[Git][security-tracker-team/security-tracker][master] more gluster commits

[Moritz Muehlenhoff]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
546579d0 by Moritz Muehlenhoff at 2018-09-20T14:23:46Z
more gluster commits

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15868,7 +15868,7 @@ CVE-2018-10924 (It was discovered that fsync(2) system 
call in glusterfs client
 CVE-2018-10923 (It was found that the "mknod" call derived from 
mknod(2) can create ...)
        - glusterfs 4.1.4-1 (bug #909215)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1610659
-       NOTE: https://review.gluster.org/21069
+       NOTE: 
https://github.com/gluster/glusterfs/commit/4bafcc97e812acc854dfc436ade35df0308d5a3e
 CVE-2018-10922 (An input validation flaw exists in ttembed. With a crafted 
input file, ...)
        NOT-FOR-US: ttembed
 CVE-2018-10921 (Certain input files may trigger an integer overflow in ttembed 
input ...)
@@ -15907,17 +15907,17 @@ CVE-2018-10915 (A vulnerability was found in libpq, 
the default PostgreSQL clien
 CVE-2018-10914 (It was found that an attacker could issue a xattr request via 
...)
        - glusterfs 4.1.4-1 (bug #909215)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1607617
-       NOTE: https://review.gluster.org/21071
+       NOTE: 
https://github.com/gluster/glusterfs/commit/13298d2b3893edb5d147ea3bcb9902ee5be4b3ad
 CVE-2018-10913 (An information disclosure vulnerability was discovered in 
glusterfs ...)
        - glusterfs 4.1.4-1 (bug #909215)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1607618
-       NOTE: https://review.gluster.org/21071
+       NOTE: 
https://github.com/gluster/glusterfs/commit/13298d2b3893edb5d147ea3bcb9902ee5be4b3ad
 CVE-2018-10912 (keycloak before version 4.0.0.final is vulnerable to a 
infinite loop ...)
        NOT-FOR-US: Keycloak
 CVE-2018-10911 (A flaw was found in the way dic_unserialize function of 
glusterfs does ...)
        - glusterfs 4.1.4-1 (bug #909215)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1601657
-       NOTE: https://review.gluster.org/21067
+       NOTE: 
https://github.com/gluster/glusterfs/commit/cc3271ebf3aacdbbc77fdd527375af78ab12ea8d
 CVE-2018-10910 [ailure in disabling Bluetooth discoverability in certain cases 
may lead to the unauthorized pairing of Bluetooth devices]
        RESERVED
        - bluez <unfixed>



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/546579d06499ad0a046aba2bcbddd9454a59a7d9

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/546579d06499ad0a046aba2bcbddd9454a59a7d9
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits