Issued:: 2025-05-29
Updated:: 2025-05-29

RHSA-2025:8319 - Security Advisory

Overview
Updated Packages

Synopsis

Important: pcs security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for pcs is now available for Red Hat Enterprise Linux 10.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.

Security Fix(es):

rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser (CVE-2025-46727)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux High Availability for x86_64 10 x86_64
Red Hat Enterprise Linux High Availability for ARM 64 10 aarch64
Red Hat Enterprise Linux High Availability for x86_64 - Extended Update Support 10.0 x86_64
Red Hat Enterprise Linux High Availability for IBM z Systems 10 s390x
Red Hat Enterprise Linux High Availability for Power, little endian 10 ppc64le
Red Hat Enterprise Linux High Availability for Power, little endian - Extended Update Support 10.0 ppc64le
Red Hat Enterprise Linux High Availability (for IBM z Systems) - Extended Update Support 10.0 s390x
Red Hat Enterprise Linux High Availability (for ARM 64) - Extended Update Support 10.0 aarch64
Red Hat Enterprise Linux High Availability for ARM 64 - 4 years of updates 10.0 aarch64
Red Hat Enterprise Linux High Availability for IBM z Systems - 4 years of updates 10.0 s390x
Red Hat Enterprise Linux High Availability for Power, little endian - 4 years of updates 10.0 ppc64le
Red Hat Enterprise Linux High Availability for x86_64 - 4 years of updates 10.0 x86_64

Fixes

BZ - 2364966 - CVE-2025-46727 rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser

CVEs

CVE-2025-46727

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux High Availability for x86_64 10

SRPM
pcs-0.12.0-3.el10_0.2.src.rpm	SHA-256: 84f6bd8c89cc02a19516db371d1188ca7c17617e761ec50ea219d84ce7f5bb54
x86_64
cockpit-ha-cluster-0.12.0-3.el10_0.2.noarch.rpm	SHA-256: 2dce5fac167c970a03c511e40283c568f3173bf4bbf0d35a417a804aab57ae20
pcs-0.12.0-3.el10_0.2.x86_64.rpm	SHA-256: 70fcf9d81af0d7c725b0fc6255fb8067b34e41d3cdaa44f5bb41ad9f297b5f9a
pcs-snmp-0.12.0-3.el10_0.2.x86_64.rpm	SHA-256: b29ee5c7f53a5e9fcbbd9dd306652b87ad2afc3de9108411e8dc6dde0bd06488

Red Hat Enterprise Linux High Availability for ARM 64 10

SRPM
pcs-0.12.0-3.el10_0.2.src.rpm	SHA-256: 84f6bd8c89cc02a19516db371d1188ca7c17617e761ec50ea219d84ce7f5bb54
aarch64
cockpit-ha-cluster-0.12.0-3.el10_0.2.noarch.rpm	SHA-256: 2dce5fac167c970a03c511e40283c568f3173bf4bbf0d35a417a804aab57ae20
pcs-0.12.0-3.el10_0.2.aarch64.rpm	SHA-256: 688c8f5d1aacc32ee2f41a6375af61fd676c17fe4f17d30e0f6e519a2b49906d
pcs-snmp-0.12.0-3.el10_0.2.aarch64.rpm	SHA-256: c69dcc7770a56c8fd3ec76aade19a43ab759104bf02a09788a58b54ee8093bdf

Red Hat Enterprise Linux High Availability for x86_64 - Extended Update Support 10.0

SRPM
pcs-0.12.0-3.el10_0.2.src.rpm	SHA-256: 84f6bd8c89cc02a19516db371d1188ca7c17617e761ec50ea219d84ce7f5bb54
x86_64
cockpit-ha-cluster-0.12.0-3.el10_0.2.noarch.rpm	SHA-256: 2dce5fac167c970a03c511e40283c568f3173bf4bbf0d35a417a804aab57ae20
pcs-0.12.0-3.el10_0.2.x86_64.rpm	SHA-256: 70fcf9d81af0d7c725b0fc6255fb8067b34e41d3cdaa44f5bb41ad9f297b5f9a
pcs-snmp-0.12.0-3.el10_0.2.x86_64.rpm	SHA-256: b29ee5c7f53a5e9fcbbd9dd306652b87ad2afc3de9108411e8dc6dde0bd06488

Red Hat Enterprise Linux High Availability for IBM z Systems 10

SRPM
pcs-0.12.0-3.el10_0.2.src.rpm	SHA-256: 84f6bd8c89cc02a19516db371d1188ca7c17617e761ec50ea219d84ce7f5bb54
s390x
cockpit-ha-cluster-0.12.0-3.el10_0.2.noarch.rpm	SHA-256: 2dce5fac167c970a03c511e40283c568f3173bf4bbf0d35a417a804aab57ae20
pcs-0.12.0-3.el10_0.2.s390x.rpm	SHA-256: fd2a3ce8f380dbd582e9cb77b62323fb6742a6c93080f75236d61db0e0acf4b1
pcs-snmp-0.12.0-3.el10_0.2.s390x.rpm	SHA-256: 67065efec7423ff0dca65f1fcac53f50681382b8225fbc0bd829934e36b7a6e9

Red Hat Enterprise Linux High Availability for Power, little endian 10

SRPM
pcs-0.12.0-3.el10_0.2.src.rpm	SHA-256: 84f6bd8c89cc02a19516db371d1188ca7c17617e761ec50ea219d84ce7f5bb54
ppc64le
cockpit-ha-cluster-0.12.0-3.el10_0.2.noarch.rpm	SHA-256: 2dce5fac167c970a03c511e40283c568f3173bf4bbf0d35a417a804aab57ae20
pcs-0.12.0-3.el10_0.2.ppc64le.rpm	SHA-256: 25cfe0bcafb2a5378e18d12f20d992377511e664832b21495dd365e39830400f
pcs-snmp-0.12.0-3.el10_0.2.ppc64le.rpm	SHA-256: 4b302894011eacb5b519023ec3ca5acccb5037cd3c7d3e0c9b55a2f0312748d1

Red Hat Enterprise Linux High Availability for Power, little endian - Extended Update Support 10.0

SRPM
pcs-0.12.0-3.el10_0.2.src.rpm	SHA-256: 84f6bd8c89cc02a19516db371d1188ca7c17617e761ec50ea219d84ce7f5bb54
ppc64le
cockpit-ha-cluster-0.12.0-3.el10_0.2.noarch.rpm	SHA-256: 2dce5fac167c970a03c511e40283c568f3173bf4bbf0d35a417a804aab57ae20
pcs-0.12.0-3.el10_0.2.ppc64le.rpm	SHA-256: 25cfe0bcafb2a5378e18d12f20d992377511e664832b21495dd365e39830400f
pcs-snmp-0.12.0-3.el10_0.2.ppc64le.rpm	SHA-256: 4b302894011eacb5b519023ec3ca5acccb5037cd3c7d3e0c9b55a2f0312748d1

Red Hat Enterprise Linux High Availability (for IBM z Systems) - Extended Update Support 10.0

SRPM
pcs-0.12.0-3.el10_0.2.src.rpm	SHA-256: 84f6bd8c89cc02a19516db371d1188ca7c17617e761ec50ea219d84ce7f5bb54
s390x
cockpit-ha-cluster-0.12.0-3.el10_0.2.noarch.rpm	SHA-256: 2dce5fac167c970a03c511e40283c568f3173bf4bbf0d35a417a804aab57ae20
pcs-0.12.0-3.el10_0.2.s390x.rpm	SHA-256: fd2a3ce8f380dbd582e9cb77b62323fb6742a6c93080f75236d61db0e0acf4b1
pcs-snmp-0.12.0-3.el10_0.2.s390x.rpm	SHA-256: 67065efec7423ff0dca65f1fcac53f50681382b8225fbc0bd829934e36b7a6e9

Red Hat Enterprise Linux High Availability (for ARM 64) - Extended Update Support 10.0

SRPM
pcs-0.12.0-3.el10_0.2.src.rpm	SHA-256: 84f6bd8c89cc02a19516db371d1188ca7c17617e761ec50ea219d84ce7f5bb54
aarch64
cockpit-ha-cluster-0.12.0-3.el10_0.2.noarch.rpm	SHA-256: 2dce5fac167c970a03c511e40283c568f3173bf4bbf0d35a417a804aab57ae20
pcs-0.12.0-3.el10_0.2.aarch64.rpm	SHA-256: 688c8f5d1aacc32ee2f41a6375af61fd676c17fe4f17d30e0f6e519a2b49906d
pcs-snmp-0.12.0-3.el10_0.2.aarch64.rpm	SHA-256: c69dcc7770a56c8fd3ec76aade19a43ab759104bf02a09788a58b54ee8093bdf

Red Hat Enterprise Linux High Availability for ARM 64 - 4 years of updates 10.0

SRPM
pcs-0.12.0-3.el10_0.2.src.rpm	SHA-256: 84f6bd8c89cc02a19516db371d1188ca7c17617e761ec50ea219d84ce7f5bb54
aarch64
cockpit-ha-cluster-0.12.0-3.el10_0.2.noarch.rpm	SHA-256: 2dce5fac167c970a03c511e40283c568f3173bf4bbf0d35a417a804aab57ae20
pcs-0.12.0-3.el10_0.2.aarch64.rpm	SHA-256: 688c8f5d1aacc32ee2f41a6375af61fd676c17fe4f17d30e0f6e519a2b49906d
pcs-snmp-0.12.0-3.el10_0.2.aarch64.rpm	SHA-256: c69dcc7770a56c8fd3ec76aade19a43ab759104bf02a09788a58b54ee8093bdf

Red Hat Enterprise Linux High Availability for IBM z Systems - 4 years of updates 10.0

SRPM
pcs-0.12.0-3.el10_0.2.src.rpm	SHA-256: 84f6bd8c89cc02a19516db371d1188ca7c17617e761ec50ea219d84ce7f5bb54
s390x
cockpit-ha-cluster-0.12.0-3.el10_0.2.noarch.rpm	SHA-256: 2dce5fac167c970a03c511e40283c568f3173bf4bbf0d35a417a804aab57ae20
pcs-0.12.0-3.el10_0.2.s390x.rpm	SHA-256: fd2a3ce8f380dbd582e9cb77b62323fb6742a6c93080f75236d61db0e0acf4b1
pcs-snmp-0.12.0-3.el10_0.2.s390x.rpm	SHA-256: 67065efec7423ff0dca65f1fcac53f50681382b8225fbc0bd829934e36b7a6e9

Red Hat Enterprise Linux High Availability for Power, little endian - 4 years of updates 10.0

SRPM
pcs-0.12.0-3.el10_0.2.src.rpm	SHA-256: 84f6bd8c89cc02a19516db371d1188ca7c17617e761ec50ea219d84ce7f5bb54
ppc64le
cockpit-ha-cluster-0.12.0-3.el10_0.2.noarch.rpm	SHA-256: 2dce5fac167c970a03c511e40283c568f3173bf4bbf0d35a417a804aab57ae20
pcs-0.12.0-3.el10_0.2.ppc64le.rpm	SHA-256: 25cfe0bcafb2a5378e18d12f20d992377511e664832b21495dd365e39830400f
pcs-snmp-0.12.0-3.el10_0.2.ppc64le.rpm	SHA-256: 4b302894011eacb5b519023ec3ca5acccb5037cd3c7d3e0c9b55a2f0312748d1

Red Hat Enterprise Linux High Availability for x86_64 - 4 years of updates 10.0

SRPM
pcs-0.12.0-3.el10_0.2.src.rpm	SHA-256: 84f6bd8c89cc02a19516db371d1188ca7c17617e761ec50ea219d84ce7f5bb54
x86_64
cockpit-ha-cluster-0.12.0-3.el10_0.2.noarch.rpm	SHA-256: 2dce5fac167c970a03c511e40283c568f3173bf4bbf0d35a417a804aab57ae20
pcs-0.12.0-3.el10_0.2.x86_64.rpm	SHA-256: 70fcf9d81af0d7c725b0fc6255fb8067b34e41d3cdaa44f5bb41ad9f297b5f9a
pcs-snmp-0.12.0-3.el10_0.2.x86_64.rpm	SHA-256: b29ee5c7f53a5e9fcbbd9dd306652b87ad2afc3de9108411e8dc6dde0bd06488

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation