ALSA-2024:2132

Source
https://errata.almalinux.org/9/ALSA-2024-2132.html
Import Source
https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:2132.json
JSON Data
https://api.osv.dev/v1/vulns/ALSA-2024:2132
Related
Published
2024-04-30T00:00:00Z
Modified
2024-05-07T15:14:09Z
Summary
Moderate: fence-agents security and bug fix update
Details

The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster.

Security Fix(es):

  • urllib3: Request body not stripped after redirect from 303 status changes request method to GET (CVE-2023-45803)
  • pycryptodome: side-channel leakage for OAEP decryption in PyCryptodome and pycryptodomex (CVE-2023-52323)
  • jinja2: HTML attribute injection when passing user input as keys to xmlattr filter (CVE-2024-22195)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References

Affected packages

AlmaLinux:9 / fence-agents-aliyun

Package

Name
fence-agents-aliyun

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-all

Package

Name
fence-agents-all

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-amt-ws

Package

Name
fence-agents-amt-ws

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-apc

Package

Name
fence-agents-apc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-apc-snmp

Package

Name
fence-agents-apc-snmp

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-aws

Package

Name
fence-agents-aws

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-azure-arm

Package

Name
fence-agents-azure-arm

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-bladecenter

Package

Name
fence-agents-bladecenter

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-brocade

Package

Name
fence-agents-brocade

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-cisco-mds

Package

Name
fence-agents-cisco-mds

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-cisco-ucs

Package

Name
fence-agents-cisco-ucs

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-common

Package

Name
fence-agents-common

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-compute

Package

Name
fence-agents-compute

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-drac5

Package

Name
fence-agents-drac5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-eaton-snmp

Package

Name
fence-agents-eaton-snmp

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-emerson

Package

Name
fence-agents-emerson

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-eps

Package

Name
fence-agents-eps

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-gce

Package

Name
fence-agents-gce

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-heuristics-ping

Package

Name
fence-agents-heuristics-ping

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-hpblade

Package

Name
fence-agents-hpblade

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-ibm-powervs

Package

Name
fence-agents-ibm-powervs

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-ibm-vpc

Package

Name
fence-agents-ibm-vpc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-ibmblade

Package

Name
fence-agents-ibmblade

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-ifmib

Package

Name
fence-agents-ifmib

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-ilo-moonshot

Package

Name
fence-agents-ilo-moonshot

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-ilo-mp

Package

Name
fence-agents-ilo-mp

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-ilo-ssh

Package

Name
fence-agents-ilo-ssh

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-ilo2

Package

Name
fence-agents-ilo2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-intelmodular

Package

Name
fence-agents-intelmodular

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-ipdu

Package

Name
fence-agents-ipdu

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-ipmilan

Package

Name
fence-agents-ipmilan

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-kdump

Package

Name
fence-agents-kdump

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-kubevirt

Package

Name
fence-agents-kubevirt

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-lpar

Package

Name
fence-agents-lpar

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-mpath

Package

Name
fence-agents-mpath

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-openstack

Package

Name
fence-agents-openstack

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-redfish

Package

Name
fence-agents-redfish

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-rhevm

Package

Name
fence-agents-rhevm

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-rsa

Package

Name
fence-agents-rsa

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-rsb

Package

Name
fence-agents-rsb

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-sbd

Package

Name
fence-agents-sbd

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-scsi

Package

Name
fence-agents-scsi

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-virsh

Package

Name
fence-agents-virsh

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-vmware-rest

Package

Name
fence-agents-vmware-rest

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-vmware-soap

Package

Name
fence-agents-vmware-soap

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-wti

Package

Name
fence-agents-wti

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-agents-zvm

Package

Name
fence-agents-zvm

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-virt

Package

Name
fence-virt

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-virtd

Package

Name
fence-virtd

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-virtd-cpg

Package

Name
fence-virtd-cpg

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-virtd-libvirt

Package

Name
fence-virtd-libvirt

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-virtd-multicast

Package

Name
fence-virtd-multicast

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-virtd-serial

Package

Name
fence-virtd-serial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / fence-virtd-tcp

Package

Name
fence-virtd-tcp

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9

AlmaLinux:9 / ha-cloud-support

Package

Name
ha-cloud-support

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.10.0-62.el9