Package "pacemaker"

Name: pacemaker


cluster resource manager

Latest version: 1.1.14-2ubuntu1.6
Release: xenial (16.04)
Level: updates
Repository: main
Homepage: http://www.clusterlabs.org/


Save this URL for the latest version of "pacemaker": https://www.ubuntuupdates.org/pacemaker

Download "pacemaker"

Other versions of "pacemaker" in Xenial

Repository Area Version
base main 1.1.14-2ubuntu1
base universe 1.1.14-2ubuntu1
security main 1.1.14-2ubuntu1.6
security universe 1.1.14-2ubuntu1.6
updates universe 1.1.14-2ubuntu1.6

Packages in group

Deleted packages are displayed in grey.


Version: 1.1.14-2ubuntu1.6 2019-04-23 14:06:29 UTC

  pacemaker (1.1.14-2ubuntu1.6) xenial-security; urgency=medium

  * SECURITY UPDATE: DoS and local privilege escalation in client-server
    - debian/patches/CVE-2018-1687x-1.patch: make crm_pid_active more
      precise as to when detections fail in include/crm_internal.h,
    - debian/patches/CVE-2018-1687x-2.patch: add new helpers to allow IPC
      client side to authenticate the server in configure.ac,
      include/crm/common/Makefile.am, include/crm/common/ipc.h,
      include/crm/common/ipc_internal.h, lib/common/ipc.c.
    - debian/patches/CVE-2018-1687x-3.patch: pacemakerd to trust
      pre-existing processes via new checks instead in mcp/pacemaker.c.
    - debian/patches/CVE-2018-1687x-4.patch: other daemons to authenticate
      IPC servers of fellow processes in lib/cluster/corosync.c,
      lib/cluster/cpg.c, lib/common/ipc.c, mcp/corosync.c.
    - debian/patches/CVE-2018-1687x-5.patch: CPG users to be careful about
      now-more-probable rival processes in attrd/main.c, cib/main.c,
      crmd/main.c, fencing/main.c, lib/cluster/cpg.c.
    - debian/patches/CVE-2018-1687x-6.patch: fix possible NULL pointer
      dereference in crmd/control.c.
    - debian/libcrmcommon3.symbols: added new symbols.
    - CVE-2018-16877
    - CVE-2018-16878

 -- Marc Deslauriers <email address hidden> Thu, 18 Apr 2019 08:30:39 -0400

Source diff to previous version
CVE-2018-1687 RESERVED
CVE-2018-16877 A flaw was found in the way pacemaker's client-server authentication was implemented in versions up to and including 2.0.0. A local attacker could us
CVE-2018-16878 A flaw was found in pacemaker up to and including version 2.0.1. An insufficient verification inflicted preference of uncontrolled processes can lead

Version: 1.1.14-2ubuntu1.5 2019-03-21 13:07:00 UTC

  pacemaker (1.1.14-2ubuntu1.5) xenial; urgency=medium

  * Change systemd unit to source /etc/default files by default
    (LP: #1819046)

 -- <email address hidden> (Heitor R. Alves de Siqueira) Thu, 07 Mar 2019 15:13:34 -0300

Source diff to previous version
1819046 Systemd unit file reads settings from wrong path

Version: 1.1.14-2ubuntu1.4 2018-03-05 10:07:02 UTC

  pacemaker (1.1.14-2ubuntu1.4) xenial; urgency=high

  * Properly restart corosync and pacemaker together (LP: #1740892)
    - d/pacemaker.preinst: flag corosync to restart pacemaker on

 -- Eric Desrochers <email address hidden> Mon, 19 Feb 2018 09:37:35 -0500

Source diff to previous version

Version: 1.1.14-2ubuntu1.3 2017-10-25 12:06:38 UTC

  pacemaker (1.1.14-2ubuntu1.3) xenial; urgency=medium

  * Fix default start/stop levels for init scripts, ensuring that
    running pacemaker daemons are restarted after package upgrades
    (LP: #1727063):
    - d/p/Enable-the-init-scripts-on-multi-user-runlevels.patch: Cherry
      picked fix from later package versions.

 -- James Page <email address hidden> Wed, 25 Oct 2017 10:04:30 +0100

Source diff to previous version

Version: 1.1.14-2ubuntu1.2 2017-10-24 15:06:38 UTC

  pacemaker (1.1.14-2ubuntu1.2) xenial-security; urgency=medium

  * SECURITY UPDATE: Improper IPC guarding
    - debian/patches/CVE-2016-7035.patch: fix logic in lib/common/ipc.c.
    - CVE-2016-7035
  * SECURITY UPDATE: denial of service in pacemaker remote
    - debian/patches/CVE-2016-7797.patch: notify only on completed
      handshake in lrmd/tls_backend.c.
    - CVE-2016-7797

 -- Marc Deslauriers <email address hidden> Fri, 02 Jun 2017 14:08:57 -0400

CVE-2016-7035 improper IPC guarding
CVE-2016-7797 Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthent

About   -   Send Feedback to @ubuntu_updates