Information on source package glusterfs

Available versions

ReleaseVersion
jessie3.5.2-2+deb8u3
jessie (security)3.5.2-2+deb8u5
stretch3.8.8-1
buster5.5-3
sid5.5-3

Open issues

BugjessiestretchbustersidDescription
CVE-2018-14661fixedvulnerablefixedfixedIt was found that usage of snprintf function in feature/locks translat ...
CVE-2018-14660fixedvulnerablefixedfixedA flaw was found in glusterfs server through versions 4.1.4 and 3.1.2 ...
CVE-2018-14659fixedvulnerablefixedfixedThe Gluster file system through versions 4.1.4 and 3.1.2 is vulnerable ...
CVE-2018-14654fixedvulnerablefixedfixedThe Gluster file system through version 4.1.4 is vulnerable to abuse o ...
CVE-2018-14653fixedvulnerablefixedfixedThe Gluster file system through versions 4.1.4 and 3.12 is vulnerable ...
CVE-2018-14652fixedvulnerablefixedfixedThe Gluster file system through versions 3.12 and 4.1.4 is vulnerable ...
CVE-2018-10930fixedvulnerablefixedfixedA flaw was found in RPC request using gfs3_rename_req in glusterfs ser ...
CVE-2018-10929fixedvulnerablefixedfixedA flaw was found in RPC request using gfs2_create_req in glusterfs ser ...
CVE-2018-10928fixedvulnerablefixedfixedA flaw was found in RPC request using gfs3_symlink_req in glusterfs se ...
CVE-2018-10927fixedvulnerablefixedfixedA flaw was found in RPC request using gfs3_lookup_req in glusterfs ser ...
CVE-2018-10926fixedvulnerablefixedfixedA flaw was found in RPC request using gfs3_mknod_req supported by glus ...
CVE-2018-10923fixedvulnerablefixedfixedIt was found that the "mknod" call derived from mknod(2) can create fi ...
CVE-2018-10914fixedvulnerablefixedfixedIt was found that an attacker could issue a xattr request via glusterf ...
CVE-2018-10913fixedvulnerablefixedfixedAn information disclosure vulnerability was discovered in glusterfs se ...
CVE-2018-10911fixedvulnerablefixedfixedA flaw was found in the way dic_unserialize function of glusterfs does ...
CVE-2018-10907fixedvulnerablefixedfixedIt was found that glusterfs server is vulnerable to multiple stack bas ...
CVE-2018-10904fixedvulnerablefixedfixedIt was found that glusterfs server does not properly sanitize file pat ...
CVE-2018-1088fixedvulnerablefixedfixedA privilege escalation flaw was found in gluster 3.x snapshot schedule ...
CVE-2018-10841fixedvulnerablefixedfixedglusterfs is vulnerable to privilege escalation on gluster server node ...

Resolved issues

BugDescription
CVE-2018-14651It was found that the fix for CVE-2018-10927, CVE-2018-10928, CVE-2018 ...
CVE-2018-1112glusterfs server before versions 3.10.12, 4.0.2 is vulnerable when usi ...
CVE-2018-10924It was discovered that fsync(2) system call in glusterfs client code l ...
CVE-2017-15096A flaw was found in GlusterFS in versions prior to 3.10. A null pointe ...
CVE-2015-1795Red Hat Gluster Storage RPM Package 3.2 allows local users to gain pri ...
CVE-2014-3619The __socket_proto_state_machine function in GlusterFS 3.5 allows remo ...
CVE-2012-5635The GlusterFS functionality in Red Hat Storage Management Console 2.0, ...
CVE-2012-4417GlusterFS 3.3.0, as used in Red Hat Storage server 2.0, allows local u ...

Security announcements

DSA / DLADescription
DLA-1565-1glusterfs - security update
DLA-1510-1glusterfs - security update

Search for package or bug name: Reporting problems