[Git][security-tracker-team/security-tracker][master] glusterfs fixed
Moritz Muehlenhoff
jmm at debian.org
Thu Sep 20 14:34:03 BST 2018
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7e974154 by Moritz Muehlenhoff at 2018-09-20T13:33:35Z
glusterfs fixed
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -15828,20 +15828,20 @@ CVE-2018-10931 (It was found that cobbler 2.6.x exposed all functions from its .
- cobbler <removed>
NOTE: http://www.openwall.com/lists/oss-security/2018/08/09/9
CVE-2018-10930 (A flaw was found in RPC request using gfs3_rename_req in glusterfs ...)
- - glusterfs <unfixed> (bug #909215)
+ - glusterfs 4.1.4-1 (bug #909215)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1612664
NOTE: https://review.gluster.org/21068
CVE-2018-10929 (A flaw was found in RPC request using gfs2_create_req in glusterfs ...)
- - glusterfs <unfixed> (bug #909215)
+ - glusterfs 4.1.4-1 (bug #909215)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1612660
CVE-2018-10928 (A flaw was found in RPC request using gfs3_symlink_req in glusterfs ...)
- - glusterfs <unfixed> (bug #909215)
+ - glusterfs 4.1.4-1 (bug #909215)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1612659
CVE-2018-10927 (A flaw was found in RPC request using gfs3_lookup_req in glusterfs ...)
- - glusterfs <unfixed> (bug #909215)
+ - glusterfs 4.1.4-1 (bug #909215)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1612658
CVE-2018-10926 (A flaw was found in RPC request using gfs3_mknod_req supported by ...)
- - glusterfs <unfixed> (bug #909215)
+ - glusterfs 4.1.4-1 (bug #909215)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1613143
CVE-2018-10925 (It was discovered that PostgreSQL versions before 10.5, 9.6.10, ...)
{DSA-4269-1}
@@ -15861,7 +15861,7 @@ CVE-2018-10924 (It was discovered that fsync(2) system call in glusterfs client
NOTE: Introduced by: http://git.gluster.org/cgit/glusterfs.git/commit/?id=51dfc9c789b8405f595a337eade938aedcb449c4
NOTE: https://review.gluster.org/20723
CVE-2018-10923 (It was found that the "mknod" call derived from mknod(2) can create ...)
- - glusterfs <unfixed> (bug #909215)
+ - glusterfs 4.1.4-1 (bug #909215)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1610659
NOTE: https://review.gluster.org/21069
CVE-2018-10922 (An input validation flaw exists in ttembed. With a crafted input file, ...)
@@ -15900,17 +15900,17 @@ CVE-2018-10915 (A vulnerability was found in libpq, the default PostgreSQL clien
NOTE: Fixed in 9.3.24, 9.4.19, 9.5.14, 9.6.10, 10.5
NOTE: https://www.postgresql.org/about/news/1878/
CVE-2018-10914 (It was found that an attacker could issue a xattr request via ...)
- - glusterfs <unfixed> (bug #909215)
+ - glusterfs 4.1.4-1 (bug #909215)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1607617
NOTE: https://review.gluster.org/21071
CVE-2018-10913 (An information disclosure vulnerability was discovered in glusterfs ...)
- - glusterfs <unfixed> (bug #909215)
+ - glusterfs 4.1.4-1 (bug #909215)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1607618
NOTE: https://review.gluster.org/21071
CVE-2018-10912 (keycloak before version 4.0.0.final is vulnerable to a infinite loop ...)
NOT-FOR-US: Keycloak
CVE-2018-10911 (A flaw was found in the way dic_unserialize function of glusterfs does ...)
- - glusterfs <unfixed> (bug #909215)
+ - glusterfs 4.1.4-1 (bug #909215)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1601657
NOTE: https://review.gluster.org/21067
CVE-2018-10910 [ailure in disabling Bluetooth discoverability in certain cases may lead to the unauthorized pairing of Bluetooth devices]
@@ -15927,7 +15927,7 @@ CVE-2018-10909
CVE-2018-10908 (It was found that vdsm before version 4.20.37 invokes qemu-img on ...)
NOT-FOR-US: ovirt
CVE-2018-10907 (It was found that glusterfs server is vulnerable to multiple stack ...)
- - glusterfs <unfixed> (bug #909215)
+ - glusterfs 4.1.4-1 (bug #909215)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1601642
NOTE: https://review.gluster.org/21070
CVE-2018-10906 (In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is ...)
@@ -15939,7 +15939,7 @@ CVE-2018-10906 (In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount i
CVE-2018-10905 (CloudForms Management Engine (cfme) is vulnerable to an improper ...)
NOT-FOR-US: Red Hat CloudForms Management Engine
CVE-2018-10904 (It was found that glusterfs server does not properly sanitize file ...)
- - glusterfs <unfixed> (bug #909215)
+ - glusterfs 4.1.4-1 (bug #909215)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1601298
NOTE: https://review.gluster.org/21072
CVE-2018-10903 (A flaw was found in python-cryptography versions between >=1.9.0 and ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7e97415404fe978eeb723af3b79f66b2493720ba
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7e97415404fe978eeb723af3b79f66b2493720ba
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180920/2947c167/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list