Multiple vulnerabilities have been found in Pacemaker, the worst of which could result in root privilege escalation.
|sys-cluster/pacemaker on all architectures
Pacemaker is an Open Source, High Availability resource manager suitable for both small and large clusters.
Multiple vulnerabilities have been discovered in Pacemaker. Please review the CVE identifiers referenced below for details.
Please review the referenced CVE identifiers for details.
There is no known workaround at this time.
All Pacemaker users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=sys-cluster/pacemaker-2.0.5_rc2"