Accepted glusterfs 4.1.5-1~bpo9+1 (source amd64) into stretch-backports

To: debian-backports-changes@lists.debian.org
Subject: Accepted glusterfs 4.1.5-1~bpo9+1 (source amd64) into stretch-backports
From: Patrick Matthäi <pmatthaei@debian.org>
Date: Mon, 24 Sep 2018 09:19:09 +0000
Message-id: <[🔎] E1g4N1J-0001v4-7E@fasolo.debian.org>
Mail-followup-to: debian-backports@lists.debian.org
Reply-to: debian-backports@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 24 Sep 2018 10:55:43 +0200
Source: glusterfs
Binary: glusterfs-client glusterfs-server glusterfs-common
Architecture: source amd64
Version: 4.1.5-1~bpo9+1
Distribution: stretch-backports
Urgency: high
Maintainer: Patrick Matthäi <pmatthaei@debian.org>
Changed-By: Patrick Matthäi <pmatthaei@debian.org>
Description:
 glusterfs-client - clustered file-system (client package)
 glusterfs-common - GlusterFS common libraries and translator modules
 glusterfs-server - clustered file-system (server package)
Closes: 901968 909215
Changes:
 glusterfs (4.1.5-1~bpo9+1) stretch-backports; urgency=medium
 .
   * Rebuild for stretch-backports.
 .
 glusterfs (4.1.5-1) unstable; urgency=high
 .
   * New upstream release.
 .
 glusterfs (4.1.4-1) unstable; urgency=high
 .
   * New upstream release.
     - This release fixes multiple security issues:
       - CVE-2018-10904: Unsanitized file names in debug/io-stats translator can
         allow remote attackers to execute arbitrary code.
       - CVE-2018-10907: Stack-based buffer overflow in server-rpc-fops.c allows
         remote attackers to execute arbitrary code.
       - CVE-2018-10911: Improper deserialization in dict.c:dict_unserialize()
         can allow attackers to read arbitrary memory.
       - CVE-2018-10913: Information Exposure in posix_get_file_contents function
         in posix-helpers.c.
       - CVE-2018-10914: remote denial of service of gluster volumes via
         posix_get_file_contents function in posix-helpers.c.
       - CVE-2018-10923: I/O to arbitrary devices on storage server.
       - CVE-2018-10926: Device files can be created in arbitrary locations.
       - CVE-2018-10927: File status information leak and denial of service.
       - CVE-2018-10928: Improper resolution of symlinks allows for privilege
         escalation.
       - CVE-2018-10929: Arbitrary file creation on storage server allows for
         execution of arbitrary code.
       - CVE-2018-10930: Files can be renamed outside volume.
       Closes: #909215
   * Remove extra documentation file from libdir.
 .
 glusterfs (4.1.3-1) unstable; urgency=medium
 .
   * New upstream release.
   * Bump Standards-Version to 4.2.1.
   * Adjust lintian overrides.
 .
 glusterfs (4.1.2-1) unstable; urgency=high
 .
   * New upstream release.
     - Fixes CVE-2018-10841: Access trusted peer group via remote-host command.
       Closes: #901968
     - Drop patch 02-shell-syntax-error.
     - Install new gsyncd.conf file.
   * Merge 4.0.2-1~bpo9+1 changelog.
   * Remove trailing whitespace from debian/changelog.
   * Adjust lintian warnings.
   * Bump Standards-Version to 4.1.5.
   * Merge patch 03-spelling-errors into 01-spelling-error.
   * Adjust lintian overrides.
   * Correct patch 04-systemd-fixes. The documentation key is placed in the unit
     section now.
Checksums-Sha1:
 fd777aa8841617b738501ce47c508af3c4649b7d 2185 glusterfs_4.1.5-1~bpo9+1.dsc
 054beafc45576c041fc4c88bdd7f8f4e4a959b45 17728 glusterfs_4.1.5-1~bpo9+1.debian.tar.xz
 315ce3af0d3bd9aea87f391a5b92d678fc1513ca 32720 glusterfs-client-dbgsym_4.1.5-1~bpo9+1_amd64.deb
 0724a4f8bccaa934f9b165dafa9ef94f3e50a498 2360978 glusterfs-client_4.1.5-1~bpo9+1_amd64.deb
 145336d7b42d4a8b71cde614f391b33fd66a4bd7 16360020 glusterfs-common-dbgsym_4.1.5-1~bpo9+1_amd64.deb
 d9a4ef1f35432e8bed325d348bfad93b449e2f5f 5653554 glusterfs-common_4.1.5-1~bpo9+1_amd64.deb
 6a3bf7c4c65e8b4c00f7c6a33fb5e36c8065b077 661998 glusterfs-server-dbgsym_4.1.5-1~bpo9+1_amd64.deb
 78676b040d6ec245df3406baf930596c2c3aeac1 2531366 glusterfs-server_4.1.5-1~bpo9+1_amd64.deb
 5de5b45102073d89f275d24cb92ccc1a8b26e8f3 9839 glusterfs_4.1.5-1~bpo9+1_amd64.buildinfo
Checksums-Sha256:
 4d175f157443a26ee6baad383bb6fd75600da0db532e487f6b6ddaed3939d82f 2185 glusterfs_4.1.5-1~bpo9+1.dsc
 1ce4139e1d0df0b27e2d7fafc394a78616edd1ebc1168ba18efff1bf8e32873a 17728 glusterfs_4.1.5-1~bpo9+1.debian.tar.xz
 da6c518b9a37d3105f31f46fa2909767e8d57da89a925564ba68308211acc0f2 32720 glusterfs-client-dbgsym_4.1.5-1~bpo9+1_amd64.deb
 acde8aa2bb7812372865236224a92ac5af40bbbed5ecb0257392b2ad1e7cee27 2360978 glusterfs-client_4.1.5-1~bpo9+1_amd64.deb
 67f5a8b96bd59f59fc2eb2dc61cafb8d84a88c0bea22916517891d8eb68700f5 16360020 glusterfs-common-dbgsym_4.1.5-1~bpo9+1_amd64.deb
 4207eea8bbc0e32e9982876cb342e3c32e88847ce97e514bf8fe28cd441ecd80 5653554 glusterfs-common_4.1.5-1~bpo9+1_amd64.deb
 40bd13b4e62ca8e50747627f3f700275299dfb7b00b239f19ffd85a444a1bc67 661998 glusterfs-server-dbgsym_4.1.5-1~bpo9+1_amd64.deb
 71354d2d80a79b30cad6d683bb6685318616e48f779ec82904b6480ab7c9227d 2531366 glusterfs-server_4.1.5-1~bpo9+1_amd64.deb
 661d99bf8c8d13697df2074387d118860728c27deb7f6833331330af2bca6b69 9839 glusterfs_4.1.5-1~bpo9+1_amd64.buildinfo
Files:
 ce5292991b4fdafc358535b131a852c5 2185 admin optional glusterfs_4.1.5-1~bpo9+1.dsc
 95e978b90aa3039c239afd2e410c3544 17728 admin optional glusterfs_4.1.5-1~bpo9+1.debian.tar.xz
 7483d2a2bc08a8cb8bea00cf0582e6a2 32720 debug extra glusterfs-client-dbgsym_4.1.5-1~bpo9+1_amd64.deb
 048a4cce467ee2adab802313b1b58b38 2360978 admin optional glusterfs-client_4.1.5-1~bpo9+1_amd64.deb
 9451f39780a0730ec81437f43a4a11eb 16360020 debug extra glusterfs-common-dbgsym_4.1.5-1~bpo9+1_amd64.deb
 a36ead6a5ba959dc3f406dd60b1d4b22 5653554 admin optional glusterfs-common_4.1.5-1~bpo9+1_amd64.deb
 344ca1f60758e781b0f3aa1d231fba2d 661998 debug extra glusterfs-server-dbgsym_4.1.5-1~bpo9+1_amd64.deb
 6bcbe67a5e585d78af9cbee593b18240 2531366 admin optional glusterfs-server_4.1.5-1~bpo9+1_amd64.deb
 6260f049e42cf012a8a8cd678d30de97 9839 admin optional glusterfs_4.1.5-1~bpo9+1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEWKA9xYJCWk3IuQ4TEtmwSpDL2OQFAluoqOEACgkQEtmwSpDL
2OR17g//Yv+p0CpqQQDXrjZsEDLVAzGfgcGTJrtNa/FTEHq1RoookHkt3qkJkaXe
6dt922mR3H58t1Oy3XzkHSdPexHRZqipPpQTyz7jSssDkF8doCRiP8NQ6vPMEbxo
iZWE+VBgCXM9wD7lkfRvjmMO3jqBi8iLGs6M4advMs5V1PvkmhN8mR+l5+anXnvi
9S/fGUF9g+it+Ed2JX/hJDN6OMJKnDcFKPqm8qFRQ3alDtHYCbw+qGex34I9mxTI
tLhs8R0PO5gW0yYv2FOjwioQLFl+M9iGVQtxJCWdpY6355h5BYbHFz8DZKsu5pkN
YyUZZTfRyJJJDY0/j51Ko5++4quR2NB2fldA19iJIf4LKDgoFJ/jMSddkd2QTR65
JctggGZ1mFOc2zQMJMPf97fkVk9IstKecAWpAdTeDiVJGuvHXtVlSWtYt/cC93RL
wOciOguB/6Jrh0tKyvwCk1uor4toyBmeSeHJmVdvRiU7pz+RI/yqU5OtZOC6IJBM
UByAYWfyDHGKPC/Z9aO0mRzuZOb+4ynd8+XUp+SA4hAki3N6mKvqkdD+pYb7X1vz
enGKnsn8fGcTmqQ6cpT6bgqLcufndb+m4mnZXGyZc+4t/KV0DT0XRDLMnggS33sT
cZs3q666XZySmyv8FDB8JZwQyisf3zV02KtPW67H47K4gOCMTMQ=
=aN4w
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Accepted pymodbus 1.5.2+dfsg-2~bpo9+1 (source all) into stretch-backports
Next by Date: Accepted otrs2 6.0.11-1~bpo9+1 (source all) into stretch-backports
Previous by thread: Accepted pymodbus 1.5.2+dfsg-2~bpo9+1 (source all) into stretch-backports
Next by thread: Accepted otrs2 6.0.11-1~bpo9+1 (source all) into stretch-backports
Index(es):
- Date
- Thread