[Git][security-tracker-team/security-tracker][master] Add new glusterfs issues

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
5da734dd by Salvatore Bonaccorso at 2018-10-31T16:45:56Z
Add new glusterfs issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -10260,10 +10260,19 @@ CVE-2018-14662
        RESERVED
 CVE-2018-14661
        RESERVED
+       - glusterfs <unfixed>
+       NOTE: https://www.openwall.com/lists/oss-security/2018/10/31/5
+       NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1636880
 CVE-2018-14660
        RESERVED
+       - glusterfs <unfixed>
+       NOTE: https://www.openwall.com/lists/oss-security/2018/10/31/5
+       NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1635926
 CVE-2018-14659
        RESERVED
+       - glusterfs <unfixed>
+       NOTE: https://www.openwall.com/lists/oss-security/2018/10/31/5
+       NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1635929
 CVE-2018-14658
        RESERVED
 CVE-2018-14657
@@ -10277,12 +10286,25 @@ CVE-2018-14655
        RESERVED
 CVE-2018-14654
        RESERVED
+       - glusterfs <unfixed>
+       NOTE: https://www.openwall.com/lists/oss-security/2018/10/31/5
+       NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1631576
 CVE-2018-14653
        RESERVED
+       - glusterfs <unfixed>
+       NOTE: https://www.openwall.com/lists/oss-security/2018/10/31/5
+       NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1633431
 CVE-2018-14652
        RESERVED
+       - glusterfs <unfixed>
+       NOTE: https://www.openwall.com/lists/oss-security/2018/10/31/5
+       NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1632974
 CVE-2018-14651
        RESERVED
+       - glusterfs <unfixed>
+       [stretch] - glusterfs <not-affected> (Incomplete fixes for 
CVE-2018-109{26,27,28,29,30} not applied)
+       NOTE: https://www.openwall.com/lists/oss-security/2018/10/31/5
+       NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1632557
 CVE-2018-14650 (It was discovered that sos-collector does not properly set the 
default ...)
        NOT-FOR-US: sos-collector (not same as sosreport itself, additional 
tool to sosreport)
 CVE-2018-14649 (It was found that ceph-isci-cli package as shipped by Red Hat 
Ceph ...)
@@ -20110,26 +20132,31 @@ CVE-2018-10930 (A flaw was found in RPC request using 
gfs3_rename_req in gluster
        - glusterfs 4.1.4-1 (bug #909215)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1612664
        NOTE: 
https://github.com/gluster/glusterfs/commit/9ae986f18c0f251cba6bbc23eae2150a8ce0417e
+       NOTE: When fixing this issue make sure to be complete an not open 
CVE-2018-14651
 CVE-2018-10929 (A flaw was found in RPC request using gfs2_create_req in 
glusterfs ...)
        {DLA-1510-1}
        - glusterfs 4.1.4-1 (bug #909215)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1612660
        NOTE: 
https://github.com/gluster/glusterfs/commit/9ae986f18c0f251cba6bbc23eae2150a8ce0417e
+       NOTE: When fixing this issue make sure to be complete an not open 
CVE-2018-14651
 CVE-2018-10928 (A flaw was found in RPC request using gfs3_symlink_req in 
glusterfs ...)
        {DLA-1510-1}
        - glusterfs 4.1.4-1 (bug #909215)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1612659
        NOTE: 
https://github.com/gluster/glusterfs/commit/9ae986f18c0f251cba6bbc23eae2150a8ce0417e
+       NOTE: When fixing this issue make sure to be complete an not open 
CVE-2018-14651
 CVE-2018-10927 (A flaw was found in RPC request using gfs3_lookup_req in 
glusterfs ...)
        {DLA-1510-1}
        - glusterfs 4.1.4-1 (bug #909215)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1612658
        NOTE: 
https://github.com/gluster/glusterfs/commit/9ae986f18c0f251cba6bbc23eae2150a8ce0417e
+       NOTE: When fixing this issue make sure to be complete an not open 
CVE-2018-14651
 CVE-2018-10926 (A flaw was found in RPC request using gfs3_mknod_req supported 
by ...)
        {DLA-1510-1}
        - glusterfs 4.1.4-1 (bug #909215)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1613143
        NOTE: 
https://github.com/gluster/glusterfs/commit/9ae986f18c0f251cba6bbc23eae2150a8ce0417e
+       NOTE: When fixing this issue make sure to be complete an not open 
CVE-2018-14651
 CVE-2018-10925 (It was discovered that PostgreSQL versions before 10.5, 
9.6.10, ...)
        {DSA-4269-1}
        - postgresql-10 10.5-1



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/5da734dd292402eefe1ec91c762bed1706bfc1aa

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/5da734dd292402eefe1ec91c762bed1706bfc1aa
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits