Release notes for Gluster 3.10.12

This is a bugfix release. The release notes for 3.10.0, 3.10.1, 3.10.2, 3.10.3, 3.10.4, 3.10.5, 3.10.6, 3.10.7, 3.10.8, 3.10.9, 3.10.10 and 3.10.11 contain a listing of all the new features that were added and bugs fixed in the GlusterFS 3.10 stable release.

Major changes, features and limitations addressed in this release

This release contains a fix for a security vulerability in Gluster as follows, - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1088 - https://nvd.nist.gov/vuln/detail/CVE-2018-1088

Installing the updated packages and restarting gluster services, will update the Gluster shared storage volume volfiles, that are more secure than the defaults currently in place.

Further, for increased security, the Gluster shared storage volume can be TLS enabled, and access to the same restricted using the auth.ssl-allow option. See, this guide for more details.

Major issues

  1. Brick multiplexing is being tested and fixed aggressively but we still have a few crashes and memory leaks to fix.

Bugs addressed

Bugs addressed since release-3.10.11 are listed below.

  • #1553777: /var/log/glusterfs/bricks/export_vdb.log flooded with this error message "Not able to add to index [Too many links]"
  • #1555195: [Ganesha] Duplicate volume export entries in ganesha.conf causing volume unexport to fail
  • #1555203: After a replace brick command, self-heal takes some time to start healing files on disperse volumes
  • #1557304: [Glusterd] Volume operations fail on a (tiered) volume because of a stale lock held by one of the nodes
  • #1559352: [Ganesha] : Ganesha crashes while cluster enters failover/failback mode
  • #1561732: Rebalance failures on a dispersed volume with lookup-optimize enabled
  • #1563500: nfs-ganesha: in case pcs cluster setup fails then nfs-ganesha process should not start
  • #1569409: EIO errors on some operations when volume has mixed brick versions on a disperse volume
  • #1570428: CVE-2018-1088 glusterfs: Privilege escalation via gluster_shared_storage when snapshot scheduling is enabled [fedora-all]