{"id":"OESA-2025-1828","summary":"resource-agents security update","details":"Resource agent is a standardized interface for a cluster resource. In translates a standard set of operations into steps specific to the resource or application, and interprets their results as success or failure.\r\n\r\nSecurity Fix(es):\n\nRequests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on one&apos;s Requests Session.(CVE-2024-47081)","modified":"2025-09-03T06:31:14.273772Z","published":"2025-07-11T12:31:11Z","upstream":["CVE-2024-47081"],"database_specific":{"severity":"Medium"},"references":[{"type":"ADVISORY","url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1828"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47081"}],"affected":[{"package":{"name":"resource-agents","ecosystem":"openEuler:24.03-LTS-SP2","purl":"pkg:rpm/openEuler/resource-agents&distro=openEuler-24.03-LTS-SP2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.1-2.oe2403sp2"}]}],"ecosystem_specific":{"aarch64":["ldirectord-4.15.1-2.oe2403sp2.aarch64.rpm","resource-agents-4.15.1-2.oe2403sp2.aarch64.rpm","resource-agents-debuginfo-4.15.1-2.oe2403sp2.aarch64.rpm","resource-agents-debugsource-4.15.1-2.oe2403sp2.aarch64.rpm","resource-agents-help-4.15.1-2.oe2403sp2.aarch64.rpm"],"x86_64":["ldirectord-4.15.1-2.oe2403sp2.x86_64.rpm","resource-agents-4.15.1-2.oe2403sp2.x86_64.rpm","resource-agents-debuginfo-4.15.1-2.oe2403sp2.x86_64.rpm","resource-agents-debugsource-4.15.1-2.oe2403sp2.x86_64.rpm","resource-agents-help-4.15.1-2.oe2403sp2.x86_64.rpm"],"src":["resource-agents-4.15.1-2.oe2403sp2.src.rpm"]},"database_specific":{"source":"https://repo.openeuler.org/security/data/osv/OESA-2025-1828.json"}}],"schema_version":"1.7.3"}