Skip to content

Release notes for Gluster 4.1.6

This is a bugfix release. The release notes for 4.1.0, 4.1.1, 4.1.2, 4.1.3, 4.1.4 and 4.1.5 contains a listing of all the new features that were added and bugs fixed in the GlusterFS 4.1 stable release.

NOTE: Next minor release tentative date: Week of 20th January, 2019

Major changes, features and limitations addressed in this release

This release contains fixes for several security vulnerabilities in Gluster as follows,


Major issues


Bugs addressed

Bugs addressed since release-4.1.5 are listed below.

  • #1632013: georep: hard-coded paths in
  • #1633479: 'df' shows half as much space on volume after upgrade to RHGS 3.4
  • #1633634: split-brain observed on parent dir
  • #1635979: Writes taking very long time leading to system hogging
  • #1635980: Low Random write IOPS in VM workloads
  • #1636218: [SNAPSHOT]: with brick multiplexing, snapshot restore will make glusterd send wrong volfile
  • #1637953: data-self-heal in arbiter volume results in stale locks.
  • #1641761: Spurious failures in bug-1637802-arbiter-stale-data-heal-lock.t
  • #1643052: Seeing defunt translator and discrepancy in volume info when issued from node which doesn't host bricks in that volume
  • #1643075: tests/bugs/glusterd/optimized-basic-testcases-in-cluster.t failing
  • #1643929: geo-rep: gluster-mountbroker status crashes
  • #1644163: geo-rep: geo-replication gets stuck after file rename and gfid conflict
  • #1644474: afr/lease: Read child nodes from lease structure
  • #1644516: geo-rep: gluster-mountbroker status crashes
  • #1644518: [Geo-Replication] Geo-rep faulty sesion because of the directories are not synced to slave.
  • #1644524: Excessive logging in posix_update_utime_in_mdata
  • #1645363: CVE-2018-14652 glusterfs: Buffer overflow in "features/locks" translator allows for denial of service [fedora-all]
  • #1646200: CVE-2018-14654 glusterfs: "features/index" translator can create arbitrary, empty files [fedora-all]
  • #1646806: [Geo-rep]: Faulty geo-rep sessions due to link ownership on slave volume
  • #1647667: CVE-2018-14651 glusterfs: glusterfs server exploitable via symlinks to relative paths [fedora-all]
  • #1647668: CVE-2018-14661 glusterfs: features/locks translator passes an user-controlled string to snprintf without a proper format string resulting in a denial of service [fedora-all]
  • #1647669: CVE-2018-14659 glusterfs: Unlimited file creation via "GF_XATTR_IOSTATS_DUMP_KEY" xattr allows for denial of service [fedora-all]
  • #1647670: CVE-2018-14653 glusterfs: Heap-based buffer overflow via "gf_getspec_req" RPC message [fedora-all]
  • #1647972: CVE-2018-14660 glusterfs: Repeat use of "GF_META_LOCK_KEY" xattr allows for memory exhaustion [fedora-all]
  • #1648367: crash seen while running regression, intermittently.
  • #1648938: gfapi: fix bad dict setting of lease-id
  • #1648982: packaging: don't include in rpm when --without bd