{"affected":[{"ecosystem_specific":{"binaries":[{"crmsh":"4.1.0+git.1614156984.f4f5e146-2.56.2","crmsh-scripts":"4.1.0+git.1614156984.f4f5e146-2.56.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Availability Extension 12 SP4","name":"crmsh","purl":"pkg:rpm/suse/crmsh&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.1.0+git.1614156984.f4f5e146-2.56.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"crmsh":"4.1.0+git.1614156984.f4f5e146-2.56.2","crmsh-scripts":"4.1.0+git.1614156984.f4f5e146-2.56.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Availability Extension 12 SP5","name":"crmsh","purl":"pkg:rpm/suse/crmsh&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.1.0+git.1614156984.f4f5e146-2.56.2"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for crmsh fixes the following issues:\n\n- Update to version 4.1.0+git.1614156984.f4f5e146:\n  * Fix: hb_report: walk through hb_report process under hacluster(CVE-2020-35459, bsc#1179999; CVE-2021-3020, bsc#1180571)\n  * Fix: bootstrap: setup authorized ssh access for hacluster(CVE-2020-35459, bsc#1179999; CVE-2021-3020, bsc#1180571)\n  * Dev: utils: change default file mod as 644 for str2file function\n  * Dev: lock: give more specific error message when raise ClaimLockError\n  * Dev: hb_report: Detect if any ocfs2 partitions exist\n  * Fix: hb_report: run lsof with specific ocfs2 device(bsc#1180688)\n  * Dev: corosync: change the permission of corosync.conf to 644\n  * Fix: bootstrap: Use class Watchdog to simplify watchdog config(bsc#1154927, bsc#1178869)\n  * Fix: bootstrap: make sure sbd device UUID was the same between nodes(bsc#1178454)\n","id":"SUSE-SU-2021:0722-1","modified":"2021-03-08T15:42:37Z","published":"2021-03-08T15:42:37Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2021/suse-su-20210722-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1154927"},{"type":"REPORT","url":"https://bugzilla.suse.com/1178454"},{"type":"REPORT","url":"https://bugzilla.suse.com/1178869"},{"type":"REPORT","url":"https://bugzilla.suse.com/1179999"},{"type":"REPORT","url":"https://bugzilla.suse.com/1180571"},{"type":"REPORT","url":"https://bugzilla.suse.com/1180688"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-35459"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-3020"}],"related":["CVE-2020-35459","CVE-2021-3020"],"summary":"Security update for crmsh","upstream":["CVE-2020-35459","CVE-2021-3020"]}