Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To:
Subject: Accepted pacemaker 2.0.1-5+deb10u1 (source) into stable->embargoed, stable
Date: Fri, 13 Nov 2020 09:58:16 +0000
Signed by: Ferenc Wágner <wferi@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 12 Nov 2020 17:28:32 CET
Source: pacemaker
Architecture: source
Version: 2.0.1-5+deb10u1
Distribution: buster-security
Urgency: high
Maintainer: Debian HA Maintainers <debian-ha-maintainers@lists.alioth.debian.org>
Changed-By: Ferenc Wágner <wferi@debian.org>
Closes: 973254
Changes:
 pacemaker (2.0.1-5+deb10u1) buster-security; urgency=high
 .
   * [bf23450] Apply patch series fixing CVE-2020-25654: ACL bypass.
     A vulnerability was found in Pacemaker allowing a user who is in the
     haclient group but restricted by ACLs to bypass those ACLs, providing
     cluster-wide arbitrary code execution with root privileges.  When the
     enable-acl cluster option isn't set to true, members of the haclient
     group (and root) can modify Pacemaker's CIB without restriction, which
     already gives them these capabilities, so there is no additional
     exposure in that case.
     More info: https://www.openwall.com/lists/oss-security/2020/10/27/1
     Patches: https://lists.clusterlabs.org/pipermail/developers/2020-October/002324.html
     Thanks to Ken Gaillot (Closes: #973254)
Checksums-Sha256: 
 b431335b401e527c89aa2f606cd6db8518778358a16db84850d9e624f9899712 3948 pacemaker_2.0.1-5+deb10u1.dsc
 2ac55117708be304f1c57df9c72d7346733d8429be69c9aabe77ea7f71cfb4f8 69108 pacemaker_2.0.1-5+deb10u1.debian.tar.xz
 a2e22eff1f17a27931ade4d5470baba66aa7f14188383dac9e382036df2880c7 31494 pacemaker_2.0.1-5+deb10u1_amd64.buildinfo
 4f0040e5c80b108900a019d9033e8bb5d4fb4bc26c6f6fd6397bd846c6461864 5506340 pacemaker_2.0.1.orig.tar.gz
Checksums-Sha1: 
 fd8da29aff9af7cf67e796cc3d4f98b59df437ef 3948 pacemaker_2.0.1-5+deb10u1.dsc
 7a20e62e960c80e928e92978bc4dae32eb36b970 69108 pacemaker_2.0.1-5+deb10u1.debian.tar.xz
 89ef418c7b6a769b51c120b39bdcd79e9dc165d5 31494 pacemaker_2.0.1-5+deb10u1_amd64.buildinfo
 e2825bf6cb0c581f8336daa50babe95b52179c60 5506340 pacemaker_2.0.1.orig.tar.gz
Files: 
 05083707664422aa00b5c45b6fc75e07 3948 admin optional pacemaker_2.0.1-5+deb10u1.dsc
 a70f5b4fc74a3861f215b346ee58e2e1 69108 admin optional pacemaker_2.0.1-5+deb10u1.debian.tar.xz
 08693a4832267f5ddf7203a138ec3cd1 31494 admin optional pacemaker_2.0.1-5+deb10u1_amd64.buildinfo
 ef93d59f2dd7974963e7e0c4c9aad2ed 5506340 admin optional pacemaker_2.0.1.orig.tar.gz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEwddEx0RNIUL7eugtOsj3Fkd+2yMFAl+tYs8ACgkQOsj3Fkd+
2yP+uBAAim8IBae+R42wk8SEcRdE0iQ2sbUFyuu6MQB84tqnpsyF9NXy0OeYQMyU
wJ83cXhSTM8YL+sT/w9q8emV4bu5zReYH45ThBmC4f9Fois4LT3eI8sekRcQNZSf
0nFZPbJFV5z4TF5N0+B2IX/1n0C1ZN2YIzsMEMe8v0b5WzSJH9aL2jo86/OEq8iV
g8mV9Bl9Tu2A2UWRYFWjJSa0TXGc9E34r4Nrvc/cf5aOEOHfcJXJ+ywMQMDjB5Bo
hXzcqx7NSPvN1o8P5z8uMH58EnF93ax40nUskhaOYo6qj+UvnMPgVBKdRGhZOtv6
b8jU/01Kv3MQu2OjwDSjxKrLf+STPWF6sd7lnb8FHBAmmNl1b1KmXUwMS/btnDxF
CXSWB9oe4G5mYbe9yqUB5VynVaWqKfEaoPCttFXxJBy0ryOVKwJWKVCtrwWJUGx2
ijqjgu4/b5flszMnxefDDvOW4U4E3Y9oxZXqey6fMpMTRX5aqzCLgi7GeGWuHXTr
J2vxBLEm5WJRgYbNAEYs7gYY4wmvNec43SbNXUvKcEL1hAxNQhXvrd8Rjxg8/YYp
bOnhGzrDP3bk0eFDZ0ybonjJRimaSO8i5R+azida7oZH//T73iCQ0VelHNV4UFPF
q4+evX52tVMDbALRtZqKUn1EQFNvZAqaorI3FcEMmaTNi/WIE1Q=
=jQPg
-----END PGP SIGNATURE-----
News for package pacemaker
