{"id":"ALSA-2020:5487","summary":"Moderate: pacemaker security update","details":"The Pacemaker cluster resource manager is a collection of technologies working together to maintain data integrity and application availability in the event of failures. \n\nSecurity Fix(es):\n\n* pacemaker: ACL restrictions bypass (CVE-2020-25654)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","modified":"2026-01-30T01:01:37.697489Z","published":"2020-12-15T16:01:26Z","related":["CVE-2020-25654"],"references":[{"type":"REPORT","url":"https://vulners.com/cve/CVE-2020-25654"}],"affected":[{"package":{"name":"pacemaker","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/pacemaker"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.4-6.el8_3.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2020:5487.json"}},{"package":{"name":"pacemaker-cli","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/pacemaker-cli"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.4-6.el8_3.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2020:5487.json"}},{"package":{"name":"pacemaker-cts","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/pacemaker-cts"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.4-6.el8_3.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2020:5487.json"}},{"package":{"name":"pacemaker-doc","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/pacemaker-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.4-6.el8_3.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2020:5487.json"}},{"package":{"name":"pacemaker-libs-devel","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/pacemaker-libs-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.4-6.el8_3.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2020:5487.json"}},{"package":{"name":"pacemaker-nagios-plugins-metadata","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/pacemaker-nagios-plugins-metadata"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.4-6.el8_3.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2020:5487.json"}},{"package":{"name":"pacemaker-remote","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/pacemaker-remote"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.4-6.el8_3.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2020:5487.json"}}],"schema_version":"1.7.3"}