[ MDVSA-2015:211 ] glusterfs

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:211
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : glusterfs
 Date    : April 27, 2015
 Affected: Business Server 2.0
 _______________________________________________________________________

 Problem Description:

 Updated glusterfs packages fix security vulnerability:
 
 glusterfs was vulnerable to a fragment header infinite loop denial
 of service attack (CVE-2014-3619).
 
 Also, the glusterfsd SysV init script was failing to properly start
 the service.  This was fixed by replacing it with systemd unit files
 for the service that work properly (mga#14049).
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3619
 http://advisories.mageia.org/MGA

Leave a Reply