[Git][security-tracker-team/security-tracker][master] CVE-2018-10841,glusterfs: Jessie is not affected.
Markus Koschany
apo at debian.org
Thu Jun 21 17:23:59 BST 2018
Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits:
bd080a28 by Markus Koschany at 2018-06-21T18:17:20+02:00
CVE-2018-10841,glusterfs: Jessie is not affected.
There is no option to check for management encryption in glusterd thus the
vulnerable code is not present.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -4405,6 +4405,7 @@ CVE-2018-10842
NOT-FOR-US: Keycloak
CVE-2018-10841 (glusterfs is vulnerable to privilege escalation on gluster server ...)
- glusterfs <unfixed> (bug #901968)
+ [jessie] - glusterfs <not-affected> (vulnerable code not present)
NOTE: https://review.gluster.org/#/c/20328/
NOTE: http://git.gluster.org/cgit/glusterfs.git/commit/?id=e8d928e34680079e42be6947ffacc4ddd7defca2
CVE-2018-10840 [ext4: correctly handle a zero-length xattr with a non-zero e_value_offs]
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bd080a2834fc3daafdc2a6ced5d22e56629d782e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bd080a2834fc3daafdc2a6ced5d22e56629d782e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180621/24d91eaa/attachment.html>
More information about the debian-security-tracker-commits
mailing list