What is the severity of RHSA-2020:5453?

The severity of RHSA-2020:5453 is classified as moderate.

What does the RHSA-2020:5453 vulnerability affect?

The RHSA-2020:5453 vulnerability affects the Pacemaker cluster resource manager and related packages.

How do I fix RHSA-2020:5453?

To fix RHSA-2020:5453, update the affected packages to version 1.1.23-1.el7_9.1 or later.

What is CVE-2020-25654 related to RHSA-2020:5453?

CVE-2020-25654 is an access control list (ACL) restrictions bypass vulnerability addressed by the RHSA-2020:5453 advisory.

Is RHSA-2020:5453 applicable to multiple architectures?

Yes, RHSA-2020:5453 is applicable to multiple architectures including x86_64 and ppc64le.

Vulnerability/
RHSA-2020:5453

15/12/2020

RHSA-2020:5453: Moderate: pacemaker security update

First published: Tue Dec 15 2020(Updated: )

The Pacemaker cluster resource manager is a collection of technologies working together to maintain data integrity and application availability in the event of failures. <br>Security Fix(es):<br><li> pacemaker: ACL restrictions bypass (CVE-2020-25654)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Software	Affected Version	How to fix
redhat/pacemaker	<1.1.23-1.el7_9.1	1.1.23-1.el7_9.1
redhat/pacemaker	<1.1.23-1.el7_9.1	1.1.23-1.el7_9.1
redhat/pacemaker-cli	<1.1.23-1.el7_9.1	1.1.23-1.el7_9.1
redhat/pacemaker-cluster-libs	<1.1.23-1.el7_9.1	1.1.23-1.el7_9.1
redhat/pacemaker-cluster-libs	<1.1.23-1.el7_9.1	1.1.23-1.el7_9.1
redhat/pacemaker-debuginfo	<1.1.23-1.el7_9.1	1.1.23-1.el7_9.1
redhat/pacemaker-debuginfo	<1.1.23-1.el7_9.1	1.1.23-1.el7_9.1
redhat/pacemaker-doc	<1.1.23-1.el7_9.1	1.1.23-1.el7_9.1
redhat/pacemaker-libs	<1.1.23-1.el7_9.1	1.1.23-1.el7_9.1
redhat/pacemaker-libs	<1.1.23-1.el7_9.1	1.1.23-1.el7_9.1
redhat/pacemaker-libs-devel	<1.1.23-1.el7_9.1	1.1.23-1.el7_9.1
redhat/pacemaker-libs-devel	<1.1.23-1.el7_9.1	1.1.23-1.el7_9.1
redhat/pacemaker-nagios-plugins-metadata	<1.1.23-1.el7_9.1	1.1.23-1.el7_9.1
redhat/pacemaker-remote	<1.1.23-1.el7_9.1	1.1.23-1.el7_9.1
redhat/pacemaker-cli	<1.1.23-1.el7_9.1	1.1.23-1.el7_9.1
redhat/pacemaker-doc	<1.1.23-1.el7_9.1	1.1.23-1.el7_9.1
redhat/pacemaker-nagios-plugins-metadata	<1.1.23-1.el7_9.1	1.1.23-1.el7_9.1
redhat/pacemaker-remote	<1.1.23-1.el7_9.1	1.1.23-1.el7_9.1
redhat/pacemaker	<1.1.23-1.el7_9.1	1.1.23-1.el7_9.1
redhat/pacemaker-cli	<1.1.23-1.el7_9.1	1.1.23-1.el7_9.1
redhat/pacemaker-cluster-libs	<1.1.23-1.el7_9.1	1.1.23-1.el7_9.1
redhat/pacemaker-debuginfo	<1.1.23-1.el7_9.1	1.1.23-1.el7_9.1
redhat/pacemaker-doc	<1.1.23-1.el7_9.1	1.1.23-1.el7_9.1
redhat/pacemaker-libs	<1.1.23-1.el7_9.1	1.1.23-1.el7_9.1
redhat/pacemaker-libs-devel	<1.1.23-1.el7_9.1	1.1.23-1.el7_9.1
redhat/pacemaker-nagios-plugins-metadata	<1.1.23-1.el7_9.1	1.1.23-1.el7_9.1
redhat/pacemaker-remote	<1.1.23-1.el7_9.1	1.1.23-1.el7_9.1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of RHSA-2020:5453?
The severity of RHSA-2020:5453 is classified as moderate.
What does the RHSA-2020:5453 vulnerability affect?
The RHSA-2020:5453 vulnerability affects the Pacemaker cluster resource manager and related packages.
How do I fix RHSA-2020:5453?
To fix RHSA-2020:5453, update the affected packages to version 1.1.23-1.el7_9.1 or later.
What is CVE-2020-25654 related to RHSA-2020:5453?
CVE-2020-25654 is an access control list (ACL) restrictions bypass vulnerability addressed by the RHSA-2020:5453 advisory.
Is RHSA-2020:5453 applicable to multiple architectures?
Yes, RHSA-2020:5453 is applicable to multiple architectures including x86_64 and ppc64le.

agent/description
agent/event
agent/first-publish-date
agent/last-modified-date
agent/references
agent/remedy
agent/severity
agent/softwarecombine
agent/tags
agent/title
agent/type
collector/redhat-errata
source/Red Hat
anchor-id/RHSA-2020:5453
agent/software-canonical-lookup
package-manager/redhat

Frequently Asked Questions

What is the severity of RHSA-2020:5453?
The severity of RHSA-2020:5453 is classified as moderate.
What does the RHSA-2020:5453 vulnerability affect?
The RHSA-2020:5453 vulnerability affects the Pacemaker cluster resource manager and related packages.
How do I fix RHSA-2020:5453?
To fix RHSA-2020:5453, update the affected packages to version 1.1.23-1.el7_9.1 or later.
What is CVE-2020-25654 related to RHSA-2020:5453?
CVE-2020-25654 is an access control list (ACL) restrictions bypass vulnerability addressed by the RHSA-2020:5453 advisory.
Is RHSA-2020:5453 applicable to multiple architectures?
Yes, RHSA-2020:5453 is applicable to multiple architectures including x86_64 and ppc64le.

RHSA-2020:5453: Moderate: pacemaker security update

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of RHSA-2020:5453?

What does the RHSA-2020:5453 vulnerability affect?

How do I fix RHSA-2020:5453?

What is CVE-2020-25654 related to RHSA-2020:5453?

Is RHSA-2020:5453 applicable to multiple architectures?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of RHSA-2020:5453?

What does the RHSA-2020:5453 vulnerability affect?

How do I fix RHSA-2020:5453?

What is CVE-2020-25654 related to RHSA-2020:5453?

Is RHSA-2020:5453 applicable to multiple architectures?