[Gluster-users] Question about CVE-2018-10924
Hongzhi, Song
hongzhi.song at windriver.com
Wed Oct 31 01:53:51 UTC 2018
The following link says: the issues just exist in v3.12 series and above.
https://security-tracker.debian.org/tracker/CVE-2018-10924
I have look into the code on v3.11. There is no commit that introduced
the issue.
So I think v3.11 doesn't require the CVE patch.
--Hongzhi
On 10/30/2018 07:20 PM, Hongzhi, Song wrote:
> Hi Pranith,
>
> Do you know which versions have the problem about fsync?
>
> https://bugzilla.redhat.com/show_bug.cgi?id=1611785#c1
>
>
> --Hongzhi
>
> On 10/30/2018 05:20 PM, Hongzhi, Song wrote:
>> Hi Pranith and other friends,
>>
>> Does this CVE apply for glusger-v3.11.1?
>>
>> I applied the patch for v3.11.1. There was an issue that the files
>> was read-only after mounting the volume.
>>
>> When I try to write the file with vim tool, it prompts "Transport
>> endpoint is not connected ".
>>
>> Hopefully waiting for your help.
>>
>> Best Regards,
>> --Hongzhi
>
>
More information about the Gluster-users
mailing list