[Git][security-tracker-team/security-tracker][master] more gluster commits

[Moritz Muehlenhoff]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
546579d0 by Moritz Muehlenhoff at 2018-09-20T14:23:46Z
more gluster commits

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15868,7 +15868,7 @@ CVE-2018-10924 (It was discovered that fsync(2) system call in glusterfs client
 CVE-2018-10923 (It was found that the "mknod" call derived from mknod(2) can create ...)
 	- glusterfs 4.1.4-1 (bug #909215)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1610659
-	NOTE: https://review.gluster.org/21069
+	NOTE: https://github.com/gluster/glusterfs/commit/4bafcc97e812acc854dfc436ade35df0308d5a3e
 CVE-2018-10922 (An input validation flaw exists in ttembed. With a crafted input file, ...)
 	NOT-FOR-US: ttembed
 CVE-2018-10921 (Certain input files may trigger an integer overflow in ttembed input ...)
@@ -15907,17 +15907,17 @@ CVE-2018-10915 (A vulnerability was found in libpq, the default PostgreSQL clien
 CVE-2018-10914 (It was found that an attacker could issue a xattr request via ...)
 	- glusterfs 4.1.4-1 (bug #909215)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1607617
-	NOTE: https://review.gluster.org/21071
+	NOTE: https://github.com/gluster/glusterfs/commit/13298d2b3893edb5d147ea3bcb9902ee5be4b3ad
 CVE-2018-10913 (An information disclosure vulnerability was discovered in glusterfs ...)
 	- glusterfs 4.1.4-1 (bug #909215)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1607618
-	NOTE: https://review.gluster.org/21071
+	NOTE: https://github.com/gluster/glusterfs/commit/13298d2b3893edb5d147ea3bcb9902ee5be4b3ad
 CVE-2018-10912 (keycloak before version 4.0.0.final is vulnerable to a infinite loop ...)
 	NOT-FOR-US: Keycloak
 CVE-2018-10911 (A flaw was found in the way dic_unserialize function of glusterfs does ...)
 	- glusterfs 4.1.4-1 (bug #909215)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1601657
-	NOTE: https://review.gluster.org/21067
+	NOTE: https://github.com/gluster/glusterfs/commit/cc3271ebf3aacdbbc77fdd527375af78ab12ea8d
 CVE-2018-10910 [ailure in disabling Bluetooth discoverability in certain cases may lead to the unauthorized pairing of Bluetooth devices]
 	RESERVED
 	- bluez <unfixed>



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/546579d06499ad0a046aba2bcbddd9454a59a7d9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/546579d06499ad0a046aba2bcbddd9454a59a7d9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180920/8c0f9514/attachment.html>