[ClusterLabs] Pacemaker 2.0.2 final release now available
Ken Gaillot
kgaillot at redhat.com
Thu Jun 6 13:09:00 EDT 2019
On Thu, 2019-06-06 at 10:12 -0500, Ken Gaillot wrote:
>
While I appreciate brevity, this was my e-mail client eating a draft.
:-/
Source code for the Pacemaker 2.0.2 and 1.1.21 releases is now
available:
https://github.com/ClusterLabs/pacemaker/releases/tag/Pacemaker-2.0.2
https://github.com/ClusterLabs/pacemaker/releases/tag/Pacemaker-1.1.21
This is primarily a security and bug fix release, with stricter two-way
authentication of inter-process communication. The most significant
issue this fixes is a privilege escalation vulnerability allowing an
attacker with login access on a node to use an impostor pacemaker
subdaemon to gain root privileges if pacemaker is started after the
impostor.
The 2.0.2 release also has a few small features:
* crm_resource --validate can now be run using resource parameters from
the command line rather than the CIB, so configurations can be tested
before trying to add them
* crm_resource --clear now prints out any cleared constraints, so you
know when it did something
* A new HealthIOWait resource agent is available for tracking node
health based on CPU I/O wait
* A couple of experimental features discussed earlier on this list: a
new tool crm_rule can check for rule expiration, and stonith_admin now
supports XML output for easier machine parsing.
For more details about changes in this release, please see the change
logs:
https://github.com/ClusterLabs/pacemaker/blob/Pacemaker-2.0.2/ChangeLog
https://github.com/ClusterLabs/pacemaker/blob/Pacemaker-1.1.21/ChangeLog
Many thanks to all contributors of source code to this release,
including Chris Lumens, Gao,Yan, Jan Pokorný, Jehan-Guillaume de
Rorthais, Ken Gaillot, Klaus Wenninger, and Maciej Sobkowiak.
--
Ken Gaillot <kgaillot at redhat.com>
More information about the Users
mailing list