Pacemaker: Multiple vulnerabilities Multiple vulnerabilities have been found in Pacemaker, the worst of which could result in the execution of arbitrary code. pacemaker 2017-10-08 2017-10-08 546550 599194 local, remote 1.1.16 1.1.16

Pacemaker is an Open Source, High Availability resource manager suitable for both small and large clusters.

Multiple vulnerabilities have been discovered in Pacemaker. Please review the referenced CVE identifiers for details.

A remote attacker could execute arbitrary code or a local attacker could escalate privileges.

There is no known workaround at this time.

All Pacemaker users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=sys-cluster/pacemaker-1.1.16 " CVE-2015-1867 CVE-2016-7035 BlueKnight chrisadr