Bug 1460674 - Update the rhgs image tag which has the CVE fix glibc, nss and sudo.
Update the rhgs image tag which has the CVE fix glibc, nss and sudo.
Status: CLOSED ERRATA
Product: Red Hat Gluster Storage
Classification: Red Hat
Component: cns-deploy-tool (Show other bugs)
cns-3.5
Unspecified Unspecified
urgent Severity urgent
: ---
: CNS 3.5 Async
Assigned To: Mohamed Ashiq
Prasanth
: ZStream
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2017-06-12 07:46 EDT by Mohamed Ashiq
Modified: 2017-06-19 15:10 EDT (History)
6 users (show)

See Also:
Fixed In Version: cns-deploy-4.0.0-19
Doc Type: Bug Fix
Doc Text:
An updated rhgs3/rhgs-server-rhel7 and rhgs3/rhgs-volmanager-rhel7 Container images has been made available to include the glibc, sudo, and nss packages from Red Hat Enterprise Linux 7 with fixes for CVE-2017-1000366, CVE-2017-1000364, CVE-2017-7502 and CVE-2017-1000367. https://errata.devel.redhat.com/advisory/28714 https://errata.devel.redhat.com/advisory/28767 https://access.redhat.com/security/cve/CVE-2017-7502 https://access.redhat.com/security/cve/CVE-2017-1000367 Since the cns-deploy template files points to the rhgs3/rhgs-server-rhel7 and rhgs3/rhgs-volmanager-rhel7 image, cns-deploy package have been updated to include the new build tag of the rhgs3/rhgs-server-rhel7 and rhgs3/rhgs-volmanager-rhel7 Container images. This has the glibc, sudo, and nss packages from Red Hat Enterprise Linux 7 with fixes for CVE-2017-1000366, CVE-2017-1000364, CVE-2017-7502 and CVE-2017-1000367.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2017-06-19 15:10:31 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Mohamed Ashiq 2017-06-12 07:46:26 EDT
Description of problem:
Update the rhgs image tag which has the CVE fix glibc, nss and sudo.
Comment 4 Prasanth 2017-06-16 07:10:11 EDT
Verified

#####
#  grep image /usr/share/heketi/templates/glusterfs-template.yaml 
        - image: rhgs3/rhgs-server-rhel7:3.2.0-7

#  grep image /usr/share/heketi/templates/heketi-template.yaml 
          image: rhgs3/rhgs-volmanager-rhel7:3.2.0-11
#####
Comment 6 errata-xmlrpc 2017-06-19 15:10:31 EDT
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2017:1512

Note You need to log in before you can comment on or make changes to this bug.