diff options
| -rw-r--r-- | doc/release-notes/3.12.9.md | 32 | 
1 files changed, 32 insertions, 0 deletions
| diff --git a/doc/release-notes/3.12.9.md b/doc/release-notes/3.12.9.md new file mode 100644 index 00000000000..b6d481872c0 --- /dev/null +++ b/doc/release-notes/3.12.9.md @@ -0,0 +1,32 @@ +# Release notes for Gluster 3.12.9 + +This is a bugfix release. The release notes for [3.12.0](3.12.0.md), [3.12.1](3.12.1.md), [3.12.2](3.12.2.md), +[3.12.3](3.12.3.md), [3.12.4](3.12.4.md), [3.12.5](3.12.5.md), [3.12.6](3.12.6.md), [3.12.7](3.12.7.md), and [3.12.8](3.12.8.md) contain a listing of all the new +features that were added and bugs fixed in the GlusterFS 3.12 stable release. + +## Major changes, features and limitations addressed in this release + +This release contains a fix for a security vulerability in Gluster as follows, +- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1088 +- https://nvd.nist.gov/vuln/detail/CVE-2018-1088 + +Installing the updated packages and restarting gluster services, will update the +Gluster shared storage volume volfiles, that are more secure than the defaults +currently in place. + +Further, for increased security, the Gluster shared storage volume can be TLS +enabled, and access to the same restricted using the `auth.ssl-allow` option. +See, this [guide](https://docs.gluster.org/en/v3/Administrator%20Guide/SSL/) for more details. + +## Major issues + +**None** + +## Bugs addressed + +Bugs addressed since release-3.12.8 are listed below. + +- [#1566131](https://bugzilla.redhat.com/1566131): Bringing down data bricks in cyclic order results in arbiter brick becoming the source for heal. +- [#1566820](https://bugzilla.redhat.com/1566820): [Remove-brick] Many files were not migrated from the decommissioned bricks; commit results in data loss +- [#1569407](https://bugzilla.redhat.com/1569407): EIO errors on some operations when volume has mixed brick versions on a disperse volume +- [#1570430](https://bugzilla.redhat.com/1570430): CVE-2018-1088 glusterfs: Privilege escalation via gluster_shared_storage when snapshot scheduling is enabled [fedora-all] | 
