Login
Newsletter
Werbung

Sicherheit: Zwei Probleme in heketi
Aktuelle Meldungen Distributionen
Name: Zwei Probleme in heketi
ID: FEDORA-2017-01ad8b3946
Distribution: Fedora
Plattformen: Fedora 27
Datum: Do, 11. Januar 2018, 07:09
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15103
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15104

Originalnachricht

-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2017-01ad8b3946
2018-01-10 20:51:03.121916
-------------------------------------------------------------------------------
-

Name : heketi
Product : Fedora 27
Version : 5.0.1
Release : 1.fc27
URL : https://github.com/heketi/heketi
Summary : RESTful based volume management framework for GlusterFS
Description :
Heketi provides a RESTful management interface which can be used to manage
the life cycle of GlusterFS volumes. With Heketi, cloud services like
OpenStack Manila, Kubernetes, and OpenShift can dynamically provision
GlusterFS volumes with any of the supported durability types. Heketi
will automatically determine the location for bricks across the cluster,
making sure to place bricks and its replicas across different failure
domains. Heketi also supports any number of GlusterFS clusters, allowing
cloud services to provide network file storage without being limited to a
single GlusterFS cluster.

-------------------------------------------------------------------------------
-
Update Information:

Security fix for CVE-2017-15103 and CVE-2017-15104
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1510147 - CVE-2017-15103 heketi: OS command injection in heketi
API
https://bugzilla.redhat.com/show_bug.cgi?id=1510147
[ 2 ] Bug #1510149 - CVE-2017-15104 heketi: Information disclosure through
world readable file
https://bugzilla.redhat.com/show_bug.cgi?id=1510149
-------------------------------------------------------------------------------
-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade heketi' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung