Red Hat Storage is a software only, scale-out storage solution that
provides flexible and agile unstructured data storage for the enterprise.
Multiple insecure temporary file creation flaws were found in Red Hat
Storage server. A local user on the Red Hat Storage server could use these
flaws to cause arbitrary files to be overwritten as the root user via a
symbolic link attack. (CVE-2013-4157)
These issues were discovered by Gowrishankar Rajaiyan of Red Hat and Kurt
Seifried of the Red Hat Security Response Team.
This update also fixes the following bugs:
Previously, rolling upgrades on a volume caused some processes to abort
which led to a possible corruption of the volume. Yum update aborts with a
message to stop the volume during an update. Now, with this update rolling
upgrades is not supported and it is mandatory to stop the volume before any
‘yum update’. (BZ#998649)
Installing or upgrading the gluster-swift-plugin RPM overwrites
/etc/swift configuration files. Hence, the customer configuration is
overwritten, causing data unavailability. Now, the RPM installs or upgrades
new configuration files with a non-conflicting extension and customer
configuration files are not overwritten, maintaining data availability.
(BZ#997940, BZ#1000423)
This update also adds the following enhancement:
All users of Red Hat Storage are advised to upgrade to these updated
packages.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | src | gluster-swift-plugin | < 1.0-7 | gluster-swift-plugin-1.0-7.src.rpm |
RedHat | 6 | noarch | appliance-base | < 2.0.6.0-2.el6rhs | appliance-base-2.0.6.0-2.el6rhs.noarch.rpm |
RedHat | 6 | x86_64 | glusterfs-fuse | < 3.3.0.14rhs-1.el6rhs | glusterfs-fuse-3.3.0.14rhs-1.el6rhs.x86_64.rpm |
RedHat | 6 | x86_64 | glusterfs-geo-replication | < 3.3.0.14rhs-1.el6rhs | glusterfs-geo-replication-3.3.0.14rhs-1.el6rhs.x86_64.rpm |
RedHat | 6 | x86_64 | glusterfs | < 3.3.0.14rhs-1.el6rhs | glusterfs-3.3.0.14rhs-1.el6rhs.x86_64.rpm |
RedHat | 6 | x86_64 | glusterfs-devel | < 3.3.0.14rhs-1.el6rhs | glusterfs-devel-3.3.0.14rhs-1.el6rhs.x86_64.rpm |
RedHat | 6 | src | glusterfs | < 3.3.0.14rhs-1.el6rhs | glusterfs-3.3.0.14rhs-1.el6rhs.src.rpm |
RedHat | 6 | src | appliance | < 2.0.6.0-2.el6rhs | appliance-2.0.6.0-2.el6rhs.src.rpm |
RedHat | 6 | x86_64 | glusterfs-debuginfo | < 3.3.0.14rhs-1.el6rhs | glusterfs-debuginfo-3.3.0.14rhs-1.el6rhs.x86_64.rpm |
RedHat | 6 | x86_64 | glusterfs-rdma | < 3.3.0.14rhs-1.el6rhs | glusterfs-rdma-3.3.0.14rhs-1.el6rhs.x86_64.rpm |