Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits: 6d68f422 by Markus Koschany at 2018-05-14T22:32:47+02:00 CVE-2018-1088,glusterfs: Wheezy is not affected The glusterfs_shared_storage option was added in 2015 which was after the release of Debian's version of glusterfs in Wheezy. The vulnerable code to create and mount a shared volume is not present. https://github.com/gluster/glusterfs/commit/402589f58cbb350dfedafa83e133664855ed37b2#diff-21659a7d9d296e24dbc868d98ef7a234 - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -27150,6 +27150,7 @@ CVE-2018-1089 (389-ds-base before versions 1.4.0.9, 1.3.8.1, 1.3.6.15 did not .. NOTE: http://www.openwall.com/lists/oss-security/2018/05/07/2 CVE-2018-1088 (A privilege escalation flaw was found in gluster 3.x snapshot ...) - glusterfs 4.0.2-1 (bug #896128) + [wheezy] - glusterfs <not-affected> (vulnerable code not present) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1558721 NOTE: https://review.gluster.org/#/c/19899/ NOTE: https://review.gluster.org/#/c/19898/ View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6d68f422a162bdb44fa52e05c74c6b543d587909 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6d68f422a162bdb44fa52e05c74c6b543d587909 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
