glusterfs-3.12.2-18.el7

エラータID: AXSA:2019-3587:01

Release date: 
Friday, February 15, 2019 - 14:12
Subject: 
glusterfs-3.12.2-18.el7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
Moderate
Description: 

GlusterFS is a key building block of Asianux Gluster Storage. It is based on a stackable user-space design and can deliver exceptional performance for diverse workloads. GlusterFS aggregates various storage servers over network interconnections into one large, parallel network file system.

The following packages have been upgraded to a later upstream version: glusterfs (3.12.2). (BZ#1579734)

Security Fix(es):

* glusterfs: Improper deserialization in dict.c:dict_unserialize() can allow attackers to read arbitrary memory (CVE-2018-10911)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

Asianux would like to thank Michael Hanselmann (hansmi.ch) for reporting this issue.

Additional Changes:

For detailed information on changes in this release, see the Asianux Server 7.6 Release Notes linked from the References section.

CVE-2018-10911
A flaw was found in the way dic_unserialize function of glusterfs does not handle negative key length values. An attacker could use this flaw to read memory from other locations into the stored dict value.

Solution: 

Update packages.

CVEs: 
CVE-2018-10911
A flaw was found in the way dic_unserialize function of glusterfs does not handle negative key length values. An attacker could use this flaw to read memory from other locations into the stored dict value.
Additional Info: 

N/A

Download: 

SRPMS
  1. glusterfs-3.12.2-18.el7.src.rpm
    MD5: 2e8ef4122bdc028ff25717b021aeac6f
    SHA-256: 75a5ba8b9ce515c2d38e5c81d3719b63a3849832bf134556703e73d751d58905
    Size: 9.60 MB

Asianux Server 7 for x86_64
  1. glusterfs-3.12.2-18.el7.x86_64.rpm
    MD5: 15d4630d24c223d7b76706538cc34104
    SHA-256: 80c59d94395df598c703c19cd3ebe0bed89dd8bd7e75d7908355c01f44e0fddd
    Size: 540.86 kB
  2. glusterfs-api-3.12.2-18.el7.x86_64.rpm
    MD5: ecfbcba6660cf98876a6eeb1eb792fe8
    SHA-256: 31600f3cebd614b09a23f8de7b2da1902e4ba3984be9d4cb2d08011c0544695f
    Size: 72.09 kB
  3. glusterfs-cli-3.12.2-18.el7.x86_64.rpm
    MD5: 1af63a5a197f9b53f26fb879b37a4f43
    SHA-256: d71d931b0b7b2206be1a4c03f4fd91f6a6bdb2b09002586167a7d0dadd4312a4
    Size: 174.54 kB
  4. glusterfs-client-xlators-3.12.2-18.el7.x86_64.rpm
    MD5: fef372ad8f0d259917a7397f5a21de63
    SHA-256: 54f9498dd0b382778c3d6bb550ac158c4ea90cbc6aaee40e8722c2b2be642e4a
    Size: 877.09 kB
  5. glusterfs-fuse-3.12.2-18.el7.x86_64.rpm
    MD5: dc24003ab3819491c8e25497ae8411ed
    SHA-256: 7ae9f3ef408cc6155ff253ab0d4f0bf9793e26fe1d34124b77a582d71bff2716
    Size: 116.50 kB
  6. glusterfs-libs-3.12.2-18.el7.x86_64.rpm
    MD5: 37d94ee924d13a255afec5d8280b8f84
    SHA-256: 6b22075eaecba055decc83b7abf537fdcfc0ec5fb4a55c2ea2459063450cb13c
    Size: 376.32 kB
  7. glusterfs-rdma-3.12.2-18.el7.x86_64.rpm
    MD5: 9f615bb94ffff30374e8adfc0092f6ca
    SHA-256: 6730a8c9cdd112b0f31e703bd1693414aaa0ca9534ff1c22d6fca59e477ba67c
    Size: 39.19 kB