Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7e974154 by Moritz Muehlenhoff at 2018-09-20T13:33:35Z
glusterfs fixed
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -15828,20 +15828,20 @@ CVE-2018-10931 (It was found that cobbler 2.6.x
exposed all functions from its .
- cobbler <removed>
NOTE: http://www.openwall.com/lists/oss-security/2018/08/09/9
CVE-2018-10930 (A flaw was found in RPC request using gfs3_rename_req in
glusterfs ...)
- - glusterfs <unfixed> (bug #909215)
+ - glusterfs 4.1.4-1 (bug #909215)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1612664
NOTE: https://review.gluster.org/21068
CVE-2018-10929 (A flaw was found in RPC request using gfs2_create_req in
glusterfs ...)
- - glusterfs <unfixed> (bug #909215)
+ - glusterfs 4.1.4-1 (bug #909215)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1612660
CVE-2018-10928 (A flaw was found in RPC request using gfs3_symlink_req in
glusterfs ...)
- - glusterfs <unfixed> (bug #909215)
+ - glusterfs 4.1.4-1 (bug #909215)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1612659
CVE-2018-10927 (A flaw was found in RPC request using gfs3_lookup_req in
glusterfs ...)
- - glusterfs <unfixed> (bug #909215)
+ - glusterfs 4.1.4-1 (bug #909215)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1612658
CVE-2018-10926 (A flaw was found in RPC request using gfs3_mknod_req supported
by ...)
- - glusterfs <unfixed> (bug #909215)
+ - glusterfs 4.1.4-1 (bug #909215)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1613143
CVE-2018-10925 (It was discovered that PostgreSQL versions before 10.5,
9.6.10, ...)
{DSA-4269-1}
@@ -15861,7 +15861,7 @@ CVE-2018-10924 (It was discovered that fsync(2) system
call in glusterfs client
NOTE: Introduced by:
http://git.gluster.org/cgit/glusterfs.git/commit/?id=51dfc9c789b8405f595a337eade938aedcb449c4
NOTE: https://review.gluster.org/20723
CVE-2018-10923 (It was found that the "mknod" call derived from
mknod(2) can create ...)
- - glusterfs <unfixed> (bug #909215)
+ - glusterfs 4.1.4-1 (bug #909215)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1610659
NOTE: https://review.gluster.org/21069
CVE-2018-10922 (An input validation flaw exists in ttembed. With a crafted
input file, ...)
@@ -15900,17 +15900,17 @@ CVE-2018-10915 (A vulnerability was found in libpq,
the default PostgreSQL clien
NOTE: Fixed in 9.3.24, 9.4.19, 9.5.14, 9.6.10, 10.5
NOTE: https://www.postgresql.org/about/news/1878/
CVE-2018-10914 (It was found that an attacker could issue a xattr request via
...)
- - glusterfs <unfixed> (bug #909215)
+ - glusterfs 4.1.4-1 (bug #909215)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1607617
NOTE: https://review.gluster.org/21071
CVE-2018-10913 (An information disclosure vulnerability was discovered in
glusterfs ...)
- - glusterfs <unfixed> (bug #909215)
+ - glusterfs 4.1.4-1 (bug #909215)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1607618
NOTE: https://review.gluster.org/21071
CVE-2018-10912 (keycloak before version 4.0.0.final is vulnerable to a
infinite loop ...)
NOT-FOR-US: Keycloak
CVE-2018-10911 (A flaw was found in the way dic_unserialize function of
glusterfs does ...)
- - glusterfs <unfixed> (bug #909215)
+ - glusterfs 4.1.4-1 (bug #909215)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1601657
NOTE: https://review.gluster.org/21067
CVE-2018-10910 [ailure in disabling Bluetooth discoverability in certain cases
may lead to the unauthorized pairing of Bluetooth devices]
@@ -15927,7 +15927,7 @@ CVE-2018-10909
CVE-2018-10908 (It was found that vdsm before version 4.20.37 invokes qemu-img
on ...)
NOT-FOR-US: ovirt
CVE-2018-10907 (It was found that glusterfs server is vulnerable to multiple
stack ...)
- - glusterfs <unfixed> (bug #909215)
+ - glusterfs 4.1.4-1 (bug #909215)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1601642
NOTE: https://review.gluster.org/21070
CVE-2018-10906 (In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount
is ...)
@@ -15939,7 +15939,7 @@ CVE-2018-10906 (In fuse before versions 2.9.8 and 3.x
before 3.2.5, fusermount i
CVE-2018-10905 (CloudForms Management Engine (cfme) is vulnerable to an
improper ...)
NOT-FOR-US: Red Hat CloudForms Management Engine
CVE-2018-10904 (It was found that glusterfs server does not properly sanitize
file ...)
- - glusterfs <unfixed> (bug #909215)
+ - glusterfs 4.1.4-1 (bug #909215)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1601298
NOTE: https://review.gluster.org/21072
CVE-2018-10903 (A flaw was found in python-cryptography versions between
>=1.9.0 and ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/7e97415404fe978eeb723af3b79f66b2493720ba
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/7e97415404fe978eeb723af3b79f66b2493720ba
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
