Hello community, here is the log from the commit of package patchinfo.14777 for openSUSE:Leap:15.1:Update checked in at 2020-11-04 00:26:23 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.1:Update/patchinfo.14777 (Old) and /work/SRC/openSUSE:Leap:15.1:Update/.patchinfo.14777.new.11331 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "patchinfo.14777" Wed Nov 4 00:26:23 2020 rev:1 rq:845212 version:unknown Changes: -------- New Changes file: NO CHANGES FILE!!! New: ---- _patchinfo ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ _patchinfo ++++++ <patchinfo incident="14777"> <issue tracker="cve" id="2020-25654"/> <issue tracker="bnc" id="1173668">Partner-L3: SLES15 HA: crmd quit unexpectedly quit in process of node bootup.</issue> <issue tracker="bnc" id="1177916">VUL-0: EMBARGOED: CVE-2020-25654: pacemaker: ACL restrictions bypass</issue> <issue tracker="bnc" id="1175557">sysinfo resource agent seams to be broken</issue> <issue tracker="bnc" id="1167171">RPM package scripts differ on haclient gids between different HA rpms</issue> <packager>yan_gao</packager> <rating>important</rating> <category>security</category> <summary>Security update for pacemaker</summary> <description>This update for pacemaker fixes the following issues: - executor: restrict certain IPC requests to Pacemaker daemons (CVE-2020-25654, bsc#1177916) - extra: add vim modelines to agents - extra: quote shell variables in agent code where appropriate (bsc#1175557) - extra: remove trailing whitespace from agent code - extra: update agent boilerplate (copyright/license notices) - extra: use 4-space indents in resource agent code - extra: use ":=" where appropriate in agent code - fencer: restrict certain IPC requests to privileged users (CVE-2020-25654, bsc#1177916) - move bcond_with/without up front for e.g. pcmk_release - pacemakerd: ignore shutdown requests from unprivileged users (CVE-2020-25654, bsc#1177916) - rpm: add spec option for enabling CIB secrets - rpm: put user-configurable items at top of spec - rpm: use the user/group ID 90 for haclient/hacluster to be consistent with cluster-glue (bsc#1167171) This update was imported from the SUSE:SLE-15-SP1:Update update project.</description> </patchinfo>