On Tue, 17 Nov 2020 09:16:48 +0100 Markus Koschany <a...@debian.org> wrote:
> This time I intend to upgrade pacemaker to the latest upstream release > in the 1.1.x branch which is currently 1.1.24~rc1. This one also > includes fixes for CVE-2018-16878 and CVE-2018-16877. Hi Markus, Please close #927714 if you fix those CVEs. Unfortunately I forgot to upload the prepared package after getting the blessing of the Security Team, so it slept in my local packaging repo until I noticed it again importing your 1.1.16-1+deb9u1 upload. Tagged as wferi/1.1.16-1+deb9u1 and pushed to Salsa in case you want to have a look; lacking it might even be the reason behind the current IPC problems, I don't know. -- Cheers, Feri