On Fri, Jan 20, 2023 at 2:19 AM A Gunasekar <a.gunase...@ericsson.com> wrote:
> Hi Wahl. > > > > The solution Tomas as suggested is from Redhat delivered rpm packages “ > *pcs-0.9.169-3.el7_9.3*”. > > > > But we are using Cluster Lab delivered rpm packages in our node. > > > > So it would be good if we get fixed deliverables from Cluster Lab > delivered rpms. > + users list Please include the mailing list on emails > > > > > > > [image: Ericsson] <http://www.ericsson.com/> > > *Gunasekar A * > > Senior Software Engineer > > BDGS SA BSS PDU BSS PDG EC CH NGCRS > > Mobile: +919894561292 > > Email ID: a.gunase...@ericsson.com > > > > > > > > > > *From:* A Gunasekar > *Sent:* 20 January 2023 15:12 > *To:* Reid Wahl <nw...@redhat.com> > *Cc:* M Vasanthakumar <m.vasanthaku...@ericsson.com>; S Sathish S < > s.s.sath...@ericsson.com> > *Subject:* RE: [ClusterLabs] Fix for CVE-2022-30123 and CVE-2019-11358 > > > > Thanks Wahl for this information > > > > > > > > *From:* Reid Wahl <nw...@redhat.com> > *Sent:* 20 January 2023 11:57 > *To:* A Gunasekar <a.gunase...@ericsson.com> > *Cc:* M Vasanthakumar <m.vasanthaku...@ericsson.com>; S Sathish S < > s.s.sath...@ericsson.com> > *Subject:* Re: [ClusterLabs] Fix for CVE-2022-30123 and CVE-2019-11358 > > > > > > > > On Thu, Jan 19, 2023 at 9:19 PM A Gunasekar <a.gunase...@ericsson.com> > wrote: > > Hi Wahl, > > > > Tomas update was not visible to us and Thanks for sharing it here. > > https://lists.clusterlabs.org/pipermail/users/2022-December/030734.html > <https://protect2.fireeye.com/v1/url?k=31323334-501d5122-313273af-454445555731-ccdbf0db8445bdb4&q=1&e=a7a59750-e061-4298-8714-ebe38fc95520&u=https%3A%2F%2Flists.clusterlabs.org%2Fpipermail%2Fusers%2F2022-December%2F030734.html> > > > > You're welcome. Unfortunately, the threads are separated by month. So if a > reply is sent in a different month, it doesn't appear in the original > thread. You sent your original email in December, and Tomas replied in > January. See the following links: > > https://lists.clusterlabs.org/pipermail/users/2023-January/thread.html > <https://protect2.fireeye.com/v1/url?k=31323334-501d5122-313273af-454445555731-8bc25f8cc580c14b&q=1&e=a7a59750-e061-4298-8714-ebe38fc95520&u=https%3A%2F%2Flists.clusterlabs.org%2Fpipermail%2Fusers%2F2023-January%2Fthread.html> > > https://lists.clusterlabs.org/pipermail/users/2023-January/030750.html > <https://protect2.fireeye.com/v1/url?k=31323334-501d5122-313273af-454445555731-da3abaa3680ed01a&q=1&e=a7a59750-e061-4298-8714-ebe38fc95520&u=https%3A%2F%2Flists.clusterlabs.org%2Fpipermail%2Fusers%2F2023-January%2F030750.html> > > > > > > > > [image: Ericsson] <http://www.ericsson.com/> > > *Gunasekar A * > > Senior Software Engineer > > BDGS SA BSS PDU BSS PDG EC CH NGCRS > > Mobile: +919894561292 > > Email ID: a.gunase...@ericsson.com > > *From:* Reid Wahl <nw...@redhat.com> > *Sent:* 20 January 2023 03:07 > *To:* Cluster Labs - All topics related to open-source clustering > welcomed <users@clusterlabs.org> > *Cc:* A Gunasekar <a.gunase...@ericsson.com>; M Vasanthakumar < > m.vasanthaku...@ericsson.com>; S Sathish S <s.s.sath...@ericsson.com> > *Subject:* Re: [ClusterLabs] Fix for CVE-2022-30123 and CVE-2019-11358 > > > > > > > > On Thu, Jan 19, 2023 at 12:54 PM A Gunasekar via Users < > users@clusterlabs.org> wrote: > > Hi Team, > > > > Can we get some update on this. > > > > Hi, > > > > What update are you seeking? It looks like Tomas already answered your > question. I'll paste his answer again here. > > > > > Hi A Gunasekar, > > > > As far as I can see, updated pcs packages pcs-0.9.169-3.el7_9.3 which > > fix the mentioned CVEs were released on 2022-11-02. > > > > Regards, > > Tomas > > > > > > > > [image: Ericsson] <http://www.ericsson.com/> > > *Gunasekar A * > > Senior Software Engineer > > BDGS SA BSS PDU BSS PDG EC CH NGCRS > > Mobile: +919894561292 > > Email ID: a.gunase...@ericsson.com > > *From:* A Gunasekar > *Sent:* 21 December 2022 18:59 > *To:* users@clusterlabs.org > *Cc:* S Sathish S <s.s.sath...@ericsson.com>; M Vasanthakumar < > m.vasanthaku...@ericsson.com> > *Subject:* Fix for CVE-2022-30123 and CVE-2019-11358 > > > > Hi Team, > > > > Please be informed, we have got notified from our security tool that our > pcs version 0.9 is affected by the *CVE-2022-30123 and CVE-2019-11358*. > > It would be great if we help to get answers for the below queries. > > > > - We are currently in RHEL 7.9 OS and using pcs 0.9 version, Is there > any fix planned/available for this affection version (0.9.x) of pcs ? > - Let us know in which release this CVEs fix are planned ? > > > > *Our system Details:-* > > OS Version: RHEL 7.9 > > Cluster lab PCS version: 0.9 > > > > > > [image: Ericsson] <http://www.ericsson.com/> > > *Gunasekar A * > > Senior Software Engineer > > BDGS SA BSS PDU BSS PDG EC CH NGCRS > > Mobile: +919894561292 > > Email ID: a.gunase...@ericsson.com > > > > > > _______________________________________________ > Manage your subscription: > https://lists.clusterlabs.org/mailman/listinfo/users > <https://protect2.fireeye.com/v1/url?k=31323334-501d5122-313273af-454445555731-d41b18997a64a81a&q=1&e=59a6df80-228c-4bfb-a417-9820eb29ea91&u=https%3A%2F%2Flists.clusterlabs.org%2Fmailman%2Flistinfo%2Fusers> > > ClusterLabs home: https://www.clusterlabs.org/ > <https://protect2.fireeye.com/v1/url?k=31323334-501d5122-313273af-454445555731-b3537e65a3f1def4&q=1&e=59a6df80-228c-4bfb-a417-9820eb29ea91&u=https%3A%2F%2Fwww.clusterlabs.org%2F> > > > > -- > > Regards, > > Reid Wahl (He/Him) > > Senior Software Engineer, Red Hat > > RHEL High Availability - Pacemaker > > > > -- > > Regards, > > Reid Wahl (He/Him) > > Senior Software Engineer, Red Hat > > RHEL High Availability - Pacemaker > -- Regards, Reid Wahl (He/Him) Senior Software Engineer, Red Hat RHEL High Availability - Pacemaker
_______________________________________________ Manage your subscription: https://lists.clusterlabs.org/mailman/listinfo/users ClusterLabs home: https://www.clusterlabs.org/
