Security update for pacemaker
This update for pacemaker fixes the following issues:
Security issues fixed:
- CVE-2018-16877: Fixed a local privilege escalation through insufficient IPC client-server authentication. (bsc#1131356)
- CVE-2018-16878: Fixed a denial of service through insufficient verification inflicted preference of uncontrolled processes. (bsc#1131353)
This update was imported from the SUSE:SLE-12-SP3:Update update project.
- Submitted by Yan Gao (yan_gao)
Fixed bugs
bnc#1131356
VUL-0: CVE-2018-16877: pacemaker: Insufficient local IPC client-server authentication on the client's side
bnc#1131353
VUL-0: CVE-2018-16878: pacemaker: Insufficient verification inflicted preference of uncontrolled processes