SCIENTIFIC-LINUX-ERRATA Archives

October 2018

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV

Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
From:
Scott Reid <[log in to unmask]>
Reply To:
Date:
Wed, 10 Oct 2018 17:36:02 -0000
Content-Type:
text/plain
Parts/Attachments:
text/plain (30 lines)
Synopsis:          Moderate: glusterfs security, bug fix, and 
Advisory ID:       SLSA-2018:2892-1
Issue Date:        2018-10-09
CVE Numbers:       CVE-2018-10911
--

The glusterfs packages have been upgraded to upstream version 3.12.2,
which provides a number of bug fixes over the previous version.

Security Fix(es):

* glusterfs: Improper deserialization in dict.c:dict_unserialize() can
allow attackers to read arbitrary memory (CVE-2018-10911)
--

SL6
  x86_64
    glusterfs-3.12.2-18.el6.x86_64.rpm
    glusterfs-api-3.12.2-18.el6.x86_64.rpm
    glusterfs-client-xlators-3.12.2-18.el6.x86_64.rpm
    glusterfs-debuginfo-3.12.2-18.el6.x86_64.rpm
    glusterfs-fuse-3.12.2-18.el6.x86_64.rpm
    glusterfs-libs-3.12.2-18.el6.x86_64.rpm
    glusterfs-api-devel-3.12.2-18.el6.x86_64.rpm
    glusterfs-cli-3.12.2-18.el6.x86_64.rpm
    glusterfs-devel-3.12.2-18.el6.x86_64.rpm
    glusterfs-rdma-3.12.2-18.el6.x86_64.rpm

- Scientific Linux Development Team

ATOM RSS1 RSS2