[ClusterLabs] Corosync 2.4.4 is available at corosync.org!
Ferenc Wágner
wferi at niif.hu
Thu Apr 12 21:10:30 UTC 2018
Jan Pokorný <jpokorny at redhat.com> writes:
> On 12/04/18 14:33 +0200, Jan Friesse wrote:
>
>> This release contains a lot of fixes, including fix for
>> CVE-2018-1084.
>
> Security related updates would preferably provide more context
Absolutely, thanks for providing that! Looking at the git log, I wonder
if c139255 (totemsrp: Implement sanity checks of received msgs) has
direct security relevance as well. Should I include that too in the
Debian security update? Debian stable has 2.4.2, so I'm cherry picking
into that version.
--
Thanks,
Feri
More information about the Users
mailing list