[Git][security-tracker-team/security-tracker][master] CVE-2018-1088,glusterfs: Wheezy is not affected
Markus Koschany
apo at debian.org
Mon May 14 21:34:55 BST 2018
Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6d68f422 by Markus Koschany at 2018-05-14T22:32:47+02:00
CVE-2018-1088,glusterfs: Wheezy is not affected
The glusterfs_shared_storage option was added in 2015 which was after the
release of Debian's version of glusterfs in Wheezy. The vulnerable code to
create and mount a shared volume is not present.
https://github.com/gluster/glusterfs/commit/402589f58cbb350dfedafa83e133664855ed37b2#diff-21659a7d9d296e24dbc868d98ef7a234
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -27150,6 +27150,7 @@ CVE-2018-1089 (389-ds-base before versions 1.4.0.9, 1.3.8.1, 1.3.6.15 did not ..
NOTE: http://www.openwall.com/lists/oss-security/2018/05/07/2
CVE-2018-1088 (A privilege escalation flaw was found in gluster 3.x snapshot ...)
- glusterfs 4.0.2-1 (bug #896128)
+ [wheezy] - glusterfs <not-affected> (vulnerable code not present)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1558721
NOTE: https://review.gluster.org/#/c/19899/
NOTE: https://review.gluster.org/#/c/19898/
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6d68f422a162bdb44fa52e05c74c6b543d587909
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6d68f422a162bdb44fa52e05c74c6b543d587909
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180514/9510d630/attachment.html>
More information about the debian-security-tracker-commits
mailing list