Bug 1569368

Summary: Include CVE fix for glibc and glusterfs
Product: [Red Hat Storage] Red Hat Gluster Storage Reporter: Madhu Rajanna <mrajanna>
Component: rhgs-volmanager-containerAssignee: Humble Chirammal <hchiramm>
Status: CLOSED ERRATA QA Contact: Prasanth <pprakash>
Severity: high Docs Contact:
Priority: unspecified    
Version: cns-3.9CC: bmohanra, hchiramm, knarra, madam, rcyriac, rhs-bugs, sankarshan, sarumuga
Target Milestone: ---Keywords: ZStream
Target Release: CNS 3.9 Async   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: rhgs-volmanager-container-3.3.1-8.6 Doc Type: If docs needed, set a value
Doc Text:
This release re-spins Red Hat Gluster Storage vol manager container to include packages with fixes to CVEs at Red Hat Enterprise Linux and glusterfs.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2018-05-08 14:32:17 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Madhu Rajanna 2018-04-19 07:18:32 UTC 
Description of problem:

The container has to be rebuilt with fixes shipped in the following 2 errata


glibc - CVE-2018-1000001 - https://access.redhat.com/errata/RHSA-2018:0805

glusterfs - CVE-2018-1088 - https://access.redhat.com/errata/RHSA-2018:1136
Comment 4 Prasanth 2018-05-08 11:43:49 UTC 
Verified

################
sh-4.2# cat /etc/redhat-release 
Red Hat Enterprise Linux Server release 7.5 (Maipo)

sh-4.2# cat /etc/redhat-storage-release 
Red Hat Gluster Volume Manager 3.3.1 ( Container)

sh-4.2# rpm -qa |grep glibc
glibc-2.17-222.el7.x86_64
glibc-common-2.17-222.el7.x86_64

sh-4.2# rpm -qa |grep heketi
python-heketi-6.0.0-7.4.el7rhgs.x86_64
heketi-client-6.0.0-7.4.el7rhgs.x86_64
heketi-6.0.0-7.4.el7rhgs.x86_64
################
Comment 7 errata-xmlrpc 2018-05-08 14:32:17 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2018:1344