OESA-2022-1886

See a problem?
Please try reporting it to the source first.

Source

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2022-1886

Import Source

https://repo.openeuler.org/security/data/osv/OESA-2022-1886.json

JSON Data

https://api.osv.dev/v1/vulns/OESA-2022-1886

Upstream

CVE-2022-1049

Published

2022-09-02T11:04:13Z

Modified

2025-09-03T06:17:53.499676Z

Summary

pcs security update

Details

pcs is a corosync and pacemaker configuration tool. It permits users to easily view, modify and create pacemaker based clusters.

Security Fix(es):

A flaw was found in the Pacemaker configuration tool (pcs). The pcs daemon was allowing expired accounts, and accounts with expired passwords to login when using PAM authentication. Therefore, unprivileged expired accounts that have been denied access could still login.(CVE-2022-1049)

Database specific

{
    "severity": "High"
}

References

Affected packages

openEuler:20.03-LTS-SP1 / pcs

Package

Name: pcs
Purl: pkg:rpm/openEuler/pcs&distro=openEuler-20.03-LTS-SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.10.5-2.oe1

Ecosystem specific

{
    "src": [
        "pcs-0.10.5-2.oe1.src.rpm"
    ],
    "aarch64": [
        "pcs-0.10.5-2.oe1.aarch64.rpm",
        "pcs-snmp-0.10.5-2.oe1.aarch64.rpm"
    ],
    "x86_64": [
        "pcs-snmp-0.10.5-2.oe1.x86_64.rpm",
        "pcs-0.10.5-2.oe1.x86_64.rpm"
    ]
}

openEuler:20.03-LTS-SP3 / pcs

Package

Name: pcs
Purl: pkg:rpm/openEuler/pcs&distro=openEuler-20.03-LTS-SP3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.10.5-2.oe1

Ecosystem specific

{
    "src": [
        "pcs-0.10.5-2.oe1.src.rpm"
    ],
    "aarch64": [
        "pcs-0.10.5-2.oe1.aarch64.rpm",
        "pcs-snmp-0.10.5-2.oe1.aarch64.rpm"
    ],
    "x86_64": [
        "pcs-snmp-0.10.5-2.oe1.x86_64.rpm",
        "pcs-0.10.5-2.oe1.x86_64.rpm"
    ]
}

openEuler:22.03-LTS / pcs

Package

Name: pcs
Purl: pkg:rpm/openEuler/pcs&distro=openEuler-22.03-LTS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.10.8-3.oe2203

Ecosystem specific

{
    "src": [
        "pcs-0.10.8-3.oe2203.src.rpm"
    ],
    "aarch64": [
        "pcs-0.10.8-3.oe2203.aarch64.rpm",
        "pcs-snmp-0.10.8-3.oe2203.aarch64.rpm"
    ],
    "x86_64": [
        "pcs-snmp-0.10.8-3.oe2203.x86_64.rpm",
        "pcs-0.10.8-3.oe2203.x86_64.rpm"
    ]
}