Bug 1460674

Summary: Update the rhgs image tag which has the CVE fix glibc, nss and sudo.
Product: [Red Hat Storage] Red Hat Gluster Storage Reporter: Mohamed Ashiq <mliyazud>
Component: cns-deploy-toolAssignee: Mohamed Ashiq <mliyazud>
Status: CLOSED ERRATA QA Contact: Prasanth <pprakash>
Severity: urgent Docs Contact:
Priority: urgent    
Version: cns-3.5CC: bmohanra, hchiramm, jarrpa, knarra, pprakash, rcyriac, rhs-bugs
Target Milestone: ---Keywords: ZStream
Target Release: CNS 3.5 Async   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: cns-deploy-4.0.0-19 Doc Type: Bug Fix
Doc Text:
An updated rhgs3/rhgs-server-rhel7 and rhgs3/rhgs-volmanager-rhel7 Container images has been made available to include the glibc, sudo, and nss packages from Red Hat Enterprise Linux 7 with fixes for CVE-2017-1000366, CVE-2017-1000364, CVE-2017-7502 and CVE-2017-1000367. https://errata.devel.redhat.com/advisory/28714 https://errata.devel.redhat.com/advisory/28767 https://access.redhat.com/security/cve/CVE-2017-7502 https://access.redhat.com/security/cve/CVE-2017-1000367 Since the cns-deploy template files points to the rhgs3/rhgs-server-rhel7 and rhgs3/rhgs-volmanager-rhel7 image, cns-deploy package have been updated to include the new build tag of the rhgs3/rhgs-server-rhel7 and rhgs3/rhgs-volmanager-rhel7 Container images. This has the glibc, sudo, and nss packages from Red Hat Enterprise Linux 7 with fixes for CVE-2017-1000366, CVE-2017-1000364, CVE-2017-7502 and CVE-2017-1000367.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2017-06-19 19:10:31 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Mohamed Ashiq 2017-06-12 11:46:26 UTC 
Description of problem:
Update the rhgs image tag which has the CVE fix glibc, nss and sudo.
Comment 4 Prasanth 2017-06-16 11:10:11 UTC 
Verified

#####
#  grep image /usr/share/heketi/templates/glusterfs-template.yaml 
        - image: rhgs3/rhgs-server-rhel7:3.2.0-7

#  grep image /usr/share/heketi/templates/heketi-template.yaml 
          image: rhgs3/rhgs-volmanager-rhel7:3.2.0-11
#####
Comment 6 errata-xmlrpc 2017-06-19 19:10:31 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2017:1512