CVE-2019-3885 - A use-after-free flaw was found in pacemaker up to and including version 2.0.1 which could result in

CVE-2019-3885

Summary

A use-after-free flaw was found in pacemaker up to and including version 2.0.1 which could result in certain sensitive information to be leaked via the system logs.

References

Vulnerable Configurations

cpe:2.3:a:clusterlabs:pacemaker:0.6.0:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:0.6.0:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:0.6.2:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:0.6.2:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:0.6.3:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:0.6.3:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:0.6.4:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:0.6.4:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:0.6.5:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:0.6.5:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:0.6.6:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:0.6.6:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:0.7.0:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:0.7.0:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:0.7.3:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:0.7.3:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.0.7:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.0.7:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.0.8:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.0.8:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.3:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.3:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.4:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.4:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.5:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.5:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.6:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.6:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.6.1:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.6.1:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.7:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.7:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.8:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.8:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.9:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.9:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.10:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.10:*:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc1:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc1:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc2:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc2:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc3:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc3:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc4:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc4:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc5:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc5:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc6:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc6:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc7:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc7:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.11:-:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.11:-:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.11:rc1:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.11:rc1:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.11:rc2:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.11:rc2:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.11:rc3:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.11:rc3:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.11:rc4:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.11:rc4:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.11:rc5:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.11:rc5:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.12:-:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.12:-:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.12:rc1:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.12:rc1:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.12:rc2:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.12:rc2:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.12:rc3:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.12:rc3:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.12:rc4:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.12:rc4:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.13:-:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.13:-:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.13:rc1:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.13:rc1:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.13:rc2:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.13:rc2:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.13:rc3:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.13:rc3:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.14:-:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.14:-:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.14:rc1:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.14:rc1:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.14:rc2:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.14:rc2:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.14:rc3:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.14:rc3:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.14:rc4:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.14:rc4:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.14:rc5:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.14:rc5:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.15:-:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.15:-:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.15:rc1:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.15:rc1:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.15:rc2:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.15:rc2:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.15:rc3:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.15:rc3:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.15:rc4:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.15:rc4:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.16:-:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.16:-:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.16:rc1:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.16:rc1:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.16:rc2:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.16:rc2:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.17:-:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.17:-:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.17:rc1:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.17:rc1:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.17:rc2:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.17:rc2:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.17:rc3:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.17:rc3:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.17:rc4:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.17:rc4:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.18:-:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.18:-:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.18:rc1:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.18:rc1:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.18:rc2:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.18:rc2:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.18:rc3:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.18:rc3:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.18:rc4:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.18:rc4:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.19:-:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.19:-:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.19:rc1:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.19:rc1:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.20:-:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.20:-:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.20:rc1:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.20:rc1:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.20:rc2:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.20:rc2:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.20:rc3:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.20:rc3:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.21:-:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.21:-:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.21:rc1:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:1.1.21:rc1:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:2.0.0:-:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:2.0.0:-:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:2.0.0:rc1:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:2.0.0:rc1:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:2.0.0:rc2:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:2.0.0:rc2:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:2.0.0:rc3:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:2.0.0:rc3:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:2.0.0:rc4:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:2.0.0:rc4:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:2.0.0:rc5:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:2.0.0:rc5:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:2.0.0:rc6:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:2.0.0:rc6:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:2.0.1:-:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:2.0.1:-:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:2.0.1:rc1:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:2.0.1:rc1:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:2.0.1:rc2:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:2.0.1:rc2:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:2.0.1:rc3:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:2.0.1:rc3:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:2.0.1:rc4:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:2.0.1:rc4:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:2.0.1:rc5:*:*:*:*:*:*
cpe:2.3:a:clusterlabs:pacemaker:2.0.1:rc5:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*

CVSS

Base:	5.0 (as of 29-09-2023 - 11:15)
Impact:
Exploitability:

CWE

CWE-416

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:N/A:N

redhat via4

advisories

bugzilla

id	1694554
title	CVE-2019-3885 pacemaker: Information disclosure through use-after-free

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 7 is installed
oval oval:com.redhat.rhba:tst:20150364027

AND
comment pacemaker is earlier than 0:1.1.19-8.el7_6.5
oval oval:com.redhat.rhsa:tst:20191278001
comment pacemaker is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20131635002

AND

comment pacemaker-cli is earlier than 0:1.1.19-8.el7_6.5
oval oval:com.redhat.rhsa:tst:20191278003
comment pacemaker-cli is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20131635004

AND

comment pacemaker-cluster-libs is earlier than 0:1.1.19-8.el7_6.5
oval oval:com.redhat.rhsa:tst:20191278005
comment pacemaker-cluster-libs is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20131635006

AND

comment pacemaker-cts is earlier than 0:1.1.19-8.el7_6.5
oval oval:com.redhat.rhsa:tst:20191278007
comment pacemaker-cts is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20131635008

AND

comment pacemaker-doc is earlier than 0:1.1.19-8.el7_6.5
oval oval:com.redhat.rhsa:tst:20191278009
comment pacemaker-doc is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20131635010

AND

comment pacemaker-libs is earlier than 0:1.1.19-8.el7_6.5
oval oval:com.redhat.rhsa:tst:20191278011
comment pacemaker-libs is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20131635012

AND

comment pacemaker-libs-devel is earlier than 0:1.1.19-8.el7_6.5
oval oval:com.redhat.rhsa:tst:20191278013
comment pacemaker-libs-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20131635014

AND

comment pacemaker-nagios-plugins-metadata is earlier than 0:1.1.19-8.el7_6.5
oval oval:com.redhat.rhsa:tst:20191278015
comment pacemaker-nagios-plugins-metadata is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20152383016

AND

comment pacemaker-remote is earlier than 0:1.1.19-8.el7_6.5
oval oval:com.redhat.rhsa:tst:20191278017
comment pacemaker-remote is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20131635016

rhsa

id	RHSA-2019:1278
released	2019-05-27
severity	Important
title	RHSA-2019:1278: pacemaker security update (Important)

bugzilla

id	1695247
title	Interrupted live migration will get full start rather than completed migration [RHEL-8.0.0.z]

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 8 is installed
oval oval:com.redhat.rhba:tst:20193384074

AND
comment pacemaker is earlier than 0:2.0.1-4.el8_0.3
oval oval:com.redhat.rhsa:tst:20191279001
comment pacemaker is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20131635002

AND

comment pacemaker-cli is earlier than 0:2.0.1-4.el8_0.3
oval oval:com.redhat.rhsa:tst:20191279003
comment pacemaker-cli is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20131635004

AND

comment pacemaker-cluster-libs is earlier than 0:2.0.1-4.el8_0.3
oval oval:com.redhat.rhsa:tst:20191279005
comment pacemaker-cluster-libs is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20131635006

AND

comment pacemaker-cts is earlier than 0:2.0.1-4.el8_0.3
oval oval:com.redhat.rhsa:tst:20191279007
comment pacemaker-cts is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20131635008

AND

comment pacemaker-debugsource is earlier than 0:2.0.1-4.el8_0.3
oval oval:com.redhat.rhsa:tst:20191279009
comment pacemaker-debugsource is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20191279010

AND

comment pacemaker-doc is earlier than 0:2.0.1-4.el8_0.3
oval oval:com.redhat.rhsa:tst:20191279011
comment pacemaker-doc is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20131635010

AND

comment pacemaker-libs is earlier than 0:2.0.1-4.el8_0.3
oval oval:com.redhat.rhsa:tst:20191279013
comment pacemaker-libs is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20131635012

AND

comment pacemaker-libs-devel is earlier than 0:2.0.1-4.el8_0.3
oval oval:com.redhat.rhsa:tst:20191279015
comment pacemaker-libs-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20131635014

AND

comment pacemaker-nagios-plugins-metadata is earlier than 0:2.0.1-4.el8_0.3
oval oval:com.redhat.rhsa:tst:20191279017
comment pacemaker-nagios-plugins-metadata is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20152383016

AND

comment pacemaker-remote is earlier than 0:2.0.1-4.el8_0.3
oval oval:com.redhat.rhsa:tst:20191279019
comment pacemaker-remote is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20131635016

AND

comment pacemaker-schemas is earlier than 0:2.0.1-4.el8_0.3
oval oval:com.redhat.rhsa:tst:20191279021
comment pacemaker-schemas is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20191279022

rhsa

id	RHSA-2019:1279
released	2019-05-27
severity	Important
title	RHSA-2019:1279: pacemaker security and bug fix update (Important)

rpms

pacemaker-0:1.1.19-8.el7_6.5
pacemaker-cli-0:1.1.19-8.el7_6.5
pacemaker-cluster-libs-0:1.1.19-8.el7_6.5
pacemaker-cts-0:1.1.19-8.el7_6.5
pacemaker-debuginfo-0:1.1.19-8.el7_6.5
pacemaker-doc-0:1.1.19-8.el7_6.5
pacemaker-libs-0:1.1.19-8.el7_6.5
pacemaker-libs-devel-0:1.1.19-8.el7_6.5
pacemaker-nagios-plugins-metadata-0:1.1.19-8.el7_6.5
pacemaker-remote-0:1.1.19-8.el7_6.5
pacemaker-0:2.0.1-4.el8_0.3
pacemaker-cli-0:2.0.1-4.el8_0.3
pacemaker-cli-debuginfo-0:2.0.1-4.el8_0.3
pacemaker-cluster-libs-0:2.0.1-4.el8_0.3
pacemaker-cluster-libs-debuginfo-0:2.0.1-4.el8_0.3
pacemaker-cts-0:2.0.1-4.el8_0.3
pacemaker-debuginfo-0:2.0.1-4.el8_0.3
pacemaker-debugsource-0:2.0.1-4.el8_0.3
pacemaker-doc-0:2.0.1-4.el8_0.3
pacemaker-libs-0:2.0.1-4.el8_0.3
pacemaker-libs-debuginfo-0:2.0.1-4.el8_0.3
pacemaker-libs-devel-0:2.0.1-4.el8_0.3
pacemaker-nagios-plugins-metadata-0:2.0.1-4.el8_0.3
pacemaker-remote-0:2.0.1-4.el8_0.3
pacemaker-remote-debuginfo-0:2.0.1-4.el8_0.3
pacemaker-schemas-0:2.0.1-4.el8_0.3

refmap via4

bid	108036
confirm	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3885 https://github.com/ClusterLabs/pacemaker/pull/1749
fedora	FEDORA-2019-b502250ba4 FEDORA-2019-e4c8de3fb7 FEDORA-2019-e71f6f36ac
suse	openSUSE-SU-2019:1400
ubuntu	USN-3952-1

Last major update

29-09-2023 - 11:15

Published

18-04-2019 - 18:29

Last modified

29-09-2023 - 11:15