Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 1695501 - Respin of rhgs-server container to include libssh2 CVE fixes
Summary: Respin of rhgs-server container to include libssh2 CVE fixes
Keywords:
Status: VERIFIED
Alias: None
Product: Red Hat Gluster Storage
Classification: Red Hat
Component: rhgs-server-container
Version: ocs-3.11
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: ---
: OCS 3.11.z Async
Assignee: Saravanakumar
QA Contact: RamaKasturi
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2019-04-03 09:01 UTC by Saravanakumar
Modified: 2019-04-10 05:14 UTC (History)
7 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
This update re-spins rhgs-server-container image to include libssh2 package update with fixes to CVEs at Red Hat Enterprise Linux 7.
Clone Of:
Environment:
Last Closed:
Target Upstream Version:


Attachments (Terms of Use)

Description Saravanakumar 2019-04-03 09:01:44 UTC
Description of problem:

Respin of rhgs-server container to include libssh2 CVE fixes

Comment 5 RamaKasturi 2019-04-07 18:31:43 UTC
Moving bug to verified state since the see that rhgs-server-container package contains the correct version of libssh which includes the CVE fix.

sh-4.2# rpm -qa | grep libssh
libssh2-1.4.3-12.el7_6.2.x86_64

sh-4.2# cd /root/buildinfo/
sh-4.2# ls
Dockerfile-rhel7-7.6-202.1553789841  Dockerfile-rhgs3-rhgs-server-rhel7-3.11.2-5

sh-4.2# rpm -qa | grep lvm2
lvm2-libs-2.02.180-10.el7_6.2.x86_64
lvm2-2.02.180-10.el7_6.2.x86_64

sh-4.2# rpm -qa | grep systemd
systemd-libs-219-62.el7_6.5.x86_64
systemd-219-62.el7_6.5.x86_64
systemd-sysv-219-62.el7_6.5.x86_64

sh-4.2# rpm -qa --qf='%{name}-%{version}-%{release} %{SIGPGP:pgpsig}\n' | grep -v fd431d5

sh-4.2# rpm -qa | grep glusterfs
glusterfs-api-3.12.2-47.el7rhgs.x86_64
glusterfs-cli-3.12.2-47.el7rhgs.x86_64
glusterfs-fuse-3.12.2-47.el7rhgs.x86_64
glusterfs-geo-replication-3.12.2-47.el7rhgs.x86_64
glusterfs-libs-3.12.2-47.el7rhgs.x86_64
glusterfs-3.12.2-47.el7rhgs.x86_64
glusterfs-client-xlators-3.12.2-47.el7rhgs.x86_64
glusterfs-server-3.12.2-47.el7rhgs.x86_64

sh-4.2# cat /etc/redhat-storage-release 
Red Hat Gluster Storage Server 3.4.4(Container)

Comment 6 Anjana 2019-04-08 10:24:37 UTC
Have updated the doctext. Kindly review.


Note You need to log in before you can comment on or make changes to this bug.