Summary: | <sys-cluster/glusterfs-4.1.8: access trusted peer group via remote-host command (CVE-2018-10841) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Florian Schuhmacher <mynt1aa> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | cluster |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://review.gluster.org/#/c/20328/ | ||
Whiteboard: | B1 [glsa+ cve] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 670088 | ||
Bug Blocks: |
Description
Florian Schuhmacher
2018-06-20 19:49:04 UTC
Upstream patch: http://git.gluster.org/cgit/glusterfs.git/commit/?id=e8d928e34680079e42be6947ffacc4ddd7defca2 Maintainers, please confirm. https://review.gluster.org/#/c/glusterfs/+/20328/ Upstream released 4.1.8... 22 hours ago and the patch is in that release. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7ad0e566365b914c27b06a36e7a26209c957511c commit 7ad0e566365b914c27b06a36e7a26209c957511c Author: Aaron Bauman <bman@gentoo.org> AuthorDate: 2019-03-28 20:40:20 +0000 Commit: Aaron Bauman <bman@gentoo.org> CommitDate: 2019-03-28 20:43:19 +0000 sys-cluster/glusterfs: bup to fix outstanding security issues * This bump addresses multiple CVEs that have been fixed upstream Bug: https://bugs.gentoo.org/658606 Bug: https://bugs.gentoo.org/664336 Bug: https://bugs.gentoo.org/670088 Signed-off-by: Aaron Bauman <bman@gentoo.org> sys-cluster/glusterfs/Manifest | 1 + sys-cluster/glusterfs/glusterfs-4.1.8.ebuild | 226 +++++++++++++++++++++++++++ 2 files changed, 227 insertions(+) This issue was resolved and addressed in GLSA 201904-06 at https://security.gentoo.org/glsa/201904-06 by GLSA coordinator Aaron Bauman (b-man). |