SCIENTIFIC-LINUX-DEVEL Archives

June 2018

SCIENTIFIC-LINUX-DEVEL@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: glusterfs security updates?
From:
Akemi Yagi <[log in to unmask]>
Reply To:
Akemi Yagi <[log in to unmask]>
Date:
Mon, 11 Jun 2018 15:21:00 -0700
Content-Type:
text/plain
Parts/Attachments:
text/plain (28 lines) 
On Mon, Jun 11, 2018 at 2:15 PM, Kraus, Dave (GE Healthcare)
<[log in to unmask]> wrote:
> We seem to be missing at least a couple glusterfs package updates in SL compared to TUV’s security update notification.
>
> From what I can tell, at least the last couple updates for 6 and 7 have not come through from SL for either the clients or the server sides:
>
> For CVE-2018-1088:
>    RHSA-2018:1136 (for SL7)
>    RHSA-2018:1137 (for SL6)
>
> For CVE-2018-1112
>    RHSA-2018:1268 (for SL6)
>    RHSA-2018:1269 (for SL7)
>
> Might want to take a look and see what's going on (or tell me why I'm mistaken, which is more likely...).

glusterfs-3.8.4-53.el7 is the latest version available through the
regular channel. The newer versions you referenced are available from
the RH channel "rh-gluster-3-client-for-rhel-7-server-rpms" but the
source code is not available through git.centos.org.

You can install and use a newer release of the glusterfs packages
maintained by the CentOS Storage SIG. The details are here:

https://wiki.centos.org/SpecialInterestGroup/Storage/gluster-Quickstart

Akemi

ATOM RSS1 RSS2