ALSA-2024:2132
See a problem?- Source
- https://errata.almalinux.org/9/ALSA-2024-2132.html
- Import Source
- https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:2132.json
- JSON Data
- https://api.osv.dev/v1/vulns/ALSA-2024:2132
- Related
- Published
- 2024-04-30T00:00:00Z
- Modified
- 2024-05-07T15:14:09Z
- Summary
- Moderate: fence-agents security and bug fix update
- Details
-
The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster.
Security Fix(es):
- urllib3: Request body not stripped after redirect from 303 status changes request method to GET (CVE-2023-45803)
- pycryptodome: side-channel leakage for OAEP decryption in PyCryptodome and pycryptodomex (CVE-2023-52323)
- jinja2: HTML attribute injection when passing user input as keys to xmlattr filter (CVE-2024-22195)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
- References
-
- https://access.redhat.com/errata/RHSA-2024:2132
- https://access.redhat.com/security/cve/CVE-2023-45803
- https://access.redhat.com/security/cve/CVE-2023-52323
- https://access.redhat.com/security/cve/CVE-2024-22195
- https://bugzilla.redhat.com/2246840
- https://bugzilla.redhat.com/2257028
- https://bugzilla.redhat.com/2257854
- https://errata.almalinux.org/9/ALSA-2024-2132.html
Affected packages
AlmaLinux:9 / fence-agents-aliyun
Package
- Name
- fence-agents-aliyun
AlmaLinux:9 / fence-agents-all
Package
- Name
- fence-agents-all
AlmaLinux:9 / fence-agents-amt-ws
Package
- Name
- fence-agents-amt-ws
AlmaLinux:9 / fence-agents-apc
Package
- Name
- fence-agents-apc
AlmaLinux:9 / fence-agents-apc-snmp
Package
- Name
- fence-agents-apc-snmp
AlmaLinux:9 / fence-agents-aws
Package
- Name
- fence-agents-aws
AlmaLinux:9 / fence-agents-azure-arm
Package
- Name
- fence-agents-azure-arm
AlmaLinux:9 / fence-agents-bladecenter
Package
- Name
- fence-agents-bladecenter
AlmaLinux:9 / fence-agents-brocade
Package
- Name
- fence-agents-brocade
AlmaLinux:9 / fence-agents-cisco-mds
Package
- Name
- fence-agents-cisco-mds
AlmaLinux:9 / fence-agents-cisco-ucs
Package
- Name
- fence-agents-cisco-ucs
AlmaLinux:9 / fence-agents-common
Package
- Name
- fence-agents-common
AlmaLinux:9 / fence-agents-compute
Package
- Name
- fence-agents-compute
AlmaLinux:9 / fence-agents-drac5
Package
- Name
- fence-agents-drac5
AlmaLinux:9 / fence-agents-eaton-snmp
Package
- Name
- fence-agents-eaton-snmp
AlmaLinux:9 / fence-agents-emerson
Package
- Name
- fence-agents-emerson
AlmaLinux:9 / fence-agents-eps
Package
- Name
- fence-agents-eps
AlmaLinux:9 / fence-agents-gce
Package
- Name
- fence-agents-gce
AlmaLinux:9 / fence-agents-heuristics-ping
Package
- Name
- fence-agents-heuristics-ping
AlmaLinux:9 / fence-agents-hpblade
Package
- Name
- fence-agents-hpblade
AlmaLinux:9 / fence-agents-ibm-powervs
Package
- Name
- fence-agents-ibm-powervs
AlmaLinux:9 / fence-agents-ibm-vpc
Package
- Name
- fence-agents-ibm-vpc
AlmaLinux:9 / fence-agents-ibmblade
Package
- Name
- fence-agents-ibmblade
AlmaLinux:9 / fence-agents-ifmib
Package
- Name
- fence-agents-ifmib
AlmaLinux:9 / fence-agents-ilo-moonshot
Package
- Name
- fence-agents-ilo-moonshot
AlmaLinux:9 / fence-agents-ilo-mp
Package
- Name
- fence-agents-ilo-mp
AlmaLinux:9 / fence-agents-ilo-ssh
Package
- Name
- fence-agents-ilo-ssh
AlmaLinux:9 / fence-agents-ilo2
Package
- Name
- fence-agents-ilo2
AlmaLinux:9 / fence-agents-intelmodular
Package
- Name
- fence-agents-intelmodular
AlmaLinux:9 / fence-agents-ipdu
Package
- Name
- fence-agents-ipdu
AlmaLinux:9 / fence-agents-ipmilan
Package
- Name
- fence-agents-ipmilan
AlmaLinux:9 / fence-agents-kdump
Package
- Name
- fence-agents-kdump
AlmaLinux:9 / fence-agents-kubevirt
Package
- Name
- fence-agents-kubevirt
AlmaLinux:9 / fence-agents-lpar
Package
- Name
- fence-agents-lpar
AlmaLinux:9 / fence-agents-mpath
Package
- Name
- fence-agents-mpath
AlmaLinux:9 / fence-agents-openstack
Package
- Name
- fence-agents-openstack
AlmaLinux:9 / fence-agents-redfish
Package
- Name
- fence-agents-redfish
AlmaLinux:9 / fence-agents-rhevm
Package
- Name
- fence-agents-rhevm
AlmaLinux:9 / fence-agents-rsa
Package
- Name
- fence-agents-rsa
AlmaLinux:9 / fence-agents-rsb
Package
- Name
- fence-agents-rsb
AlmaLinux:9 / fence-agents-sbd
Package
- Name
- fence-agents-sbd
AlmaLinux:9 / fence-agents-scsi
Package
- Name
- fence-agents-scsi
AlmaLinux:9 / fence-agents-virsh
Package
- Name
- fence-agents-virsh
AlmaLinux:9 / fence-agents-vmware-rest
Package
- Name
- fence-agents-vmware-rest
AlmaLinux:9 / fence-agents-vmware-soap
Package
- Name
- fence-agents-vmware-soap
AlmaLinux:9 / fence-agents-wti
Package
- Name
- fence-agents-wti
AlmaLinux:9 / fence-agents-zvm
Package
- Name
- fence-agents-zvm
AlmaLinux:9 / fence-virt
Package
- Name
- fence-virt
AlmaLinux:9 / fence-virtd
Package
- Name
- fence-virtd
AlmaLinux:9 / fence-virtd-cpg
Package
- Name
- fence-virtd-cpg
AlmaLinux:9 / fence-virtd-libvirt
Package
- Name
- fence-virtd-libvirt
AlmaLinux:9 / fence-virtd-multicast
Package
- Name
- fence-virtd-multicast
AlmaLinux:9 / fence-virtd-serial
Package
- Name
- fence-virtd-serial
AlmaLinux:9 / fence-virtd-tcp
Package
- Name
- fence-virtd-tcp