Publié :: 2025-03-10
Mis à jour :: 2025-03-10

RHSA-2025:2470 - Security Advisory

Aperçu général
Paquets mis à jour

Synopsis

Important: pcs security update

Type / Sévérité

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identifiez et remédiez aux systèmes concernés par cette alerte.

Voir les systèmes concernés

Sujet

An update for pcs is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.

Security Fix(es):

python-tornado: Tornado has HTTP cookie parsing DoS vulnerability (CVE-2024-52804)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Produits concernés

Red Hat Enterprise Linux High Availability for x86_64 - Extended Update Support 9.4 x86_64
Red Hat Enterprise Linux Resilient Storage for x86_64 - Extended Update Support 9.4 x86_64
Red Hat Enterprise Linux Resilient Storage for Power, little endian - Extended Update Support 9.4 ppc64le
Red Hat Enterprise Linux High Availability for Power, little endian - Extended Update Support 9.4 ppc64le
Red Hat Enterprise Linux High Availability for Power LE - Update Services for SAP Solutions 9.4 ppc64le
Red Hat Enterprise Linux High Availability for x86_64 - Update Services for SAP Solutions 9.4 x86_64
Red Hat Enterprise Linux High Availability (for IBM z Systems) - Extended Update Support 9.4 s390x
Red Hat Enterprise Linux High Availability (for ARM 64) - Extended Update Support 9.4 aarch64
Red Hat Enterprise Linux Resilient Storage for IBM z Systems - Extended Update Support 9.4 s390x
Red Hat Enterprise Linux High Availability for ARM 64 - 4 years of updates 9.4 aarch64
Red Hat Enterprise Linux High Availability for IBM z Systems - 4 years of updates 9.4 s390x
Red Hat Enterprise Linux Resilient Storage for x86_64 - 4 years of updates 9.4 x86_64
Red Hat Enterprise Linux Resilient Storage for Power, little endian - 4 years of updates 9.4 ppc64le
Red Hat Enterprise Linux Resilient Storage for IBM z Systems - 4 years of updates 9.4 s390x

Correctifs

BZ - 2328045 - CVE-2024-52804 python-tornado: Tornado has HTTP cookie parsing DoS vulnerability

CVE

CVE-2024-52804

Références

https://access.redhat.com/security/updates/classification/#important

Remarque: Il existe peut-être des versions plus récentes de ces paquets. Cliquer sur un nom de paquet pour obtenir plus de détails.

Red Hat Enterprise Linux High Availability for x86_64 - Extended Update Support 9.4

SRPM
pcs-0.11.7-2.el9_4.3.src.rpm	SHA-256: c0e3f045fe8356135cb674753d1bfb8599306b228138eae0d96ceb4485d0bdce
x86_64
pcs-0.11.7-2.el9_4.3.x86_64.rpm	SHA-256: bbc46d78b07ede1b089eabcb6c4fe5f5bab0d155ec8fffd97789471dc890dd94
pcs-snmp-0.11.7-2.el9_4.3.x86_64.rpm	SHA-256: 1708536f554c096092dc1f99999fe11ef9631896ad7dfcb1d49c3e87196f77bc

Red Hat Enterprise Linux Resilient Storage for x86_64 - Extended Update Support 9.4

SRPM
pcs-0.11.7-2.el9_4.3.src.rpm	SHA-256: c0e3f045fe8356135cb674753d1bfb8599306b228138eae0d96ceb4485d0bdce
x86_64
pcs-0.11.7-2.el9_4.3.x86_64.rpm	SHA-256: bbc46d78b07ede1b089eabcb6c4fe5f5bab0d155ec8fffd97789471dc890dd94
pcs-snmp-0.11.7-2.el9_4.3.x86_64.rpm	SHA-256: 1708536f554c096092dc1f99999fe11ef9631896ad7dfcb1d49c3e87196f77bc

Red Hat Enterprise Linux Resilient Storage for Power, little endian - Extended Update Support 9.4

SRPM
pcs-0.11.7-2.el9_4.3.src.rpm	SHA-256: c0e3f045fe8356135cb674753d1bfb8599306b228138eae0d96ceb4485d0bdce
ppc64le
pcs-0.11.7-2.el9_4.3.ppc64le.rpm	SHA-256: 528b96d2ea52717846727fbd1b0536236fc22a8df3e03d5aa3cd1836bf7c49b9
pcs-snmp-0.11.7-2.el9_4.3.ppc64le.rpm	SHA-256: 87c796257c070b62bee23218fa2369235859dbc67028a7aa6e4a55c1cf8f21f9

Red Hat Enterprise Linux High Availability for Power, little endian - Extended Update Support 9.4

SRPM
pcs-0.11.7-2.el9_4.3.src.rpm	SHA-256: c0e3f045fe8356135cb674753d1bfb8599306b228138eae0d96ceb4485d0bdce
ppc64le
pcs-0.11.7-2.el9_4.3.ppc64le.rpm	SHA-256: 528b96d2ea52717846727fbd1b0536236fc22a8df3e03d5aa3cd1836bf7c49b9
pcs-snmp-0.11.7-2.el9_4.3.ppc64le.rpm	SHA-256: 87c796257c070b62bee23218fa2369235859dbc67028a7aa6e4a55c1cf8f21f9

Red Hat Enterprise Linux High Availability for Power LE - Update Services for SAP Solutions 9.4

SRPM
pcs-0.11.7-2.el9_4.3.src.rpm	SHA-256: c0e3f045fe8356135cb674753d1bfb8599306b228138eae0d96ceb4485d0bdce
ppc64le
pcs-0.11.7-2.el9_4.3.ppc64le.rpm	SHA-256: 528b96d2ea52717846727fbd1b0536236fc22a8df3e03d5aa3cd1836bf7c49b9
pcs-snmp-0.11.7-2.el9_4.3.ppc64le.rpm	SHA-256: 87c796257c070b62bee23218fa2369235859dbc67028a7aa6e4a55c1cf8f21f9

Red Hat Enterprise Linux High Availability for x86_64 - Update Services for SAP Solutions 9.4

SRPM
pcs-0.11.7-2.el9_4.3.src.rpm	SHA-256: c0e3f045fe8356135cb674753d1bfb8599306b228138eae0d96ceb4485d0bdce
x86_64
pcs-0.11.7-2.el9_4.3.x86_64.rpm	SHA-256: bbc46d78b07ede1b089eabcb6c4fe5f5bab0d155ec8fffd97789471dc890dd94
pcs-snmp-0.11.7-2.el9_4.3.x86_64.rpm	SHA-256: 1708536f554c096092dc1f99999fe11ef9631896ad7dfcb1d49c3e87196f77bc

Red Hat Enterprise Linux High Availability (for IBM z Systems) - Extended Update Support 9.4

SRPM
pcs-0.11.7-2.el9_4.3.src.rpm	SHA-256: c0e3f045fe8356135cb674753d1bfb8599306b228138eae0d96ceb4485d0bdce
s390x
pcs-0.11.7-2.el9_4.3.s390x.rpm	SHA-256: 0326ae22d0641c2dfd0b9d5ba25dc92d7da397fd71666edf290baee0c2920ad6
pcs-snmp-0.11.7-2.el9_4.3.s390x.rpm	SHA-256: a9a3bd259525591a2221bd8ce663a4501bdc97a60ecef5f970060f0be7055b45

Red Hat Enterprise Linux High Availability (for ARM 64) - Extended Update Support 9.4

SRPM
pcs-0.11.7-2.el9_4.3.src.rpm	SHA-256: c0e3f045fe8356135cb674753d1bfb8599306b228138eae0d96ceb4485d0bdce
aarch64
pcs-0.11.7-2.el9_4.3.aarch64.rpm	SHA-256: 695b78b164ba577deab6a5463f20bfe0e2d8d872524dd53e6e664f37a6bc5d50
pcs-snmp-0.11.7-2.el9_4.3.aarch64.rpm	SHA-256: ce34a147602fbb0e572fad9fe8747c55eb5fe17531d6ceb61ece88b8c447f50b

Red Hat Enterprise Linux Resilient Storage for IBM z Systems - Extended Update Support 9.4

SRPM
pcs-0.11.7-2.el9_4.3.src.rpm	SHA-256: c0e3f045fe8356135cb674753d1bfb8599306b228138eae0d96ceb4485d0bdce
s390x
pcs-0.11.7-2.el9_4.3.s390x.rpm	SHA-256: 0326ae22d0641c2dfd0b9d5ba25dc92d7da397fd71666edf290baee0c2920ad6
pcs-snmp-0.11.7-2.el9_4.3.s390x.rpm	SHA-256: a9a3bd259525591a2221bd8ce663a4501bdc97a60ecef5f970060f0be7055b45

Red Hat Enterprise Linux High Availability for ARM 64 - 4 years of updates 9.4

SRPM
pcs-0.11.7-2.el9_4.3.src.rpm	SHA-256: c0e3f045fe8356135cb674753d1bfb8599306b228138eae0d96ceb4485d0bdce
aarch64
pcs-0.11.7-2.el9_4.3.aarch64.rpm	SHA-256: 695b78b164ba577deab6a5463f20bfe0e2d8d872524dd53e6e664f37a6bc5d50
pcs-snmp-0.11.7-2.el9_4.3.aarch64.rpm	SHA-256: ce34a147602fbb0e572fad9fe8747c55eb5fe17531d6ceb61ece88b8c447f50b

Red Hat Enterprise Linux High Availability for IBM z Systems - 4 years of updates 9.4

SRPM
pcs-0.11.7-2.el9_4.3.src.rpm	SHA-256: c0e3f045fe8356135cb674753d1bfb8599306b228138eae0d96ceb4485d0bdce
s390x
pcs-0.11.7-2.el9_4.3.s390x.rpm	SHA-256: 0326ae22d0641c2dfd0b9d5ba25dc92d7da397fd71666edf290baee0c2920ad6
pcs-snmp-0.11.7-2.el9_4.3.s390x.rpm	SHA-256: a9a3bd259525591a2221bd8ce663a4501bdc97a60ecef5f970060f0be7055b45

Red Hat Enterprise Linux Resilient Storage for x86_64 - 4 years of updates 9.4

SRPM
pcs-0.11.7-2.el9_4.3.src.rpm	SHA-256: c0e3f045fe8356135cb674753d1bfb8599306b228138eae0d96ceb4485d0bdce
x86_64
pcs-0.11.7-2.el9_4.3.x86_64.rpm	SHA-256: bbc46d78b07ede1b089eabcb6c4fe5f5bab0d155ec8fffd97789471dc890dd94
pcs-snmp-0.11.7-2.el9_4.3.x86_64.rpm	SHA-256: 1708536f554c096092dc1f99999fe11ef9631896ad7dfcb1d49c3e87196f77bc

Red Hat Enterprise Linux Resilient Storage for Power, little endian - 4 years of updates 9.4

SRPM
pcs-0.11.7-2.el9_4.3.src.rpm	SHA-256: c0e3f045fe8356135cb674753d1bfb8599306b228138eae0d96ceb4485d0bdce
ppc64le
pcs-0.11.7-2.el9_4.3.ppc64le.rpm	SHA-256: 528b96d2ea52717846727fbd1b0536236fc22a8df3e03d5aa3cd1836bf7c49b9
pcs-snmp-0.11.7-2.el9_4.3.ppc64le.rpm	SHA-256: 87c796257c070b62bee23218fa2369235859dbc67028a7aa6e4a55c1cf8f21f9

Red Hat Enterprise Linux Resilient Storage for IBM z Systems - 4 years of updates 9.4

SRPM
pcs-0.11.7-2.el9_4.3.src.rpm	SHA-256: c0e3f045fe8356135cb674753d1bfb8599306b228138eae0d96ceb4485d0bdce
s390x
pcs-0.11.7-2.el9_4.3.s390x.rpm	SHA-256: 0326ae22d0641c2dfd0b9d5ba25dc92d7da397fd71666edf290baee0c2920ad6
pcs-snmp-0.11.7-2.el9_4.3.s390x.rpm	SHA-256: a9a3bd259525591a2221bd8ce663a4501bdc97a60ecef5f970060f0be7055b45

Le contact Red Hat Security est secalert@redhat.com. Plus d'infos contact à https://access.redhat.com/security/team/contact/.

Sélectionnez la langue

Infrastructure et gestion

Informatique Cloud

Stockage

Runtimes

Intégration et automatisation