Red Hat Product Errata RHSA-2018:1955 - Security Advisory

Issued:: 2018-06-20
Updated:: 2018-06-20

RHSA-2018:1955 - Security Advisory

Overview
Updated Packages

Synopsis

Important: glusterfs security update

Type/Severity

Security Advisory: Important

Topic

An update for glusterfs is now available for Native Client for Red Hat Enterprise Linux 6 for Red Hat Storage and Red Hat Gluster Storage 3.3 for Red Hat Enterprise Linux 6.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

GlusterFS is a key building block of Red Hat Gluster Storage. It is based
on a stackable user-space design and can deliver exceptional performance
for diverse workloads. GlusterFS aggregates various storage servers over
network interconnections into one large, parallel network file system.

Security Fix:

glusterfs: access trusted peer group via remote-host command
(CVE-2018-10841)

For more details about the security issue(s), including the impact, a
CVSS score, and other related information, refer to the CVE page(s)
listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux Server 6 x86_64
Red Hat Gluster Storage Server for On-premise 3 for RHEL 6 x86_64

Fixes

BZ - 1582043 - CVE-2018-10841 glusterfs: access trusted peer group via remote-host command

CVEs

CVE-2018-10841

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 6

SRPM
glusterfs-3.8.4-54.11.el6.src.rpm	SHA-256: 8fb9e7c22a9455483028bef1ad934e952c68e9493f16976021bfd82fef331ecf
x86_64
glusterfs-3.8.4-54.11.el6.x86_64.rpm	SHA-256: 29d9705aae9da76642887fe36e2061768581dca5aae7eec3b909ef8e7529bbde
glusterfs-api-3.8.4-54.11.el6.x86_64.rpm	SHA-256: a06bdc9de1f395d158c8d439391ad0a80c83a10dc8e86633932af5ca64e30402
glusterfs-api-devel-3.8.4-54.11.el6.x86_64.rpm	SHA-256: 01e2b9cd59b6c340d3bf2e12dab219e628dd705880a1204da3da7e65fd2a9276
glusterfs-cli-3.8.4-54.11.el6.x86_64.rpm	SHA-256: 978b575f605750d1b6997fc7f525814903b624be7f0dbe7afea027d0ee49fb9e
glusterfs-client-xlators-3.8.4-54.11.el6.x86_64.rpm	SHA-256: 278e28ab33c29b630ce911eeb6d7885194576fa95eba604af2c938fb73cd8f36
glusterfs-debuginfo-3.8.4-54.11.el6.x86_64.rpm	SHA-256: 153cbc9d8294d262a9381332f1421e2167a79a3cf8b3b1379c9abbf60681b139
glusterfs-devel-3.8.4-54.11.el6.x86_64.rpm	SHA-256: 15e69c33838885aa126624e9e736a1b77fb9c1afa744b82454963cb7997a1511
glusterfs-fuse-3.8.4-54.11.el6.x86_64.rpm	SHA-256: 15286e54faf8525699a1bdb15f119f73d06d43d64ffb2cfdbbb320543fd5c320
glusterfs-libs-3.8.4-54.11.el6.x86_64.rpm	SHA-256: 8af37eb2586b80fc077d5c0acbb7f28c018cc20a6161dd8821188d507cdf9141
glusterfs-rdma-3.8.4-54.11.el6.x86_64.rpm	SHA-256: b8978626f159024f3f81403fbdc284dfac63ce268b7ce291ff11b7a7d2f25434
python-gluster-3.8.4-54.11.el6.noarch.rpm	SHA-256: 51a2f7a1fdceca459b8468dfac1ddf5bd78ccaf9d0c82f800b10e0e29148eb15

Red Hat Gluster Storage Server for On-premise 3 for RHEL 6

SRPM
glusterfs-3.8.4-54.11.el6rhs.src.rpm	SHA-256: e9b374c90fbfa149d8acc9c46721c5eb54fdcad1effdfccfa29ecb7a3fe61266
x86_64
glusterfs-3.8.4-54.11.el6rhs.x86_64.rpm	SHA-256: c21f7efddbe3fde143e122460859416ac993518c4f5d40ff044017b26088ecc9
glusterfs-api-3.8.4-54.11.el6rhs.x86_64.rpm	SHA-256: 0ce8e6e80cbfbe299e9f31047e9715c33e1233e6f505443bc19e53d42fd597fc
glusterfs-api-devel-3.8.4-54.11.el6rhs.x86_64.rpm	SHA-256: cd1ff860ca6e8d2a0885581627b139d0daa244342ad6f96115f8426327eec7ed
glusterfs-cli-3.8.4-54.11.el6rhs.x86_64.rpm	SHA-256: d6e231803706d3f3b642f186ddf18341ac3663ea09b50a3634e961bd7815801b
glusterfs-client-xlators-3.8.4-54.11.el6rhs.x86_64.rpm	SHA-256: b0021bce769eaad5dfc83ee3933b8df4017b9c8a9c7f4fc70c34e673d970f1ca
glusterfs-debuginfo-3.8.4-54.11.el6rhs.x86_64.rpm	SHA-256: 06e72b758d451e744c2182df06d8d9382a60b7ab18f5bc6187adee6edf987271
glusterfs-devel-3.8.4-54.11.el6rhs.x86_64.rpm	SHA-256: 5c530f564805b14eb0661d0f267baa8783514de3470ab50a4ce89affa17539a5
glusterfs-events-3.8.4-54.11.el6rhs.x86_64.rpm	SHA-256: 4cf4b8d805a9b3e9724284184203f266f9a8360564a4e27b7bd796e56df540e5
glusterfs-fuse-3.8.4-54.11.el6rhs.x86_64.rpm	SHA-256: d7cbf25b2843edcfb7d6b54a9cdaa165802c71bda57a85103c3ed061fb549975
glusterfs-ganesha-3.8.4-54.11.el6rhs.x86_64.rpm	SHA-256: 45a96b1061ee386d8c16cc20b4e240dd9dd60a49def7d0ac0713a04b394524ed
glusterfs-geo-replication-3.8.4-54.11.el6rhs.x86_64.rpm	SHA-256: 4162769dbda0ec817bc5b762dc17c1905631bc3e8d80da2880900cd6286c30af
glusterfs-libs-3.8.4-54.11.el6rhs.x86_64.rpm	SHA-256: 7fd35d1a2506b8e276edd01b030fea98007b2b4096b29c113fde137c09b177a2
glusterfs-rdma-3.8.4-54.11.el6rhs.x86_64.rpm	SHA-256: 95a54403c052ff687b2183615a38e612f1ea7e467e8ed19cd0161d0ce9c9fe7f
glusterfs-server-3.8.4-54.11.el6rhs.x86_64.rpm	SHA-256: 856accae3b2eed8f96c99efd7e4445f95af5d26280938f576b878f95591d5720
python-gluster-3.8.4-54.11.el6rhs.noarch.rpm	SHA-256: ce060f63c8cd3a429530a8636f3049c0efdeaf68c909bbe513162672adffff93

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

JBoss Development and Management

JBoss Integration and Automation

Mobile

Services

Tools

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories