Information on source package glusterfs

Available versions

ReleaseVersion
jessie3.5.2-2+deb8u3
jessie (security)3.5.2-2+deb8u5
stretch3.8.8-1
buster5.1-2
sid5.1-2

Open issues

BugjessiestretchbustersidDescription
CVE-2018-14661fixedvulnerablefixedfixedIt was found that usage of snprintf function in feature/locks ...
CVE-2018-14660fixedvulnerablefixedfixedA flaw was found in glusterfs server through versions 4.1.4 and 3.1.2 ...
CVE-2018-14659fixedvulnerablefixedfixedThe Gluster file system through versions 4.1.4 and 3.1.2 is vulnerable ...
CVE-2018-14654fixedvulnerablefixedfixedThe Gluster file system through version 4.1.4 is vulnerable to abuse ...
CVE-2018-14653fixedvulnerablefixedfixedThe Gluster file system through versions 4.1.4 and 3.12 is vulnerable ...
CVE-2018-14652fixedvulnerablefixedfixedThe Gluster file system through versions 3.12 and 4.1.4 is vulnerable ...
CVE-2018-10930fixedvulnerablefixedfixedA flaw was found in RPC request using gfs3_rename_req in glusterfs ...
CVE-2018-10929fixedvulnerablefixedfixedA flaw was found in RPC request using gfs2_create_req in glusterfs ...
CVE-2018-10928fixedvulnerablefixedfixedA flaw was found in RPC request using gfs3_symlink_req in glusterfs ...
CVE-2018-10927fixedvulnerablefixedfixedA flaw was found in RPC request using gfs3_lookup_req in glusterfs ...
CVE-2018-10926fixedvulnerablefixedfixedA flaw was found in RPC request using gfs3_mknod_req supported by ...
CVE-2018-10923fixedvulnerablefixedfixedIt was found that the "mknod" call derived from mknod(2) can create ...
CVE-2018-10914fixedvulnerablefixedfixedIt was found that an attacker could issue a xattr request via ...
CVE-2018-10913fixedvulnerablefixedfixedAn information disclosure vulnerability was discovered in glusterfs ...
CVE-2018-10911fixedvulnerablefixedfixedA flaw was found in the way dic_unserialize function of glusterfs does ...
CVE-2018-10907fixedvulnerablefixedfixedIt was found that glusterfs server is vulnerable to multiple stack ...
CVE-2018-10904fixedvulnerablefixedfixedIt was found that glusterfs server does not properly sanitize file ...
CVE-2018-1088fixedvulnerablefixedfixedA privilege escalation flaw was found in gluster 3.x snapshot ...
CVE-2018-10841fixedvulnerablefixedfixedglusterfs is vulnerable to privilege escalation on gluster server ...

Resolved issues

BugDescription
CVE-2018-14651It was found that the fix for CVE-2018-10927, CVE-2018-10928, ...
CVE-2018-1112glusterfs server before versions 3.10.12, 4.0.2 is vulnerable when ...
CVE-2018-10924It was discovered that fsync(2) system call in glusterfs client code ...
CVE-2017-15096A flaw was found in GlusterFS in versions prior to 3.10. A null ...
CVE-2015-1795Red Hat Gluster Storage RPM Package 3.2 allows local users to gain ...
CVE-2014-3619The __socket_proto_state_machine function in GlusterFS 3.5 allows ...
CVE-2012-5635The GlusterFS functionality in Red Hat Storage Management Console 2.0, ...
CVE-2012-4417GlusterFS 3.3.0, as used in Red Hat Storage server 2.0, allows local ...

Security announcements

DSA / DLADescription
DLA-1565-1glusterfs - security update
DLA-1510-1glusterfs - security update

Search for package or bug name: Reporting problems