Multiple vulnerabilities have been found in Pacemaker, the worst of which could result in the execution of arbitrary code.
|Package||sys-cluster/pacemaker on all architectures|
|Affected versions||< 1.1.16|
|Unaffected versions||>= 1.1.16|
Pacemaker is an Open Source, High Availability resource manager suitable for both small and large clusters.
Multiple vulnerabilities have been discovered in Pacemaker. Please review the referenced CVE identifiers for details.
A remote attacker could execute arbitrary code or a local attacker could escalate privileges.
There is no known workaround at this time.
All Pacemaker users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=sys-cluster/pacemaker-1.1.16 "