{"schema_version":"1.7.2","id":"OESA-2025-1712","modified":"2025-07-04T14:42:39Z","published":"2025-07-04T14:42:39Z","upstream":["CVE-2024-47081"],"summary":"resource-agents security update","details":"Resource agent is a standardized interface for a cluster resource. In translates a standard set of operations into steps specific to the resource or application, and interprets their results as success or failure.\r\n\r\nSecurity Fix(es):\n\nRequests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on one\u0026apos;s Requests Session.(CVE-2024-47081)","affected":[{"package":{"ecosystem":"openEuler:20.03-LTS-SP4","name":"resource-agents","purl":"pkg:rpm/openEuler/resource-agents\u0026distro=openEuler-20.03-LTS-SP4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.2.0-4.oe2003sp4"}]}],"ecosystem_specific":{"aarch64":["ldirectord-4.2.0-4.oe2003sp4.aarch64.rpm","resource-agents-4.2.0-4.oe2003sp4.aarch64.rpm","resource-agents-debuginfo-4.2.0-4.oe2003sp4.aarch64.rpm","resource-agents-debugsource-4.2.0-4.oe2003sp4.aarch64.rpm","resource-agents-help-4.2.0-4.oe2003sp4.aarch64.rpm"],"src":["resource-agents-4.2.0-4.oe2003sp4.src.rpm"],"x86_64":["ldirectord-4.2.0-4.oe2003sp4.x86_64.rpm","resource-agents-4.2.0-4.oe2003sp4.x86_64.rpm","resource-agents-debuginfo-4.2.0-4.oe2003sp4.x86_64.rpm","resource-agents-debugsource-4.2.0-4.oe2003sp4.x86_64.rpm","resource-agents-help-4.2.0-4.oe2003sp4.x86_64.rpm"]}}],"references":[{"type":"ADVISORY","url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1712"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47081"}],"database_specific":{"severity":"Medium"}}