[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Wheezy update of pacemaker?

Thorsten Alteholz <debian@alteholz.de> writes:

> the Debian LTS team would like to fix the security issues which are
> currently open in the Wheezy version of pacemaker:
> https://security-tracker.debian.org/tracker/CVE-2016-7797


I don't see how this affects 1.1.7 (the wheezy version of Pacemaker).
The linked bug report describes a DoS against remote nodes, but remote
nodes were introduced in 1.1.10 only, by 1debe12.  The code fixed by the
linked commit (5ec24a26) was introduced even later, in 1.1.12, by

Reply to: