Red Hat Security Advisory 2017-0486-01 - Red Hat Gluster Storage is a software only scale-out storage solution that provides flexible and affordable unstructured data storage. It unifies data storage and infrastructure, increases performance, and improves availability and manageability to meet enterprise-level storage challenges. The following packages have been upgraded to a later upstream version: glusterfs, redhat-storage-server, vdsm. Multiple security issues have been addressed.
05ccadb8422bd3f3bd16a938142cda7e5d16ceec2b9a6a2f0b766b2576986aac
Red Hat Security Advisory 2017-0484-01 - Red Hat Gluster Storage is a software only scale-out storage solution that provides flexible and affordable unstructured data storage. It unifies data storage and infrastructure, increases performance, and improves availability and manageability to meet enterprise-level storage challenges. The following packages have been upgraded to a later upstream version: glusterfs, redhat-storage-server. Security Fix: It was found that glusterfs-server RPM package would write file with predictable name into world readable /tmp directory. A local attacker could potentially use this flaw to escalate their privileges to root by modifying the shell script during the installation of the glusterfs-server package.
f55745c1c56b6870c72ef634e35e43e73968d259386e81442eb712f07853319a