Release notes for Gluster 3.12.9
This is a bugfix release. The release notes for 3.12.0, 3.12.1, 3.12.2, 3.12.3, 3.12.4, 3.12.5, 3.12.6, 3.12.7, and 3.12.8 contain a listing of all the new features that were added and bugs fixed in the GlusterFS 3.12 stable release.
Major changes, features and limitations addressed in this release
This release contains a fix for a security vulerability in Gluster as follows, - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1088 - https://nvd.nist.gov/vuln/detail/CVE-2018-1088
Installing the updated packages and restarting gluster services, will update the Gluster shared storage volume volfiles, that are more secure than the defaults currently in place.
Further, for increased security, the Gluster shared storage volume can be TLS
enabled, and access to the same restricted using the
See, this guide for more details.
Bugs addressed since release-3.12.8 are listed below.
- #1566131: Bringing down data bricks in cyclic order results in arbiter brick becoming the source for heal.
- #1566820: [Remove-brick] Many files were not migrated from the decommissioned bricks; commit results in data loss
- #1569407: EIO errors on some operations when volume has mixed brick versions on a disperse volume
- #1570430: CVE-2018-1088 glusterfs: Privilege escalation via gluster_shared_storage when snapshot scheduling is enabled [fedora-all]