SUSE-RU-2016:1268-1: moderate: Recommended update for pacemaker, sbd
sle-updates at lists.suse.com
sle-updates at lists.suse.com
Mon May 9 07:08:05 MDT 2016
SUSE Recommended Update: Recommended update for pacemaker, sbd
______________________________________________________________________________
Announcement ID: SUSE-RU-2016:1268-1
Rating: moderate
References: #905641 #929960 #934609 #936149 #938545 #940711
#940992 #942382 #942491 #946224 #946332 #947180
#947197 #949267 #949441 #950375 #950415 #950450
#950551 #951171 #953192 #956459 #961392 #962309
#964183 #967254 #967383 #967388 #967775 #967904
#971129
Affected Products:
SUSE Linux Enterprise High Availability Extension 11-SP4
SUSE Linux Enterprise Debuginfo 11-SP4
______________________________________________________________________________
An update that has 31 recommended fixes can now be
installed.
Description:
This update for the High Availability Extension 11 SP4 provides many fixes
and enhancements.
sbd:
- spec: Install sbd.sh (bsc#967904)
- pacemaker: Prevent potential segfault caused by use-of-NULL on checking
node state (bsc#950415)
pacemaker:
- pengine: Suppress assert if a stateful clone is not being
demoted/stopped (bsc#971129)
- PE: Correctly handle the ordering of demote actions for failed and
moving containers
- crmd,tools: Set attributes for remote nodes directly into cib if it's
legacy attrd (bsc#967775)
- libcib: Correctly determine the node type (bsc#967775)
- resources: match agents' default for globally_unique to pacemaker's
- crm_resource: Prevent segfault when --resource is not correctly supplied
for --restart command
- pacemaker_remote: Start and stop sbd in pacemaker_remote initscript
(bsc#967904)
- pacemaker_remote: Auto-export the init script variables read from the
config file
- remote: Simplify calls to accept() and inet_ntop() by using "struct
sockaddr_storage" (bsc#964183)
- remote: cl#5269 - Notify other clients of a new connection only if the
handshake has completed (bsc#967388)
- remote: Correctly display the IP address of the remote client
(bsc#964183)
- libservices: Add error handling for pipe() failed.
- libservices: Check resource agent is executable or not before pipe open.
- crmd: Prevent use-after-free when an unexpected remote client takes over
(bsc#964183)
- cib: Do not send notifications when the dryrun flag is present
- crm_shadow: fix broken --display command
- libcluster: crm_peer_uname() should return NULL if uuid is invalid
- crmd: Disconnect the relevant remote proxies as well when disconnecting
a remote node (bsc#964183)
- crmd: Prevent potential use-after-free (bsc#964183)
- liblrmd: Prevent potential use-after-free issues (bsc#964183)
- PE: Fix conditions for internal sanity check
- fencing: Correctly track active stonith actions (bsc#938545)
- fencing: Functionize adding and removing active pids of device
(bsc#938545)
- crm_shadow: Do not invoke shells with --noprofile option other than bash
(bsc#961392)
- lib/common: check return value of dlsym() and not dlerror()
- header == NULL when parsing compressed message
- fencing: Support concurrent fencing actions on each device (bsc#938545)
- pengine: Support concurrent fencing (bsc#938545)
- crmd: 0 is a valid fd makes coverity happy
- tools: crm_resource compile issue
- crm_resource --list-agents: don't print uninitialized memory
- fencing, libfencing: remap fence agent error codes before async callback
(bsc#962309)
- libcrmcommon: when caching attrd connection, cache connection flags as
well
- cts: Plugin-based cluster has its own PacemakerUp pattern
- stonithd: Trigger cib_devices_update in case of deletion of just an
attribute
- stonithd: Do not intermingle stdout & stderr coming from stonith-RAs
(bsc#962309)
- resources: allow for top output with or without percent sign in HealthCPU
- ping: Clarify the description of host_list parameter in ping metadata
(bsc#956459)
- cib: Do not terminate due to badly behaving clients
- pengine: Support of multiple-active=block for resource groups
(bsc#942491)
- fencing: crm_resource --show-metadata drops documentation strings for
fencing agents (bsc#950375)
- CTS: add "try except" to deal with errors that raw_input gets EOFError
and add "--yes" to skip interaction (bsc#953192)
- lrmd: Finalize all pending and recurring operations when cleaning up a
resource (bsc#950450)
- cib: Increased paranoia when peer updates fail to apply in compatability
mode (bsc#951171)
- libcommon: Ignore CDATA of metadata of the resource.
- cib: Downgrade the log message on forwarding CRM_OP_NOOP requests from
INFO to DEBUG (bsc#949267)
- fencing: Return a provider for the internal fencing agent "#watchdog"
instead of logging an error (bsc#949441)
- spec: Move the normal resource agents into pacemaker-cli package
(bsc#947197)
- spec: Move logrotate configuration file into pacemaker-cli package
(bsc#947197)
- spec: Move attrd_updater, crm_attribute and crm_master into
pacemaker-cli package (bsc#947197)
- spec: Move xml schema files and PCMK-MIB.txt into pacemaker-cli package
(bsc#947197)
- crmd: properly detect CIB update failures for remote nodes
- cibadmin: Prevent potential use-of-NULL in print_xml_output()
(bsc#947180)
- cibadmin: Default once again to LOG_CRIT
- Tools: Repair the logging of 'interesting' command-lines
- tools: improve error handling when modifying configuration
- tools: use floating-point division when converting ms to seconds
- crmd,libcrmcommon,libservices,tools: potential memory leaks
- crmd,fencing: avoid potential null dereference in string searches
- cib: Check if the configuration changes with cib_config_changed() only
for v1 diffs (bsc#946224)
- libcib: properly handle temporary file
- libcrmcommon: better validation of environment variable value
- crmd: avoid potential null dereference
- libcib: potential user input overflow
- remote: Revise a misleading message in the ocf:pacemaker:remote resource
agent (bsc#946332, bsc#967383)
- remote: Correctly display the usage of the ocf:pacemaker:remote resource
agent (bsc#946332, bsc#967383)
- libcib: find_nvpair_attr_delegate: check alloc failure
- pacemaker_remote: memory leak in ipc_proxy_dispatch()
- crmd: don't add node ID to proxied remote node requests for attrd
- Date: Correctly set time from seconds-since-epoch
- PE: Bug cl#5247 - Imply resources running on a container are stopped
when the container is stopped
- xml: Mark xml nodes as dirty if any children move (bsc#942382)
- pengine: The failed action of the resource that occurred in shutdown is
not displayed.
- crmd: Initialize an integer
- crmd: Resolve memory leak in remote_proxy_cb()
- ipc: Do not constantly increase suggested size for PCMK_ipc_buffer every
time we find it's insufficient (bsc#940992)
- log: Change the log of the noise to the trace log.
- tools: Update regression tests
- pengine: Ensure fencing of the DC precedes the STONITH_DONE operation
(bsc#938545)
- ipc: Fix output formats (bsc#940992)
- fencing: Remove unnecessary casts (bsc#940711)
- ipc: Correctly compare values for the size of ipc buffer and prevent
suggesting a negative value when it's insufficient (bsc#940992)
- xml: Reduce severity of noisy log message (bsc#950551)
- crm_resource: Correctly clean up failcounts for inactive anonymous clones
- crm: Set the attribute from remote node.
- stonithd: potential device list corruption
- xml: Prevent use-of-NULL in crm_xml_dump()
- crm_mon: Memory leaks
- pengine: properly handle blocked clone actions
- pengine: Correctly bypass fencing for resources that do not require it
- crmd: memory leaks in recurring operation history
- libcib,libfencing,tools: memory leaks from xmlGetNodePath()
- lrmd: memory leak when freeing command structure
- cts: change the stack from openais (white-tank) to corosync (plugin v0)
in set_stack of environment.py (bsc#936149)
- PE: Ignore comment blocks when unpacking the cib
- lrmd: prevent double free after unregistering stonith device for
monitoring
- pengine: allow guest remote nodes using containers/vms to be nested in a
group resource
- cib: Prevent use-after-free and return -EINVAL when attempting to delete
the whole "/cib" (bsc#934609)
- cib: Prevent use-after-free when invoking "cibadmin --delete-all
--xpath" (bsc#934609)
- fencing: properly decide whether a topology fencing device has been found
- fencing: properly sort peers by number of fencing devices found
- pengine: do not stop notify a fenced node that the rscs on the fenced
node stopped
- pengine: fixes segfault in pengine when fencing remote node
- remote: do not fail operations because of a migration
- pengine: cl#5235 - Prevent graph loops that can be introduced by
"load_stopped -> migrate_to" ordering
- PE: Exclude nodes which don't match any exclusive discovery rules
- lrmd: cancel currently pending STONITH op if stonithd connection is lost
- fencing: Correct the all_topology_devices_found() implementation
- lrmd: set recv timeout upper bound for tls connections
- crmd: handle resources named the same as cluster nodes
- PE: Skip unrunnable actions when one-or-more is in effect
- PE: Ensure recurring monitor operations are cancelled when clone
instances are de-allocated
- fencing: Allow semi-colon delimiter for pcmk_host_list
- Fencing: Gracefully handle invalid metadata from agents (bsc#950375)
- cts: Add back INITDIR variable
- pengine: cl#5130 - Only check the capacities of the nodes that are
allowed to run the resource (fate#313105)
- Tools: Repair expected output for ACLs
- Build: Prevent rpm packaging conflicts
- pengine: cl#5130 - Choose nodes capable of running all the colocated
utilization resources (fate#313105)
- crmd: don't update fail count twice for same failure (bsc#950450)
- crmd: report operation rc as advertised instead of status
- xml: Do not dump deleted attributes (bsc#929960)
- xml: cl#5231 - Unset the deleted attributes in the resulting diffs
(bsc#905641, bsc#967254)
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise High Availability Extension 11-SP4:
zypper in -t patch slehasp4-pacemaker-12543=1
- SUSE Linux Enterprise Debuginfo 11-SP4:
zypper in -t patch dbgsp4-pacemaker-12543=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise High Availability Extension 11-SP4 (i586 ia64 ppc64 s390x x86_64):
libpacemaker-devel-1.1.12-13.1
libpacemaker3-1.1.12-13.1
pacemaker-1.1.12-13.1
pacemaker-cli-1.1.12-13.1
pacemaker-remote-1.1.12-13.1
sbd-1.2.1-15.1
- SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64):
pacemaker-debuginfo-1.1.12-13.1
pacemaker-debugsource-1.1.12-13.1
sbd-debuginfo-1.2.1-15.1
sbd-debugsource-1.2.1-15.1
References:
https://bugzilla.suse.com/905641
https://bugzilla.suse.com/929960
https://bugzilla.suse.com/934609
https://bugzilla.suse.com/936149
https://bugzilla.suse.com/938545
https://bugzilla.suse.com/940711
https://bugzilla.suse.com/940992
https://bugzilla.suse.com/942382
https://bugzilla.suse.com/942491
https://bugzilla.suse.com/946224
https://bugzilla.suse.com/946332
https://bugzilla.suse.com/947180
https://bugzilla.suse.com/947197
https://bugzilla.suse.com/949267
https://bugzilla.suse.com/949441
https://bugzilla.suse.com/950375
https://bugzilla.suse.com/950415
https://bugzilla.suse.com/950450
https://bugzilla.suse.com/950551
https://bugzilla.suse.com/951171
https://bugzilla.suse.com/953192
https://bugzilla.suse.com/956459
https://bugzilla.suse.com/961392
https://bugzilla.suse.com/962309
https://bugzilla.suse.com/964183
https://bugzilla.suse.com/967254
https://bugzilla.suse.com/967383
https://bugzilla.suse.com/967388
https://bugzilla.suse.com/967775
https://bugzilla.suse.com/967904
https://bugzilla.suse.com/971129
More information about the sle-updates
mailing list