I am happy to announce the latest release of pcs, version 0.9.164.
Source code is available at: https://github.com/ClusterLabs/pcs/archive/0.9.164.tar.gz or https://github.com/ClusterLabs/pcs/archive/0.9.164.zip This is a security release fixing 3 CVEs, one of them is rated as Important and two are rated as Moderate. Complete change log for this release: ## [0.9.164] - 2018-04-09 ### Security - CVE-2018-1086: Debug parameter removal bypass, allowing information disclosure ([rhbz#1557366]) - CVE-2018-1079: Privilege escalation via authorized user malicious REST call ([rhbz#1550243]) - CVE-2018-1000119 rack-protection: Timing attack in authenticity_token.rb ([rhbz#1534027]) Thanks / congratulations to everyone who contributed to this release, including Ivan Devat, Ondrej Famera, Ondrej Mular and Tomas Jelinek. Cheers, Tomas [rhbz#1534027]: https://bugzilla.redhat.com/show_bug.cgi?id=1534027 [rhbz#1550243]: https://bugzilla.redhat.com/show_bug.cgi?id=1550243 [rhbz#1557366]: https://bugzilla.redhat.com/show_bug.cgi?id=1557366 _______________________________________________ Users mailing list: Users@clusterlabs.org https://lists.clusterlabs.org/mailman/listinfo/users Project Home: http://www.clusterlabs.org Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf Bugs: http://bugs.clusterlabs.org