[Git][security-tracker-team/security-tracker][master] Track fixes via unstable in 5.1-1 for glusterfs issues

Salvatore Bonaccorso carnil at debian.org
Thu Nov 15 19:41:36 GMT 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
220bf0a8 by Salvatore Bonaccorso at 2018-11-15T19:40:01Z
Track fixes via unstable in 5.1-1 for glusterfs issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11635,13 +11635,13 @@ CVE-2018-14662
 	RESERVED
 CVE-2018-14661 (It was found that usage of snprintf function in feature/locks ...)
 	{DLA-1565-1}
-	- glusterfs <unfixed> (bug #912997)
+	- glusterfs 5.1-1 (bug #912997)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/10/31/5
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1636880
 	NOTE: https://review.gluster.org/#/c/glusterfs/+/21532/
 	NOTE: http://git.gluster.org/cgit/glusterfs.git/commit/?id=74dbf0a9aac4b960832029ec122685b5b5009127
 CVE-2018-14660 (A flaw was found in glusterfs server through versions 4.1.4 and 3.1.2 ...)
-	- glusterfs <unfixed> (bug #912997)
+	- glusterfs 5.1-1 (bug #912997)
 	[jessie] - glusterfs <not-affected> (vulnerable code not present)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/10/31/5
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1635926
@@ -11649,7 +11649,7 @@ CVE-2018-14660 (A flaw was found in glusterfs server through versions 4.1.4 and
 	NOTE: http://git.gluster.org/cgit/glusterfs.git/commit/?id=c2c70552188ee1b15bb748b4f2272062505c7696
 CVE-2018-14659 (The Gluster file system through versions 4.1.4 and 3.1.2 is vulnerable ...)
 	{DLA-1565-1}
-	- glusterfs <unfixed> (bug #912997)
+	- glusterfs 5.1-1 (bug #912997)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/10/31/5
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1635929
 	NOTE: https://review.gluster.org/#/c/glusterfs/+/21530/
@@ -11666,7 +11666,7 @@ CVE-2018-14656 (A missing address check in the callers of the show_opcodes() in
 CVE-2018-14655 (A flaw was found in Keycloak 3.4.3.Final, 4.0.0.Beta2, 4.3.0.Final. ...)
 	NOT-FOR-US: Keycloak
 CVE-2018-14654 (The Gluster file system through version 4.1.4 is vulnerable to abuse ...)
-	- glusterfs <unfixed> (bug #912997)
+	- glusterfs 5.1-1 (bug #912997)
 	[jessie] - glusterfs <not-affected> (vulnerable code not present)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/10/31/5
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1631576
@@ -11675,7 +11675,7 @@ CVE-2018-14654 (The Gluster file system through version 4.1.4 is vulnerable to a
 	NOTE: http://git.gluster.org/cgit/glusterfs.git/commit/?id=dc775c4ae052d1e9d0f61ace3be999f73f0ffa23 (release-5)
 CVE-2018-14653 (The Gluster file system through versions 4.1.4 and 3.12 is vulnerable ...)
 	{DLA-1565-1}
-	- glusterfs <unfixed> (bug #912997)
+	- glusterfs 5.1-1 (bug #912997)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/10/31/5
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1633431
 	NOTE: https://review.gluster.org/#/c/glusterfs/+/21528/
@@ -11691,7 +11691,7 @@ CVE-2018-14652 (The Gluster file system through versions 3.12 and 4.1.4 is vulne
 	NOTE: http://git.gluster.org/cgit/glusterfs.git/commit/?id=e2c195712a9ecbda4fa02f5308138a1257a2558a
 CVE-2018-14651 (It was found that the fix for CVE-2018-10927, CVE-2018-10928, ...)
 	{DLA-1565-1}
-	- glusterfs <unfixed> (bug #912997)
+	- glusterfs 5.1-1 (bug #912997)
 	[stretch] - glusterfs <not-affected> (Incomplete fixes for CVE-2018-109{26,27,28,29,30} not applied)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/10/31/5
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1632557



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/220bf0a836fa497aa443628807f0992d6c1b6e49

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/220bf0a836fa497aa443628807f0992d6c1b6e49
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181115/0cacfc4b/attachment.html>

More information about the debian-security-tracker-commits mailing list