The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster.
Security Fix(es):
cryptography: cryptography Subgroup Attack Due to Missing Subgroup Validation for SECT Curves (CVE-2026-26007)
pyjwt: PyJWT accepts unknown crit header extensions (RFC 7515 ?4.1.11 MUST violation) (CVE-2026-32597)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
0:4.10.0-98.el9_7.12Exploitability
AV:NAC:LPR:NUI:NScope
S:UImpact
C:NI:HA:NCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N