Information on source package glusterfs

Available versions

ReleaseVersion
stretch3.8.8-1
buster5.5-3
bullseye9.2-1
bookworm9.4-1
sid9.4-2

Open issues

BugstretchbusterbullseyebookwormsidDescription
CVE-2018-14661vulnerable (no DSA)fixedfixedfixedfixedIt was found that usage of snprintf function in feature/locks translat ...
CVE-2018-14660vulnerable (no DSA)fixedfixedfixedfixedA flaw was found in glusterfs server through versions 4.1.4 and 3.1.2 ...
CVE-2018-14659vulnerable (no DSA)fixedfixedfixedfixedThe Gluster file system through versions 4.1.4 and 3.1.2 is vulnerable ...
CVE-2018-14654vulnerable (no DSA)fixedfixedfixedfixedThe Gluster file system through version 4.1.4 is vulnerable to abuse o ...
CVE-2018-14653vulnerable (no DSA)fixedfixedfixedfixedThe Gluster file system through versions 4.1.4 and 3.12 is vulnerable ...
CVE-2018-14652vulnerable (no DSA)fixedfixedfixedfixedThe Gluster file system through versions 3.12 and 4.1.4 is vulnerable ...
CVE-2018-10930vulnerable (no DSA)fixedfixedfixedfixedA flaw was found in RPC request using gfs3_rename_req in glusterfs ser ...
CVE-2018-10929vulnerable (no DSA)fixedfixedfixedfixedA flaw was found in RPC request using gfs2_create_req in glusterfs ser ...
CVE-2018-10928vulnerable (no DSA)fixedfixedfixedfixedA flaw was found in RPC request using gfs3_symlink_req in glusterfs se ...
CVE-2018-10927vulnerable (no DSA)fixedfixedfixedfixedA flaw was found in RPC request using gfs3_lookup_req in glusterfs ser ...
CVE-2018-10926vulnerable (no DSA)fixedfixedfixedfixedA flaw was found in RPC request using gfs3_mknod_req supported by glus ...
CVE-2018-10923vulnerable (no DSA)fixedfixedfixedfixedIt was found that the "mknod" call derived from mknod(2) can create fi ...
CVE-2018-10914vulnerable (no DSA)fixedfixedfixedfixedIt was found that an attacker could issue a xattr request via glusterf ...
CVE-2018-10913vulnerable (no DSA)fixedfixedfixedfixedAn information disclosure vulnerability was discovered in glusterfs se ...
CVE-2018-10911vulnerable (no DSA)fixedfixedfixedfixedA flaw was found in the way dic_unserialize function of glusterfs does ...
CVE-2018-10907vulnerable (no DSA)fixedfixedfixedfixedIt was found that glusterfs server is vulnerable to multiple stack bas ...
CVE-2018-10904vulnerable (no DSA)fixedfixedfixedfixedIt was found that glusterfs server does not properly sanitize file pat ...
CVE-2018-10841vulnerable (no DSA)fixedfixedfixedfixedglusterfs is vulnerable to privilege escalation on gluster server node ...
CVE-2018-1088vulnerable (no DSA)fixedfixedfixedfixedA privilege escalation flaw was found in gluster 3.x snapshot schedule ...

Resolved issues

BugDescription
CVE-2018-14651It was found that the fix for CVE-2018-10927, CVE-2018-10928, CVE-2018 ...
CVE-2018-10924It was discovered that fsync(2) system call in glusterfs client code l ...
CVE-2018-1112glusterfs server before versions 3.10.12, 4.0.2 is vulnerable when usi ...
CVE-2017-15096A flaw was found in GlusterFS in versions prior to 3.10. A null pointe ...
CVE-2015-1795Red Hat Gluster Storage RPM Package 3.2 allows local users to gain pri ...
CVE-2014-3619The __socket_proto_state_machine function in GlusterFS 3.5 allows remo ...
CVE-2012-5635The GlusterFS functionality in Red Hat Storage Management Console 2.0, ...
CVE-2012-4417GlusterFS 3.3.0, as used in Red Hat Storage server 2.0, allows local u ...

Security announcements

DSA / DLADescription
DLA-1565-1glusterfs - security update
DLA-1510-1glusterfs - security update

Search for package or bug name: Reporting problems