On Mon, Jun 11, 2018 at 2:15 PM, Kraus, Dave (GE Healthcare) <[log in to unmask]> wrote: > We seem to be missing at least a couple glusterfs package updates in SL compared to TUV’s security update notification. > > From what I can tell, at least the last couple updates for 6 and 7 have not come through from SL for either the clients or the server sides: > > For CVE-2018-1088: > RHSA-2018:1136 (for SL7) > RHSA-2018:1137 (for SL6) > > For CVE-2018-1112 > RHSA-2018:1268 (for SL6) > RHSA-2018:1269 (for SL7) > > Might want to take a look and see what's going on (or tell me why I'm mistaken, which is more likely...). glusterfs-3.8.4-53.el7 is the latest version available through the regular channel. The newer versions you referenced are available from the RH channel "rh-gluster-3-client-for-rhel-7-server-rpms" but the source code is not available through git.centos.org. You can install and use a newer release of the glusterfs packages maintained by the CentOS Storage SIG. The details are here: https://wiki.centos.org/SpecialInterestGroup/Storage/gluster-Quickstart Akemi