ALAS2-2021-1583

An ACL bypass flaw was found in pacemaker. An attacker having a local account on the cluster and in the haclient group could use IPC communication with various daemons directly to perform certain tasks that they would be prevented by ACLs from doing if they went through the configuration. (CVE-2020-25654)

aarch64:
    pacemaker-1.1.23-1.amzn2.1.aarch64
    pacemaker-cli-1.1.23-1.amzn2.1.aarch64
    pacemaker-libs-1.1.23-1.amzn2.1.aarch64
    pacemaker-cluster-libs-1.1.23-1.amzn2.1.aarch64
    pacemaker-remote-1.1.23-1.amzn2.1.aarch64
    pacemaker-libs-devel-1.1.23-1.amzn2.1.aarch64
    pacemaker-cts-1.1.23-1.amzn2.1.aarch64
    pacemaker-doc-1.1.23-1.amzn2.1.aarch64
    pacemaker-nagios-plugins-metadata-1.1.23-1.amzn2.1.aarch64
    pacemaker-debuginfo-1.1.23-1.amzn2.1.aarch64

i686:
    pacemaker-1.1.23-1.amzn2.1.i686
    pacemaker-cli-1.1.23-1.amzn2.1.i686
    pacemaker-libs-1.1.23-1.amzn2.1.i686
    pacemaker-cluster-libs-1.1.23-1.amzn2.1.i686
    pacemaker-remote-1.1.23-1.amzn2.1.i686
    pacemaker-libs-devel-1.1.23-1.amzn2.1.i686
    pacemaker-cts-1.1.23-1.amzn2.1.i686
    pacemaker-doc-1.1.23-1.amzn2.1.i686
    pacemaker-nagios-plugins-metadata-1.1.23-1.amzn2.1.i686
    pacemaker-debuginfo-1.1.23-1.amzn2.1.i686

src:
    pacemaker-1.1.23-1.amzn2.1.src

x86_64:
    pacemaker-1.1.23-1.amzn2.1.x86_64
    pacemaker-cli-1.1.23-1.amzn2.1.x86_64
    pacemaker-libs-1.1.23-1.amzn2.1.x86_64
    pacemaker-cluster-libs-1.1.23-1.amzn2.1.x86_64
    pacemaker-remote-1.1.23-1.amzn2.1.x86_64
    pacemaker-libs-devel-1.1.23-1.amzn2.1.x86_64
    pacemaker-cts-1.1.23-1.amzn2.1.x86_64
    pacemaker-doc-1.1.23-1.amzn2.1.x86_64
    pacemaker-nagios-plugins-metadata-1.1.23-1.amzn2.1.x86_64
    pacemaker-debuginfo-1.1.23-1.amzn2.1.x86_64