Bug 498983

Summary: cluster product is affected by several symlink attack vulnerabilities
Product: [Retired] Red Hat Cluster Suite Reporter: Fabio Massimo Di Nitto <fdinitto>
Component: fenceAssignee: Marek Grac <mgrac>
Status: CLOSED ERRATA QA Contact: Cluster QE <mspqa-list>
Severity: urgent Docs Contact:
Priority: high    
Version: 4CC: bstevens, cfeist, cluster-maint, djansa, edamato, swhiteho
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: fence-1.32.68-5.el4 Doc Type: Bug Fix
Doc Text:
Option -v for verbose mode now expects filename.
 Story Points: ---
Clone Of: 469338 Environment:
Last Closed: 2011-02-16 16:15:48 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 469338    
Bug Blocks:    

Comment 1 Marek Grac 2009-06-26 10:52:38 UTC 
Option -v for verbose mode now expects filename.  

Fixed in:
http://git.fedorahosted.org/git/cluster.git?p=cluster.git;a=commit;h=7868c811ac968bc973ab452f5bcf1676d65565bd
Comment 2 Marek Grac 2009-06-26 10:52:38 UTC 
Release note added. If any revisions are required, please set the 
"requires_release_notes" flag to "?" and edit the "Release Notes" field accordingly.
All revisions will be proofread by the Engineering Content Services team.

New Contents:
Option -v for verbose mode now expects filename.
Comment 5 Dean Jansa 2011-01-21 23:22:58 UTC 
[root@marathon-virt-01 rhn]# fence_apc_snmp -h
Usage:

Options:
  -h               Usage
  -a <ip>          IP address or hostname of fence device
  -u <udpport>     UDP port to use (default 161)
  -c <community>   SNMP community (default 'private')
  -n <num>         Outlet name/number to act on
  -o <string>      Action: Reboot (default), On, Off and Status
  -v <filename>    Verbose mode - write to file
  -V               Version
0
Comment 6 errata-xmlrpc 2011-02-16 16:15:48 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2011-0266.html