Lucene search
RedHatRHSA-2023:3403HistoryMay 31, 2023 - 3:30 p.m.
(RHSA-2023:3403) Moderate: pcs security and bug fix update
2023-05-3115:30:50
access.redhat.com
14
pcs
pacemaker
corosync
security fix
multipart mime parsing
denial of service
cve-2023-27530
header parsing
cve-2023-27539
bug fix
bz#2180702
0.001 Low
EPSS
Percentile
36.8%
The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.
Security Fix(es):
-
rubygem-rack: Denial of service in Multipart MIME parsing (CVE-2023-27530)
-
rubygem-rack: denial of service in header parsing (CVE-2023-27539)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- Command βpcs config checkpoint diffβ does not show configuration differences between checkpoints (BZ#2180702)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 8 | s390x | pcs | <Β 0.10.12-6.el8_6.4 | pcs-0.10.12-6.el8_6.4.s390x.rpm |
| RedHat | 8 | aarch64 | pcs | <Β 0.10.12-6.el8_6.4 | pcs-0.10.12-6.el8_6.4.aarch64.rpm |
| RedHat | 8 | aarch64 | pcs-snmp | <Β 0.10.12-6.el8_6.4 | pcs-snmp-0.10.12-6.el8_6.4.aarch64.rpm |
| RedHat | 8 | x86_64 | pcs | <Β 0.10.12-6.el8_6.4 | pcs-0.10.12-6.el8_6.4.x86_64.rpm |
| RedHat | 8 | x86_64 | pcs-snmp | <Β 0.10.12-6.el8_6.4 | pcs-snmp-0.10.12-6.el8_6.4.x86_64.rpm |
| RedHat | 8 | ppc64le | pcs-snmp | <Β 0.10.12-6.el8_6.4 | pcs-snmp-0.10.12-6.el8_6.4.ppc64le.rpm |
| RedHat | 8 | s390x | pcs-snmp | <Β 0.10.12-6.el8_6.4 | pcs-snmp-0.10.12-6.el8_6.4.s390x.rpm |
| RedHat | 8 | ppc64le | pcs | <Β 0.10.12-6.el8_6.4 | pcs-0.10.12-6.el8_6.4.ppc64le.rpm |
Related
osv
osv
ruby-rack - security update
2023-04-17 00:00:00
Moderate: pcs security and bug fix update
2023-05-18 19:18:23
Moderate: pcs security and bug fix update
2023-05-16 00:00:00
nessus
nessus
CentOS 8 : pcs (CESA-2023:3082)
2024-02-08 00:00:00
RHEL 9 : pcs (RHSA-2023:1981)
2023-04-25 00:00:00
RHEL 8 : pcs (RHSA-2023:3403)
2023-05-31 00:00:00
oraclelinux
oraclelinux
pcs security update
2023-05-29 00:00:00
pcs security update
2023-07-20 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-3392-1)
2023-04-19 00:00:00
Mageia: Security Advisory (MGASA-2024-0042)
2024-02-20 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:2304-1)
2023-05-29 00:00:00
debian
debian
[SECURITY] [DLA 3392-1] ruby-rack security update
2023-04-17 14:31:02
[SECURITY] [DLA 3392-1] ruby-rack security update
2023-04-17 13:57:17
[SECURITY] [DSA 5530-1] ruby-rack security update
2023-10-22 12:35:21
redhat
redhat
(RHSA-2023:1981) Moderate: pcs security and bug fix update
2023-04-25 09:58:19
(RHSA-2023:1961) Moderate: pcs security and bug fix update
2023-04-25 08:12:36
(RHSA-2023:3082) Moderate: pcs security and bug fix update
2023-05-16 09:15:08
rocky
rocky
pcs security and bug fix update
2023-05-18 19:18:23
pcs security and bug fix update
2023-05-25 19:53:02
Satellite 6.14 security and bug fix update
2023-11-11 22:58:57
almalinux
almalinux
Moderate: pcs security and bug fix update
2023-05-16 00:00:00
Important: pcs security and bug fix update
2023-05-09 00:00:00
veracode
veracode
Regular Expression Denial Of Service (ReDoS)
2023-03-17 02:16:44
Denial Of Service (DoS)
2023-03-09 01:51:42
freebsd
freebsd
rack -- possible denial of service vulnerability in header parsing
2023-03-13 00:00:00
rack -- possible DoS vulnerability in multipart MIME parsing
2023-03-03 00:00:00
amazon
amazon
Medium: pcs
2023-04-27 18:36:00
nvd
nvd
CVE-2023-27530
2023-03-10 22:15:10
cve
cve
CVE-2023-27539
2023-03-15 02:20:20
CVE-2023-27530
2023-03-10 22:15:10
redhatcve
redhatcve
CVE-2023-27539
2023-03-19 15:39:04
CVE-2023-27530
2023-03-09 00:14:22
github
github
Possible Denial of Service Vulnerability in Rack's header parsing
2023-03-15 21:36:02
Rack has possible DoS Vulnerability in Multipart MIME parsing
2023-03-08 17:20:04
hackerone
hackerone
debiancve
debiancve
CVE-2023-27530
2023-03-10 22:15:10
CVE-2023-27539
2023-03-15 02:20:20
ubuntucve
ubuntucve
CVE-2023-27530
2023-03-10 00:00:00
CVE-2023-27539
2023-03-22 00:00:00
mageia
mageia
Updated ruby-rack fixes a vulnerability and some bugs
2024-02-19 20:35:05
Updated ruby-rack packages fix security vulnerability
2023-03-24 08:55:49
prion
prion
Code injection
2023-03-10 22:15:00
redos
redos
ROS-20240404-10
2024-04-04 00:00:00
ROS-20240403-12
2024-04-03 00:00:00
cvelist
cvelist
CVE-2023-27530
2023-03-10 00:00:00
rubygems
rubygems
Possible Denial of Service Vulnerability in Rackβs header parsing
2023-03-12 21:00:00
Possible DoS Vulnerability in Multipart MIME parsing
2023-03-02 21:00:00
ubuntu
ubuntu
Rack vulnerabilities
2024-03-12 00:00:00
Rack vulnerabilities
2024-06-17 00:00:00
ibm
ibm