Hi, You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 9 Type: Security Severity: Important Release date: 2023-05-11 Summary: The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fix(es): * pcs: webpack: Regression of CVE-2023-28154 fixes in the AlmaLinux (CVE-2023-2319) * rubygem-rack: Denial of service in Multipart MIME parsing (CVE-2023-27530) * rubygem-rack: denial of service in header parsing (CVE-2023-27539) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Command 'pcs config checkpoint diff' does not show configuration differences between checkpoints (BZ#2180697) * Need a way to add a scsi fencing device to a cluster without requiring a restart of all cluster resources (BZ#2180704) * [WebUI] fence levels prevent loading of cluster status (BZ#2183180) Full details, updated packages, references, and other related information: https://errata.almalinux.org/9/ALSA-2023-2652.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team