Affected Products: SUSE Package Hub for SUSE Linux Enterprise 12 ______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for keepalived to version 2.0.10 fixes the following issues:
Security issues fixed (bsc#1015141):
- CVE-2018-19044: Fixed a check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats - CVE-2018-19045: Fixed mode when creating new temporary files upon a call to PrintData or PrintStats - CVE-2018-19046: Fixed a check for existing plain files when writing data to a temporary file upon a call to PrintData or PrintStats
Non-security issues fixed:
- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468) - Use getaddrinfo instead of gethostbyname to workaround glibc gethostbyname function buffer overflow (bsc#949238)