[Git][security-tracker-team/security-tracker][master] Add new glusterfs issues

Salvatore Bonaccorso carnil at debian.org
Wed Oct 31 16:46:18 GMT 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5da734dd by Salvatore Bonaccorso at 2018-10-31T16:45:56Z
Add new glusterfs issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -10260,10 +10260,19 @@ CVE-2018-14662
 	RESERVED
 CVE-2018-14661
 	RESERVED
+	- glusterfs <unfixed>
+	NOTE: https://www.openwall.com/lists/oss-security/2018/10/31/5
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1636880
 CVE-2018-14660
 	RESERVED
+	- glusterfs <unfixed>
+	NOTE: https://www.openwall.com/lists/oss-security/2018/10/31/5
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1635926
 CVE-2018-14659
 	RESERVED
+	- glusterfs <unfixed>
+	NOTE: https://www.openwall.com/lists/oss-security/2018/10/31/5
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1635929
 CVE-2018-14658
 	RESERVED
 CVE-2018-14657
@@ -10277,12 +10286,25 @@ CVE-2018-14655
 	RESERVED
 CVE-2018-14654
 	RESERVED
+	- glusterfs <unfixed>
+	NOTE: https://www.openwall.com/lists/oss-security/2018/10/31/5
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1631576
 CVE-2018-14653
 	RESERVED
+	- glusterfs <unfixed>
+	NOTE: https://www.openwall.com/lists/oss-security/2018/10/31/5
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1633431
 CVE-2018-14652
 	RESERVED
+	- glusterfs <unfixed>
+	NOTE: https://www.openwall.com/lists/oss-security/2018/10/31/5
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1632974
 CVE-2018-14651
 	RESERVED
+	- glusterfs <unfixed>
+	[stretch] - glusterfs <not-affected> (Incomplete fixes for CVE-2018-109{26,27,28,29,30} not applied)
+	NOTE: https://www.openwall.com/lists/oss-security/2018/10/31/5
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1632557
 CVE-2018-14650 (It was discovered that sos-collector does not properly set the default ...)
 	NOT-FOR-US: sos-collector (not same as sosreport itself, additional tool to sosreport)
 CVE-2018-14649 (It was found that ceph-isci-cli package as shipped by Red Hat Ceph ...)
@@ -20110,26 +20132,31 @@ CVE-2018-10930 (A flaw was found in RPC request using gfs3_rename_req in gluster
 	- glusterfs 4.1.4-1 (bug #909215)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1612664
 	NOTE: https://github.com/gluster/glusterfs/commit/9ae986f18c0f251cba6bbc23eae2150a8ce0417e
+	NOTE: When fixing this issue make sure to be complete an not open CVE-2018-14651
 CVE-2018-10929 (A flaw was found in RPC request using gfs2_create_req in glusterfs ...)
 	{DLA-1510-1}
 	- glusterfs 4.1.4-1 (bug #909215)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1612660
 	NOTE: https://github.com/gluster/glusterfs/commit/9ae986f18c0f251cba6bbc23eae2150a8ce0417e
+	NOTE: When fixing this issue make sure to be complete an not open CVE-2018-14651
 CVE-2018-10928 (A flaw was found in RPC request using gfs3_symlink_req in glusterfs ...)
 	{DLA-1510-1}
 	- glusterfs 4.1.4-1 (bug #909215)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1612659
 	NOTE: https://github.com/gluster/glusterfs/commit/9ae986f18c0f251cba6bbc23eae2150a8ce0417e
+	NOTE: When fixing this issue make sure to be complete an not open CVE-2018-14651
 CVE-2018-10927 (A flaw was found in RPC request using gfs3_lookup_req in glusterfs ...)
 	{DLA-1510-1}
 	- glusterfs 4.1.4-1 (bug #909215)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1612658
 	NOTE: https://github.com/gluster/glusterfs/commit/9ae986f18c0f251cba6bbc23eae2150a8ce0417e
+	NOTE: When fixing this issue make sure to be complete an not open CVE-2018-14651
 CVE-2018-10926 (A flaw was found in RPC request using gfs3_mknod_req supported by ...)
 	{DLA-1510-1}
 	- glusterfs 4.1.4-1 (bug #909215)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1613143
 	NOTE: https://github.com/gluster/glusterfs/commit/9ae986f18c0f251cba6bbc23eae2150a8ce0417e
+	NOTE: When fixing this issue make sure to be complete an not open CVE-2018-14651
 CVE-2018-10925 (It was discovered that PostgreSQL versions before 10.5, 9.6.10, ...)
 	{DSA-4269-1}
 	- postgresql-10 10.5-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5da734dd292402eefe1ec91c762bed1706bfc1aa

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5da734dd292402eefe1ec91c762bed1706bfc1aa
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181031/464c00ac/attachment.html>

More information about the debian-security-tracker-commits mailing list