openSUSE Security Update : pacemaker (openSUSE-2016-1376)

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.

Synopsis :

The remote openSUSE host is missing a security update.

Description :

This update for pacemaker fixes the following issues :

Security issues fixed :

- CVE-2016-7797: Notify other clients of a new connection
only if the handshake has completed (bsc#967388,

- CVE-2016-7035: Fixed improper IPC guarding in pacemaker

Bug fixes :

- bsc#1003565: crmd: Record pending operations in the CIB
before they are performed

- bsc#1000743: pengine: Do not fence a maintenance node if
it shuts down cleanly

- bsc#987348: ping: Avoid temporary files for fping check

- bsc#986644: libcrmcommon: report errors consistently
when waiting for data on connection

- bsc#986644: remote: Correctly calculate the remaining
timeouts when receiving messages

This update was imported from the SUSE:SLE-12-SP2:Update update

See also :

Solution :

Update the affected pacemaker packages.

Risk factor :

Medium / CVSS Base Score : 5.0

Family: SuSE Local Security Checks

Nessus Plugin ID: 95531 ()

Bugtraq ID:

CVE ID: CVE-2016-7035

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now