# Recommended update for pacemaker Announcement ID: SUSE-RU-2024:0606-1 Rating: critical References: * bsc#1219220 * bsc#1219323 Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Availability Extension 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has two fixes can now be installed. ## Description: This update for pacemaker fixes the following issues: * libcrmcommon: Avoid file descriptor leak in IPC client with async connection (bsc#1219323) * libcrmcommon: Always output request= in XML output * libcrmcommon: crm_xml_escape() shouldn't stop on Unicode characters * tools: crm_attribute emits garbage for --node localhost or auto * tools: Fix memory leak in crm_mon with HTML output * tools: crm_mon segfaults when fencer connection is lost (bsc#1219220) * attrd: Write Pacemaker Remote node attributes even if not in cache * agents: Use attrd_updater dampen delay in SysInfo * libcrmcommon: Check correct env vars in pcmk__node_attr_target() * scheduler: Restore nvpair behavior without id-ref * scheduler: Reject expression without op sooner * libcrmcommon: Fix NULL dereference in expand_idref() * scheduler: Improve logs for invalid id-ref's * pacemaker-attrd,libcrmcluster: Avoid use-after-free when remote node in cluster node cache * libcrmcluster: Avoid use-after-free in trace log * HealthSmart: Check the parameter values of check_temperature to avoid error output * agents: Handle dampening parameter consistently and correctly * crm_resource: Make --wait wait for pending actions in CIB * scheduler: Avoid double free with disabled recurring actions * agents: HealthCPU - fix the validation of input * controller: Don't try to execute agent action at shutdown * tools: The dampen parameter is disabled when setting values with attrd_updater. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-606=1 openSUSE-SLE-15.5-2024-606=1 * SUSE Linux Enterprise High Availability Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-HA-15-SP5-2024-606=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * pacemaker-libs-2.1.5+20221208.a3f44794f-150500.6.11.1 * pacemaker-debugsource-2.1.5+20221208.a3f44794f-150500.6.11.1 * pacemaker-2.1.5+20221208.a3f44794f-150500.6.11.1 * pacemaker-remote-debuginfo-2.1.5+20221208.a3f44794f-150500.6.11.1 * pacemaker-libs-debuginfo-2.1.5+20221208.a3f44794f-150500.6.11.1 * pacemaker-devel-2.1.5+20221208.a3f44794f-150500.6.11.1 * pacemaker-cli-2.1.5+20221208.a3f44794f-150500.6.11.1 * pacemaker-remote-2.1.5+20221208.a3f44794f-150500.6.11.1 * pacemaker-cli-debuginfo-2.1.5+20221208.a3f44794f-150500.6.11.1 * pacemaker-debuginfo-2.1.5+20221208.a3f44794f-150500.6.11.1 * openSUSE Leap 15.5 (noarch) * pacemaker-cts-2.1.5+20221208.a3f44794f-150500.6.11.1 * SUSE Linux Enterprise High Availability Extension 15 SP5 (aarch64 ppc64le s390x x86_64) * pacemaker-libs-2.1.5+20221208.a3f44794f-150500.6.11.1 * pacemaker-debugsource-2.1.5+20221208.a3f44794f-150500.6.11.1 * pacemaker-2.1.5+20221208.a3f44794f-150500.6.11.1 * pacemaker-remote-debuginfo-2.1.5+20221208.a3f44794f-150500.6.11.1 * pacemaker-libs-debuginfo-2.1.5+20221208.a3f44794f-150500.6.11.1 * pacemaker-devel-2.1.5+20221208.a3f44794f-150500.6.11.1 * pacemaker-cli-2.1.5+20221208.a3f44794f-150500.6.11.1 * pacemaker-remote-2.1.5+20221208.a3f44794f-150500.6.11.1 * pacemaker-cli-debuginfo-2.1.5+20221208.a3f44794f-150500.6.11.1 * pacemaker-debuginfo-2.1.5+20221208.a3f44794f-150500.6.11.1 * SUSE Linux Enterprise High Availability Extension 15 SP5 (noarch) * pacemaker-cts-2.1.5+20221208.a3f44794f-150500.6.11.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1219220 * https://bugzilla.suse.com/show_bug.cgi?id=1219323