4.9.0-54.el8_10.16.ppc64le.rpm	SHA-256: b1a1677ed51d4a68f5be662c061ab9aeda01095587ab4ddd07665686b2e56219
resource-agents-debugsource-4.9.0-54.el8_10.16.ppc64le.rpm	SHA-256: b8f1701823ecb5c3e3d76a5e3882f75eb96e323b1fb11e3b7a06b0fa653dddd9
resource-agents-paf-4.9.0-54.el8_10.16.ppc64le.rpm	SHA-256: b89f7fd170ec4fb9884c322716eeb9eb20fe6c61d4b51cba4cf0ce6a59e61a9c

Red Hat Enterprise Linux Resilient Storage for IBM z Systems - Extended Life Cycle 8.10

SRPM
resource-agents-4.9.0-54.el8_10.16.src.rpm	SHA-256: 0e756b9df4e07d6f30fc12328d1d917340cd27bd95737c213330eb94b8242f5a
s390x
resource-agents-4.9.0-54.el8_10.16.s390x.rpm	SHA-256: 2448ab9d8df5370d9c030b6d8f05d55c1bd421794f5aa8fb1f6bf69cb41e8a83
resource-agents-debuginfo-4.9.0-54.el8_10.16.s390x.rpm	SHA-256: 30729b7b4be641a248fbb60d95eefa88f8d74967e1ed48d722aa505b2665d89b
resource-agents-debugsource-4.9.0-54.el8_10.16.s390x.rpm	SHA-256: d0cdf5bfbf36506558911bfbb7018b490ead56c0aeb8412e012113b40e83b5b8
resource-agents-paf-4.9.0-54.el8_10.16.s390x.rpm	SHA-256: e49fcddb5be8627c9adfe4713fcf2cbe5ad67381f03d321ed3684a503f2ba9b3

Red Hat Enterprise Linux Resilient Storage for x86_64 - Extended Life Cycle 8.10

SRPM
resource-agents-4.9.0-54.el8_10.16.src.rpm	SHA-256: 0e756b9df4e07d6f30fc12328d1d917340cd27bd95737c213330eb94b8242f5a
x86_64
resource-agents-4.9.0-54.el8_10.16.x86_64.rpm	SHA-256: 040ca13dd7123bf1e09d894f80f9b093632555c433427da1997db6208b05fe32
resource-agents-aliyun-4.9.0-54.el8_10.16.x86_64.rpm	SHA-256: 2891c8398f48e5b8da48cb6ada3894695e58ee8c6d11b4811d2e2631f86e22d1
resource-agents-aliyun-debuginfo-4.9.0-54.el8_10.16.x86_64.rpm	SHA-256: be7ae7e3c9821239183be0c902bab93cec25bc5283cef3158b6cf94335b88b08
resource-agents-debuginfo-4.9.0-54.el8_10.16.x86_64.rpm	SHA-256: ba70e4bf30a87aae74908cd5ffe4ccb25b63d4e9c93cc5722de79798451307c2
resource-agents-debugsource-4.9.0-54.el8_10.16.x86_64.rpm	SHA-256: e02436096bda6ab6b8aad46656a0c4849b1ce303e02a8914197b223cad70778e
resource-agents-gcp-4.9.0-54.el8_10.16.x86_64.rpm	SHA-256: 49726e4137d092ffd558915cd9afc1acf564b0eb2cd85a430ca266db212d1372
resource-agents-paf-4.9.0-54.el8_10.16.x86_64.rpm	SHA-256: 51addbf02f12840ce9f25ccf5564294b6dec29e719bf9c4e4a9386a5ac30c181

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation