From c12ded9ebf41c1f3bacda98a20b165a413740b2e Mon Sep 17 00:00:00 2001 From: ShyamsundarR Date: Wed, 14 Nov 2018 11:03:08 -0500 Subject: doc: Release notes for 5.1 release of GlusterFS Change-Id: I526bf9bfd889dd7aea19f71059042cd9a993e1d0 Signed-off-by: ShyamsundarR Fixes: bz#1640685 --- doc/release-notes/5.1.md | 51 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) create mode 100644 doc/release-notes/5.1.md diff --git a/doc/release-notes/5.1.md b/doc/release-notes/5.1.md new file mode 100644 index 00000000000..a583a54cc8f --- /dev/null +++ b/doc/release-notes/5.1.md @@ -0,0 +1,51 @@ +# Release notes for Gluster 5.1 + +This is a bugfix release. The release notes for [5.0](5.0.md) contains a listing of +all the new features that were added and bugs fixed in the GlusterFS 5 stable +release. + +**NOTE:** Next minor release tentative date: Week of 10th December, 2018 + +## Major changes, features and limitations addressed in this release + +This release contains fixes for several security vulnerabilities in Gluster as +follows, +- https://nvd.nist.gov/vuln/detail/CVE-2018-14651 +- https://nvd.nist.gov/vuln/detail/CVE-2018-14652 +- https://nvd.nist.gov/vuln/detail/CVE-2018-14653 +- https://nvd.nist.gov/vuln/detail/CVE-2018-14654 +- https://nvd.nist.gov/vuln/detail/CVE-2018-14659 +- https://nvd.nist.gov/vuln/detail/CVE-2018-14660 +- https://nvd.nist.gov/vuln/detail/CVE-2018-14661 + +## Major issues + +**None** + +## Bugs addressed + +Bugs addressed since release-5.0 are listed below. + +- [#1641429](https://bugzilla.redhat.com/1641429): Gfid mismatch seen on shards when lookup and mknod are in progress at the same time +- [#1641440](https://bugzilla.redhat.com/1641440): [ovirt-gluster] Mount hung and not accessible +- [#1641872](https://bugzilla.redhat.com/1641872): Spurious failures in bug-1637802-arbiter-stale-data-heal-lock.t +- [#1643078](https://bugzilla.redhat.com/1643078): tests/bugs/glusterd/optimized-basic-testcases-in-cluster.t failing +- [#1643402](https://bugzilla.redhat.com/1643402): [Geo-Replication] Geo-rep faulty sesion because of the directories are not synced to slave. +- [#1644158](https://bugzilla.redhat.com/1644158): geo-rep: geo-replication gets stuck after file rename and gfid conflict +- [#1644161](https://bugzilla.redhat.com/1644161): cliutils: geo-rep cliutils' usage of Popen is not python3 compatible +- [#1644314](https://bugzilla.redhat.com/1644314): build/packaging: el-X (x > 7) isms +- [#1644514](https://bugzilla.redhat.com/1644514): geo-rep: On gluster command failure on slave, worker crashes with python3 +- [#1644515](https://bugzilla.redhat.com/1644515): geo-rep: gluster-mountbroker status crashes +- [#1644526](https://bugzilla.redhat.com/1644526): Excessive logging in posix_update_utime_in_mdata +- [#1644622](https://bugzilla.redhat.com/1644622): [Stress] : Mismatching iatt in glustershd logs during MTSH and continous IO from Ganesha mounts +- [#1644645](https://bugzilla.redhat.com/1644645): [AFR] : Start crawling indices and healing only if both data bricks are UP in replica 2 (thin-arbiter) +- [#1646204](https://bugzilla.redhat.com/1646204): CVE-2018-14654 glusterfs: "features/index" translator can create arbitrary, empty files [fedora-all] +- [#1646896](https://bugzilla.redhat.com/1646896): [Geo-Replication] Geo-rep faulty sesion because of the directories are not synced to slave. +- [#1647663](https://bugzilla.redhat.com/1647663): CVE-2018-14651 glusterfs: glusterfs server exploitable via symlinks to relative paths [fedora-all] +- [#1647664](https://bugzilla.redhat.com/1647664): CVE-2018-14653 glusterfs: Heap-based buffer overflow via "gf_getspec_req" RPC message [fedora-all] +- [#1647665](https://bugzilla.redhat.com/1647665): CVE-2018-14659 glusterfs: Unlimited file creation via "GF_XATTR_IOSTATS_DUMP_KEY" xattr allows for denial of service [fedora-all] +- [#1647666](https://bugzilla.redhat.com/1647666): CVE-2018-14661 glusterfs: features/locks translator passes an user-controlled string to snprintf without a proper format string resulting in a denial of service [fedora-all] +- [#1647801](https://bugzilla.redhat.com/1647801): can't enable shared-storage +- [#1647962](https://bugzilla.redhat.com/1647962): CVE-2018-14660 glusterfs: Repeat use of "GF_META_LOCK_KEY" xattr allows for memory exhaustion [fedora-all] +- [#1647968](https://bugzilla.redhat.com/1647968): Seeing defunt translator and discrepancy in volume info when issued from node which doesn't host bricks in that volume +- [#1648923](https://bugzilla.redhat.com/1648923): gfapi: fix bad dict setting of lease-id -- cgit