1454752 – Update the rhgs image tag which has the cve fix in rpcbind and libtirpc

Bug 1454752 - Update the rhgs image tag which has the cve fix in rpcbind and libtirpc

Summary: Update the rhgs image tag which has the cve fix in rpcbind and libtirpc

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Gluster Storage
Classification:	Red Hat Storage
Component:	cns-deploy-tool
Sub Component:
Version:	cns-3.5
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	urgent
Target Milestone:	---
Target Release:	CNS 3.5 Async
Assignee:	Mohamed Ashiq
QA Contact:	Prasanth
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2017-05-23 12:24 UTC by Mohamed Ashiq
Modified:	2018-11-16 16:33 UTC (History)
CC List:	6 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:	An updated rhgs3/rhgs-server-rhel7 Container image has been made available to include the rpcbind and libtirpc packages from RHEL7 with fixes for CVE-2017-8779 https://access.redhat.com/security/cve/CVE-2017-8779 Since the cns-deploy template file points to the rhgs3/rhgs-server-rhel7 image, cns-deploy packages have been updated to include the new build tag of the rhgs3/rhgs-server-rhel7 Container image that has the rpcbind and libtirpc RHEL7 builds with fixes for CVE-2017-8779
Clone Of:
Environment:
Last Closed:	2017-05-30 12:49:42 UTC
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2017:1368	0	normal	SHIPPED_LIVE	cns-deploy-tool bug fix update	2017-05-30 16:49:26 UTC

Description Mohamed Ashiq 2017-05-23 12:24:00 UTC

Description of problem:
Update the rhgs image tag which has the cve fix in rpcbind and libtirpc

Comment 3 Prasanth 2017-05-30 01:36:13 UTC

Verified as fixed in cns-deploy-4.0.0-18.el7rhgs.x86_64


# grep image /usr/share/heketi/templates/glusterfs-template.yaml 
        - image: rhgs3/rhgs-server-rhel7:3.2.0-6

Comment 5 errata-xmlrpc 2017-05-30 12:49:42 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2017:1368

Note You need to log in before you can comment on or make changes to this bug.