RLSA-2021:4142 --- pcsID: oval:org.secpod.oval:def:4501230 | Date: (C)2023-04-03 (M)2024-05-06 |
Class: PATCH | Family: unix |
The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. The following packages have been upgraded to a later upstream version: pcs . Security Fix: * jquery: Cross-site scripting via HTML tags containing whitespaces * jquery: Untrusted code execution via tag in HTML passed to DOM manipulation methods For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section.