Synopsis: Moderate: glusterfs security, bug fix, and
Advisory ID: SLSA-2018:2892-1
Issue Date: 2018-10-09
CVE Numbers: CVE-2018-10911
--
The glusterfs packages have been upgraded to upstream version 3.12.2,
which provides a number of bug fixes over the previous version.
Security Fix(es):
* glusterfs: Improper deserialization in dict.c:dict_unserialize() can
allow attackers to read arbitrary memory (CVE-2018-10911)
--
SL6
x86_64
glusterfs-3.12.2-18.el6.x86_64.rpm
glusterfs-api-3.12.2-18.el6.x86_64.rpm
glusterfs-client-xlators-3.12.2-18.el6.x86_64.rpm
glusterfs-debuginfo-3.12.2-18.el6.x86_64.rpm
glusterfs-fuse-3.12.2-18.el6.x86_64.rpm
glusterfs-libs-3.12.2-18.el6.x86_64.rpm
glusterfs-api-devel-3.12.2-18.el6.x86_64.rpm
glusterfs-cli-3.12.2-18.el6.x86_64.rpm
glusterfs-devel-3.12.2-18.el6.x86_64.rpm
glusterfs-rdma-3.12.2-18.el6.x86_64.rpm
- Scientific Linux Development Team