subject:"Re\: \[ClusterLabs\] Fix for CVE\-2022\-30123 and CVE\-2019\-11358"

Re: [ClusterLabs] Fix for CVE-2022-30123 and CVE-2019-11358

2023-01-31 Thread Tomas Jelinek

Hi A Gunasekar,

These CVEs are fixed in pcs-0.10.9 and newer and pcs-0.11.1 and newer 
(the 0.11 branch was never affected).

Regards,
Tomas

Dne 27. 01. 23 v 9:01 A Gunasekar via Users napsal(a):

Hi Tomas/Team,

It would be great if you share in which latest cluster lab version the 
fixed are available for these CVE, so that we will take that version 
for upgrade.

Ericsson <http://www.ericsson.com/>

*Gunasekar A ***

Senior Software Engineer

BDGS SA BSS PDU BSS PDG EC CH NGCRS

Mobile: +919894561292

Email ID: a.gunase...@ericsson.com <mailto:a.gunase...@ericsson.com>**

Hi A Gunasekar,

The pcs-0.9 branch is unsupported and no longer maintained since

2021-04-16. There will be no further releases and commits in that

branch. Pcs-0.9 only works with Pacemaker 1.x and Corosync 2.x and those

have been unsupported for quite some time as well.

I recommend updating your cluster stack to newer versions.

Regards,

Tomas

*From:*A Gunasekar
*Sent:* 20 January 2023 15:55
*To:* Reid Wahl ; Cluster Labs - All topics related 
to open-source clustering welcomed 
*Cc:* M Vasanthakumar ; S Sathish S 

*Subject:* RE: [ClusterLabs] Fix for CVE-2022-30123 and CVE-2019-11358

Hi Wahl/Team,

The solution Tomas  as suggested is from Redhat delivered rpm packages 
“*pcs-0.9.169-3.el7_9.3*”.

But we are using Cluster Lab  source packages to build pcs rpms for 
 our node.

So it would be good if we get the fixed release details from Cluster 
Lab for the reported CVEs.

Ericsson <http://www.ericsson.com/>

*Gunasekar A *

Senior Software Engineer

BDGS SA BSS PDU BSS PDG EC CH NGCRS

Mobile: +919894561292

Email ID: a.gunase...@ericsson.com <mailto:a.gunase...@ericsson.com>**

*From:*A Gunasekar
*Sent:* 20 January 2023 15:12
*To:* Reid Wahl 
*Cc:* M Vasanthakumar ; S Sathish S 

*Subject:* RE: [ClusterLabs] Fix for CVE-2022-30123 and CVE-2019-11358

Thanks Wahl for this information

*From:*Reid Wahl 
*Sent:* 20 January 2023 11:57
*To:* A Gunasekar 
*Cc:* M Vasanthakumar ; S Sathish S 

*Subject:* Re: [ClusterLabs] Fix for CVE-2022-30123 and CVE-2019-11358

On Thu, Jan 19, 2023 at 9:19 PM A Gunasekar  
wrote:

Hi Wahl,

Tomas update was not visible to us  and Thanks for sharing it here.

https://lists.clusterlabs.org/pipermail/users/2022-December/030734.html

<https://protect2.fireeye.com/v1/url?k=31323334-501d5122-313273af-45444731-ccdbf0db8445bdb4=1=a7a59750-e061-4298-8714-ebe38fc95520=https%3A%2F%2Flists.clusterlabs.org%2Fpipermail%2Fusers%2F2022-December%2F030734.html>

You're welcome. Unfortunately, the threads are separated by month. So 
if a reply is sent in a different month, it doesn't appear in the 
original thread. You sent your original email in December, and Tomas 
replied in January. See the following links:

https://lists.clusterlabs.org/pipermail/users/2023-January/thread.html 
<https://protect2.fireeye.com/v1/url?k=31323334-501d5122-313273af-45444731-8bc25f8cc580c14b=1=a7a59750-e061-4298-8714-ebe38fc95520=https%3A%2F%2Flists.clusterlabs.org%2Fpipermail%2Fusers%2F2023-January%2Fthread.html>

https://lists.clusterlabs.org/pipermail/users/2023-January/030750.html 
<https://protect2.fireeye.com/v1/url?k=31323334-501d5122-313273af-45444731-da3abaa3680ed01a=1=a7a59750-e061-4298-8714-ebe38fc95520=https%3A%2F%2Flists.clusterlabs.org%2Fpipermail%2Fusers%2F2023-January%2F030750.html>

Ericsson <http://www.ericsson.com/>

*Gunasekar A *

Senior Software Engineer

BDGS SA BSS PDU BSS PDG EC CH NGCRS

Mobile: +919894561292

Email ID: a.gunase...@ericsson.com <mailto:a.gunase...@ericsson.com>

*From:*Reid Wahl 
*Sent:* 20 January 2023 03:07
*To:* Cluster Labs - All topics related to open-source clustering
welcomed 
*Cc:* A Gunasekar ; M Vasanthakumar
    ; S Sathish S 
    *Subject:* Re: [ClusterLabs] Fix for CVE-2022-30123 and CVE-2019-11358

On Thu, Jan 19, 2023 at 12:54 PM A Gunasekar via Users
 wrote:

Hi Team,

Can we get some update on this.

Hi,

What update are you seeking? It looks like Tomas already answered
your question. I'll paste his answer again here.

> Hi A Gunasekar,
>
> As far as I can see, updated pcs packages pcs-0.9.169-3.el7_9.3
which
> fix the mentioned CVEs were released on 2022-11-02.
>
> Regards,
> Tomas

Ericsson <http://www.ericsson.com/>

*Gunasekar A *

Senior Software Engineer

BDGS SA BSS PDU BSS PDG EC CH NGCRS

Mobile: +919894561292

Email ID: a.gunase...@ericsson.com

*From:*A Gunasekar
*Sent:* 21 December 2022 18:59
*To:* users@clusterlabs.org
*Cc:* S Sathish S ; M Vasanthakumar

*Subject:* Fix for CVE-2022-30123 and CVE-2019-11358

Hi Team,

Please be informed, we have got notified from our security
tool that

Re: [ClusterLabs] Fix for CVE-2022-30123 and CVE-2019-11358

2023-01-30 Thread A Gunasekar via Users

Hi Tomas/Team,

It would be great if you share in which latest cluster lab version the fixed 
are available for these CVE, so that we will take that version for upgrade.

[Ericsson]<http://www.ericsson.com/>
Gunasekar A
Senior Software Engineer
BDGS SA BSS PDU BSS PDG EC CH NGCRS
Mobile: +919894561292
Email ID: a.gunase...@ericsson.com<mailto:a.gunase...@ericsson.com>

Hi A Gunasekar,

The pcs-0.9 branch is unsupported and no longer maintained since
2021-04-16. There will be no further releases and commits in that
branch. Pcs-0.9 only works with Pacemaker 1.x and Corosync 2.x and those
have been unsupported for quite some time as well.

I recommend updating your cluster stack to newer versions.

Regards,
Tomas

From: A Gunasekar
Sent: 20 January 2023 15:55
To: Reid Wahl ; Cluster Labs - All topics related to 
open-source clustering welcomed 
Cc: M Vasanthakumar ; S Sathish S 

Subject: RE: [ClusterLabs] Fix for CVE-2022-30123 and CVE-2019-11358

Hi Wahl/Team,

The solution Tomas  as suggested is from Redhat delivered rpm packages 
“pcs-0.9.169-3.el7_9.3”.

But we are using Cluster Lab  source packages to build pcs rpms for  our node.

So it would be good if we get the fixed release details from Cluster Lab for 
the reported CVEs.

[Ericsson]<http://www.ericsson.com/>
Gunasekar A
Senior Software Engineer
BDGS SA BSS PDU BSS PDG EC CH NGCRS
Mobile: +919894561292
Email ID: a.gunase...@ericsson.com<mailto:a.gunase...@ericsson.com>

From: A Gunasekar
Sent: 20 January 2023 15:12
To: Reid Wahl mailto:nw...@redhat.com>>
Cc: M Vasanthakumar 
mailto:m.vasanthaku...@ericsson.com>>; S Sathish 
S mailto:s.s.sath...@ericsson.com>>
Subject: RE: [ClusterLabs] Fix for CVE-2022-30123 and CVE-2019-11358

Thanks Wahl for this information

From: Reid Wahl mailto:nw...@redhat.com>>
Sent: 20 January 2023 11:57
To: A Gunasekar mailto:a.gunase...@ericsson.com>>
Cc: M Vasanthakumar 
mailto:m.vasanthaku...@ericsson.com>>; S Sathish 
S mailto:s.s.sath...@ericsson.com>>
Subject: Re: [ClusterLabs] Fix for CVE-2022-30123 and CVE-2019-11358

On Thu, Jan 19, 2023 at 9:19 PM A Gunasekar 
mailto:a.gunase...@ericsson.com>> wrote:
Hi Wahl,

Tomas update was not visible to us  and Thanks for sharing it here.
https://lists.clusterlabs.org/pipermail/users/2022-December/030734.html<https://protect2.fireeye.com/v1/url?k=31323334-501d5122-313273af-45444731-ccdbf0db8445bdb4=1=a7a59750-e061-4298-8714-ebe38fc95520=https%3A%2F%2Flists.clusterlabs.org%2Fpipermail%2Fusers%2F2022-December%2F030734.html>

You're welcome. Unfortunately, the threads are separated by month. So if a 
reply is sent in a different month, it doesn't appear in the original thread. 
You sent your original email in December, and Tomas replied in January. See the 
following links:
https://lists.clusterlabs.org/pipermail/users/2023-January/thread.html<https://protect2.fireeye.com/v1/url?k=31323334-501d5122-313273af-45444731-8bc25f8cc580c14b=1=a7a59750-e061-4298-8714-ebe38fc95520=https%3A%2F%2Flists.clusterlabs.org%2Fpipermail%2Fusers%2F2023-January%2Fthread.html>
https://lists.clusterlabs.org/pipermail/users/2023-January/030750.html<https://protect2.fireeye.com/v1/url?k=31323334-501d5122-313273af-45444731-da3abaa3680ed01a=1=a7a59750-e061-4298-8714-ebe38fc95520=https%3A%2F%2Flists.clusterlabs.org%2Fpipermail%2Fusers%2F2023-January%2F030750.html>

[Ericsson]<http://www.ericsson.com/>
Gunasekar A
Senior Software Engineer
BDGS SA BSS PDU BSS PDG EC CH NGCRS
Mobile: +919894561292
Email ID: a.gunase...@ericsson.com<mailto:a.gunase...@ericsson.com>
From: Reid Wahl mailto:nw...@redhat.com>>
Sent: 20 January 2023 03:07
To: Cluster Labs - All topics related to open-source clustering welcomed 
mailto:users@clusterlabs.org>>
Cc: A Gunasekar mailto:a.gunase...@ericsson.com>>; M 
Vasanthakumar 
mailto:m.vasanthaku...@ericsson.com>>; S Sathish 
S mailto:s.s.sath...@ericsson.com>>
Subject: Re: [ClusterLabs] Fix for CVE-2022-30123 and CVE-2019-11358

On Thu, Jan 19, 2023 at 12:54 PM A Gunasekar via Users 
mailto:users@clusterlabs.org>> wrote:
Hi Team,

Can we get some update on this.

Hi,

What update are you seeking? It looks like Tomas already answered your 
question. I'll paste his answer again here.

> Hi A Gunasekar,
>
> As far as I can see, updated pcs packages pcs-0.9.169-3.el7_9.3 which
> fix the mentioned CVEs were released on 2022-11-02.
>
> Regards,
> Tomas

[Ericsson]<http://www.ericsson.com/>
Gunasekar A
Senior Software Engineer
BDGS SA BSS PDU BSS PDG EC CH NGCRS
Mobile: +919894561292
Email ID: a.gunase...@ericsson.com<mailto:a.gunase...@ericsson.com>
From: A Gunasekar
Sent: 21 December 2022 18:59
To: users@clusterlabs.org<mailto:users@clusterlabs.org>
Cc: S Sathish S mailto:s.s.sath...@ericsson.com>>; M 
Vasanthakumar 
mailto:m.vasanthaku...@ericsson.com>>
Subject:

Re: [ClusterLabs] Fix for CVE-2022-30123 and CVE-2019-11358

2023-01-23 Thread Tomas Jelinek

Hi A Gunasekar,

The pcs-0.9 branch is unsupported and no longer maintained since 
2021-04-16. There will be no further releases and commits in that 
branch. Pcs-0.9 only works with Pacemaker 1.x and Corosync 2.x and those 
have been unsupported for quite some time as well.

I recommend updating your cluster stack to newer versions.

Regards,
Tomas

Dne 20. 01. 23 v 11:23 Reid Wahl napsal(a):

On Fri, Jan 20, 2023 at 2:19 AM A Gunasekar > wrote:

Hi Wahl.

__ __

The solution Tomas  as suggested is from Redhat delivered rpm
packages “*pcs-0.9.169-3.el7_9.3*”. 

__ __

But we are using Cluster Lab  delivered rpm packages in our node.

__ __

So it would be good if we get fixed deliverables from Cluster Lab 
delivered rpms.

+ users list

Please include the mailing list on emails

__ __

__ __

__ __

Ericsson 

*Gunasekar A ***

Senior Software Engineer

BDGS SA BSS PDU BSS PDG EC CH NGCRS

Mobile: +919894561292

Email ID: a.gunase...@ericsson.com
**

__ __

__ __

__ __

__ __

*From:*A Gunasekar
*Sent:* 20 January 2023 15:12
*To:* Reid Wahl mailto:nw...@redhat.com>>
*Cc:* M Vasanthakumar mailto:m.vasanthaku...@ericsson.com>>; S Sathish S
mailto:s.s.sath...@ericsson.com>>
*Subject:* RE: [ClusterLabs] Fix for CVE-2022-30123 and
CVE-2019-11358

__ __

Thanks Wahl for this information 

__ __

__ __

__ __

*From:*Reid Wahl mailto:nw...@redhat.com>>
*Sent:* 20 January 2023 11:57
*To:* A Gunasekar mailto:a.gunase...@ericsson.com>>
*Cc:* M Vasanthakumar mailto:m.vasanthaku...@ericsson.com>>; S Sathish S
mailto:s.s.sath...@ericsson.com>>
*Subject:* Re: [ClusterLabs] Fix for CVE-2022-30123 and
CVE-2019-11358

__ __

__ __

__ __

On Thu, Jan 19, 2023 at 9:19 PM A Gunasekar
mailto:a.gunase...@ericsson.com>> wrote:

Hi Wahl,

Tomas update was not visible to us  and Thanks for sharing it
here.

https://lists.clusterlabs.org/pipermail/users/2022-December/030734.html 

__ __

You're welcome. Unfortunately, the threads are separated by month.
So if a reply is sent in a different month, it doesn't appear in the
original thread. You sent your original email in December, and Tomas
replied in January. See the following links:

https://lists.clusterlabs.org/pipermail/users/2023-January/thread.html 

https://lists.clusterlabs.org/pipermail/users/2023-January/030750.html 

__ __

Ericsson 

*Gunasekar A *

Senior Software Engineer

BDGS SA BSS PDU BSS PDG EC CH NGCRS

Mobile: +919894561292

Email ID: a.gunase...@ericsson.com

*From:*Reid Wahl mailto:nw...@redhat.com>>
*Sent:* 20 January 2023 03:07
*To:* Cluster Labs - All topics related to open-source
clustering welcomed mailto:users@clusterlabs.org>>
*Cc:* A Gunasekar mailto:a.gunase...@ericsson.com>>; M Vasanthakumar
mailto:m.vasanthaku...@ericsson.com>>; S Sathish S
mailto:s.s.sath...@ericsson.com>>
*Subject:* Re: [ClusterLabs] Fix for CVE-2022-30123 and
CVE-2019-11358

On Thu, Jan 19, 2023 at 12:54 PM A Gunasekar via Users
mailto:users@clusterlabs.org>> wrote:

Hi Team,

Can we get some update on this.

Hi,

What update are you seeking? It looks like Tomas already
answered your question. I'll paste his answer again here.

 > Hi A Gunasekar,
 >
 > As far as I can see, updated pcs packages
pcs-0.9.169-3.el7_9.3 which
 > fix the mentioned CVEs were released on 2022-11-02.
 >
 > Regards,
 > Tomas

Ericsson

Re: [ClusterLabs] Fix for CVE-2022-30123 and CVE-2019-11358

2023-01-20 Thread A Gunasekar via Users

Hi Wahl/Team,

The solution Tomas  as suggested is from Redhat delivered rpm packages 
“pcs-0.9.169-3.el7_9.3”.

But we are using Cluster Lab  source packages to build pcs rpms for  our node.

So it would be good if we get the fixed release details from Cluster Lab for 
the reported CVEs.

[Ericsson]<http://www.ericsson.com/>
Gunasekar A
Senior Software Engineer
BDGS SA BSS PDU BSS PDG EC CH NGCRS
Mobile: +919894561292
Email ID: a.gunase...@ericsson.com<mailto:a.gunase...@ericsson.com>

From: A Gunasekar
Sent: 20 January 2023 15:12
To: Reid Wahl mailto:nw...@redhat.com>>
Cc: M Vasanthakumar 
mailto:m.vasanthaku...@ericsson.com>>; S Sathish 
S mailto:s.s.sath...@ericsson.com>>
Subject: RE: [ClusterLabs] Fix for CVE-2022-30123 and CVE-2019-11358

Thanks Wahl for this information

From: Reid Wahl mailto:nw...@redhat.com>>
Sent: 20 January 2023 11:57
To: A Gunasekar mailto:a.gunase...@ericsson.com>>
Cc: M Vasanthakumar 
mailto:m.vasanthaku...@ericsson.com>>; S Sathish 
S mailto:s.s.sath...@ericsson.com>>
Subject: Re: [ClusterLabs] Fix for CVE-2022-30123 and CVE-2019-11358

On Thu, Jan 19, 2023 at 9:19 PM A Gunasekar 
mailto:a.gunase...@ericsson.com>> wrote:
Hi Wahl,

Tomas update was not visible to us  and Thanks for sharing it here.
https://lists.clusterlabs.org/pipermail/users/2022-December/030734.html<https://protect2.fireeye.com/v1/url?k=31323334-501d5122-313273af-45444731-ccdbf0db8445bdb4=1=a7a59750-e061-4298-8714-ebe38fc95520=https%3A%2F%2Flists.clusterlabs.org%2Fpipermail%2Fusers%2F2022-December%2F030734.html>

You're welcome. Unfortunately, the threads are separated by month. So if a 
reply is sent in a different month, it doesn't appear in the original thread. 
You sent your original email in December, and Tomas replied in January. See the 
following links:
https://lists.clusterlabs.org/pipermail/users/2023-January/thread.html<https://protect2.fireeye.com/v1/url?k=31323334-501d5122-313273af-45444731-8bc25f8cc580c14b=1=a7a59750-e061-4298-8714-ebe38fc95520=https%3A%2F%2Flists.clusterlabs.org%2Fpipermail%2Fusers%2F2023-January%2Fthread.html>
https://lists.clusterlabs.org/pipermail/users/2023-January/030750.html<https://protect2.fireeye.com/v1/url?k=31323334-501d5122-313273af-45444731-da3abaa3680ed01a=1=a7a59750-e061-4298-8714-ebe38fc95520=https%3A%2F%2Flists.clusterlabs.org%2Fpipermail%2Fusers%2F2023-January%2F030750.html>

[Ericsson]<http://www.ericsson.com/>
Gunasekar A
Senior Software Engineer
BDGS SA BSS PDU BSS PDG EC CH NGCRS
Mobile: +919894561292
Email ID: a.gunase...@ericsson.com<mailto:a.gunase...@ericsson.com>
From: Reid Wahl mailto:nw...@redhat.com>>
Sent: 20 January 2023 03:07
To: Cluster Labs - All topics related to open-source clustering welcomed 
mailto:users@clusterlabs.org>>
Cc: A Gunasekar mailto:a.gunase...@ericsson.com>>; M 
Vasanthakumar 
mailto:m.vasanthaku...@ericsson.com>>; S Sathish 
S mailto:s.s.sath...@ericsson.com>>
Subject: Re: [ClusterLabs] Fix for CVE-2022-30123 and CVE-2019-11358

On Thu, Jan 19, 2023 at 12:54 PM A Gunasekar via Users 
mailto:users@clusterlabs.org>> wrote:
Hi Team,

Can we get some update on this.

Hi,

What update are you seeking? It looks like Tomas already answered your 
question. I'll paste his answer again here.

> Hi A Gunasekar,
>
> As far as I can see, updated pcs packages pcs-0.9.169-3.el7_9.3 which
> fix the mentioned CVEs were released on 2022-11-02.
>
> Regards,
> Tomas

[Ericsson]<http://www.ericsson.com/>
Gunasekar A
Senior Software Engineer
BDGS SA BSS PDU BSS PDG EC CH NGCRS
Mobile: +919894561292
Email ID: a.gunase...@ericsson.com<mailto:a.gunase...@ericsson.com>
From: A Gunasekar
Sent: 21 December 2022 18:59
To: users@clusterlabs.org<mailto:users@clusterlabs.org>
Cc: S Sathish S mailto:s.s.sath...@ericsson.com>>; M 
Vasanthakumar 
mailto:m.vasanthaku...@ericsson.com>>
Subject: Fix for CVE-2022-30123 and CVE-2019-11358

Hi Team,

Please be informed, we have got notified from our security tool that our pcs 
version 0.9 is affected by the CVE-2022-30123 and CVE-2019-11358.
It would be great if we help to get answers for the below queries.

  *   We are currently in RHEL 7.9 OS and using pcs 0.9 version, Is there any 
fix planned/available for this affection version (0.9.x) of pcs ?
  *   Let us know in which release this CVEs fix are planned ?

Our system Details:-
OS Version: RHEL 7.9
Cluster lab PCS  version: 0.9

[Ericsson]<http://www.ericsson.com/>
Gunasekar A
Senior Software Engineer
BDGS SA BSS PDU BSS PDG EC CH NGCRS
Mobile: +919894561292
Email ID: a.gunase...@ericsson.com<mailto:a.gunase...@ericsson.com>

___
Manage your subscription:
https://lists.clusterlabs.org/mailman/listinfo/users<https://protect2.fireeye.com/v1/url?k=31323334-501d5122-313273af-45444731-d41b189

Re: [ClusterLabs] Fix for CVE-2022-30123 and CVE-2019-11358

2023-01-20 Thread Reid Wahl

On Fri, Jan 20, 2023 at 2:19 AM A Gunasekar 
wrote:

> Hi Wahl.
>
>
>
> The solution Tomas  as suggested is from Redhat delivered rpm packages “
> *pcs-0.9.169-3.el7_9.3*”.
>
>
>
> But we are using Cluster Lab  delivered rpm packages in our node.
>
>
>
> So it would be good if we get fixed deliverables from Cluster Lab
> delivered rpms.
>

+ users list

Please include the mailing list on emails


>
>
>
>
>
>
> [image: Ericsson] <http://www.ericsson.com/>
>
> *Gunasekar A *
>
> Senior Software Engineer
>
> BDGS SA BSS PDU BSS PDG EC CH NGCRS
>
> Mobile: +919894561292
>
> Email ID: a.gunase...@ericsson.com
>
>
>
>
>
>
>
>
>
> *From:* A Gunasekar
> *Sent:* 20 January 2023 15:12
> *To:* Reid Wahl 
> *Cc:* M Vasanthakumar ; S Sathish S <
> s.s.sath...@ericsson.com>
> *Subject:* RE: [ClusterLabs] Fix for CVE-2022-30123 and CVE-2019-11358
>
>
>
> Thanks Wahl for this information
>
>
>
>
>
>
>
> *From:* Reid Wahl 
> *Sent:* 20 January 2023 11:57
> *To:* A Gunasekar 
> *Cc:* M Vasanthakumar ; S Sathish S <
> s.s.sath...@ericsson.com>
> *Subject:* Re: [ClusterLabs] Fix for CVE-2022-30123 and CVE-2019-11358
>
>
>
>
>
>
>
> On Thu, Jan 19, 2023 at 9:19 PM A Gunasekar 
> wrote:
>
> Hi Wahl,
>
>
>
> Tomas update was not visible to us  and Thanks for sharing it here.
>
> https://lists.clusterlabs.org/pipermail/users/2022-December/030734.html
> <https://protect2.fireeye.com/v1/url?k=31323334-501d5122-313273af-45444731-ccdbf0db8445bdb4=1=a7a59750-e061-4298-8714-ebe38fc95520=https%3A%2F%2Flists.clusterlabs.org%2Fpipermail%2Fusers%2F2022-December%2F030734.html>
>
>
>
> You're welcome. Unfortunately, the threads are separated by month. So if a
> reply is sent in a different month, it doesn't appear in the original
> thread. You sent your original email in December, and Tomas replied in
> January. See the following links:
>
> https://lists.clusterlabs.org/pipermail/users/2023-January/thread.html
> <https://protect2.fireeye.com/v1/url?k=31323334-501d5122-313273af-45444731-8bc25f8cc580c14b=1=a7a59750-e061-4298-8714-ebe38fc95520=https%3A%2F%2Flists.clusterlabs.org%2Fpipermail%2Fusers%2F2023-January%2Fthread.html>
>
> https://lists.clusterlabs.org/pipermail/users/2023-January/030750.html
> <https://protect2.fireeye.com/v1/url?k=31323334-501d5122-313273af-45444731-da3abaa3680ed01a=1=a7a59750-e061-4298-8714-ebe38fc95520=https%3A%2F%2Flists.clusterlabs.org%2Fpipermail%2Fusers%2F2023-January%2F030750.html>
>
>
>
>
>
>
>
> [image: Ericsson] <http://www.ericsson.com/>
>
> *Gunasekar A *
>
> Senior Software Engineer
>
> BDGS SA BSS PDU BSS PDG EC CH NGCRS
>
> Mobile: +919894561292
>
> Email ID: a.gunase...@ericsson.com
>
> *From:* Reid Wahl 
> *Sent:* 20 January 2023 03:07
> *To:* Cluster Labs - All topics related to open-source clustering
> welcomed 
> *Cc:* A Gunasekar ; M Vasanthakumar <
> m.vasanthaku...@ericsson.com>; S Sathish S 
> *Subject:* Re: [ClusterLabs] Fix for CVE-2022-30123 and CVE-2019-11358
>
>
>
>
>
>
>
> On Thu, Jan 19, 2023 at 12:54 PM A Gunasekar via Users <
> users@clusterlabs.org> wrote:
>
> Hi Team,
>
>
>
> Can we get some update on this.
>
>
>
> Hi,
>
>
>
> What update are you seeking? It looks like Tomas already answered your
> question. I'll paste his answer again here.
>
>
>
> > Hi A Gunasekar,
> >
> > As far as I can see, updated pcs packages pcs-0.9.169-3.el7_9.3 which
> > fix the mentioned CVEs were released on 2022-11-02.
> >
> > Regards,
> > Tomas
>
>
>
>
>
>
>
> [image: Ericsson] <http://www.ericsson.com/>
>
> *Gunasekar A *
>
> Senior Software Engineer
>
> BDGS SA BSS PDU BSS PDG EC CH NGCRS
>
> Mobile: +919894561292
>
> Email ID: a.gunase...@ericsson.com
>
> *From:* A Gunasekar
> *Sent:* 21 December 2022 18:59
> *To:* users@clusterlabs.org
> *Cc:* S Sathish S ; M Vasanthakumar <
> m.vasanthaku...@ericsson.com>
> *Subject:* Fix for CVE-2022-30123 and CVE-2019-11358
>
>
>
> Hi Team,
>
>
>
> Please be informed, we have got notified from our security tool that our
> pcs version 0.9 is affected by the *CVE-2022-30123 and CVE-2019-11358*.
>
> It would be great if we help to get answers for the below queries.
>
>
>
>- We are currently in RHEL 7.9 OS and using pcs 0.9 version, Is there
>any fix planned/available for this affection version (0.9.x) of pcs ?
>- Let us know in which release this CVEs fix are pl

Re: [ClusterLabs] Fix for CVE-2022-30123 and CVE-2019-11358

2023-01-19 Thread Reid Wahl

On Thu, Jan 19, 2023 at 12:54 PM A Gunasekar via Users <
users@clusterlabs.org> wrote:

> Hi Team,
>
>
>
> Can we get some update on this.
>

Hi,

What update are you seeking? It looks like Tomas already answered your
question. I'll paste his answer again here.

> Hi A Gunasekar,
>
> As far as I can see, updated pcs packages pcs-0.9.169-3.el7_9.3 which
> fix the mentioned CVEs were released on 2022-11-02.
>
> Regards,
> Tomas


>
>
>
>
> [image: Ericsson] 
>
> *Gunasekar A *
>
> Senior Software Engineer
>
> BDGS SA BSS PDU BSS PDG EC CH NGCRS
>
> Mobile: +919894561292
>
> Email ID: a.gunase...@ericsson.com
>
> *From:* A Gunasekar
> *Sent:* 21 December 2022 18:59
> *To:* users@clusterlabs.org
> *Cc:* S Sathish S ; M Vasanthakumar <
> m.vasanthaku...@ericsson.com>
> *Subject:* Fix for CVE-2022-30123 and CVE-2019-11358
>
>
>
> Hi Team,
>
>
>
> Please be informed, we have got notified from our security tool that our
> pcs version 0.9 is affected by the *CVE-2022-30123 and CVE-2019-11358*.
>
> It would be great if we help to get answers for the below queries.
>
>
>
>- We are currently in RHEL 7.9 OS and using pcs 0.9 version, Is there
>any fix planned/available for this affection version (0.9.x) of pcs ?
>- Let us know in which release this CVEs fix are planned ?
>
>
>
> *Our system Details:-*
>
> OS Version: RHEL 7.9
>
> Cluster lab PCS  version: 0.9
>
>
>
>
>
> [image: Ericsson] 
>
> *Gunasekar A *
>
> Senior Software Engineer
>
> BDGS SA BSS PDU BSS PDG EC CH NGCRS
>
> Mobile: +919894561292
>
> Email ID: a.gunase...@ericsson.com
>
>
>
>
> ___
> Manage your subscription:
> https://lists.clusterlabs.org/mailman/listinfo/users
>
> ClusterLabs home: https://www.clusterlabs.org/
>


-- 
Regards,

Reid Wahl (He/Him)
Senior Software Engineer, Red Hat
RHEL High Availability - Pacemaker
___
Manage your subscription:
https://lists.clusterlabs.org/mailman/listinfo/users

ClusterLabs home: https://www.clusterlabs.org/

Re: [ClusterLabs] Fix for CVE-2022-30123 and CVE-2019-11358

2023-01-19 Thread A Gunasekar via Users

Hi Team,

Can we get some update on this.


[Ericsson]
Gunasekar A
Senior Software Engineer
BDGS SA BSS PDU BSS PDG EC CH NGCRS
Mobile: +919894561292
Email ID: a.gunase...@ericsson.com
From: A Gunasekar
Sent: 21 December 2022 18:59
To: users@clusterlabs.org
Cc: S Sathish S ; M Vasanthakumar 

Subject: Fix for CVE-2022-30123 and CVE-2019-11358

Hi Team,

Please be informed, we have got notified from our security tool that our pcs 
version 0.9 is affected by the CVE-2022-30123 and CVE-2019-11358.
It would be great if we help to get answers for the below queries.


  *   We are currently in RHEL 7.9 OS and using pcs 0.9 version, Is there any 
fix planned/available for this affection version (0.9.x) of pcs ?
  *   Let us know in which release this CVEs fix are planned ?

Our system Details:-
OS Version: RHEL 7.9
Cluster lab PCS  version: 0.9


[Ericsson]
Gunasekar A
Senior Software Engineer
BDGS SA BSS PDU BSS PDG EC CH NGCRS
Mobile: +919894561292
Email ID: a.gunase...@ericsson.com


___
Manage your subscription:
https://lists.clusterlabs.org/mailman/listinfo/users

ClusterLabs home: https://www.clusterlabs.org/

Re: [ClusterLabs] Fix for CVE-2022-30123 and CVE-2019-11358

2023-01-02 Thread Tomas Jelinek


Hi A Gunasekar,

As far as I can see, updated pcs packages pcs-0.9.169-3.el7_9.3 which 
fix the mentioned CVEs were released on 2022-11-02.


Regards,
Tomas


Dne 21. 12. 22 v 14:28 A Gunasekar via Users napsal(a):

Hi Team,

Please be informed, we have got notified from our security tool that our 
pcs version 0.9 is affected by the *CVE-2022-30123 and CVE-2019-11358*.


It would be great if we help to get answers for the below queries.

**

  * We are currently in RHEL 7.9 OS and using pcs 0.9 version, Is there
any fix planned/available for this affection version (0.9.x) of pcs ?**
  * Let us know in which release this CVEs fix are planned ?**

**

*Our system Details:-*

OS Version: RHEL 7.9

Cluster lab PCS  version: 0.9

Ericsson 

*Gunasekar A ***

Senior Software Engineer

BDGS SA BSS PDU BSS PDG EC CH NGCRS

Mobile: +919894561292

Email ID: a.gunase...@ericsson.com **


___
Manage your subscription:
https://lists.clusterlabs.org/mailman/listinfo/users

ClusterLabs home: https://www.clusterlabs.org/


___
Manage your subscription:
https://lists.clusterlabs.org/mailman/listinfo/users

ClusterLabs home: https://www.clusterlabs.org/

Re: [ClusterLabs] Fix for CVE-2022-30123 and CVE-2019-11358

Re: [ClusterLabs] Fix for CVE-2022-30123 and CVE-2019-11358

Re: [ClusterLabs] Fix for CVE-2022-30123 and CVE-2019-11358

Re: [ClusterLabs] Fix for CVE-2022-30123 and CVE-2019-11358

Re: [ClusterLabs] Fix for CVE-2022-30123 and CVE-2019-11358

Re: [ClusterLabs] Fix for CVE-2022-30123 and CVE-2019-11358

Re: [ClusterLabs] Fix for CVE-2022-30123 and CVE-2019-11358

Re: [ClusterLabs] Fix for CVE-2022-30123 and CVE-2019-11358

8 matches

Site Navigation

Mail list logo

Footer information