Skip to content

Release notes for Gluster 5.1

This is a bugfix release. The release notes for 5.0 contains a listing of all the new features that were added and bugs fixed in the GlusterFS 5 stable release.

NOTE: Next minor release tentative date: Week of 10th December, 2018

Major changes, features and limitations addressed in this release

This release contains fixes for several security vulnerabilities in Gluster as follows,


Major issues


Bugs addressed

Bugs addressed since release-5.0 are listed below.

  • #1641429: Gfid mismatch seen on shards when lookup and mknod are in progress at the same time
  • #1641440: [ovirt-gluster] Mount hung and not accessible
  • #1641872: Spurious failures in bug-1637802-arbiter-stale-data-heal-lock.t
  • #1643078: tests/bugs/glusterd/optimized-basic-testcases-in-cluster.t failing
  • #1643402: [Geo-Replication] Geo-rep faulty sesion because of the directories are not synced to slave.
  • #1644158: geo-rep: geo-replication gets stuck after file rename and gfid conflict
  • #1644161: cliutils: geo-rep cliutils' usage of Popen is not python3 compatible
  • #1644314: build/packaging: el-X (x > 7) isms
  • #1644514: geo-rep: On gluster command failure on slave, worker crashes with python3
  • #1644515: geo-rep: gluster-mountbroker status crashes
  • #1644526: Excessive logging in posix_update_utime_in_mdata
  • #1644622: [Stress] : Mismatching iatt in glustershd logs during MTSH and continous IO from Ganesha mounts
  • #1644645: [AFR] : Start crawling indices and healing only if both data bricks are UP in replica 2 (thin-arbiter)
  • #1646204: CVE-2018-14654 glusterfs: "features/index" translator can create arbitrary, empty files [fedora-all]
  • #1646896: [Geo-Replication] Geo-rep faulty sesion because of the directories are not synced to slave.
  • #1647663: CVE-2018-14651 glusterfs: glusterfs server exploitable via symlinks to relative paths [fedora-all]
  • #1647664: CVE-2018-14653 glusterfs: Heap-based buffer overflow via "gf_getspec_req" RPC message [fedora-all]
  • #1647665: CVE-2018-14659 glusterfs: Unlimited file creation via "GF_XATTR_IOSTATS_DUMP_KEY" xattr allows for denial of service [fedora-all]
  • #1647666: CVE-2018-14661 glusterfs: features/locks translator passes an user-controlled string to snprintf without a proper format string resulting in a denial of service [fedora-all]
  • #1647801: can't enable shared-storage
  • #1647962: CVE-2018-14660 glusterfs: Repeat use of "GF_META_LOCK_KEY" xattr allows for memory exhaustion [fedora-all]
  • #1647968: Seeing defunt translator and discrepancy in volume info when issued from node which doesn't host bricks in that volume
  • #1648923: gfapi: fix bad dict setting of lease-id