Release notes for Gluster 4.0.2
Major changes, features and limitations addressed in this release
This release contains a fix for a security vulerability in Gluster as follows, - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1088 - https://nvd.nist.gov/vuln/detail/CVE-2018-1088
Installing the updated packages and restarting gluster services, will update the Gluster shared storage volume volfiles, that are more secure than the defaults currently in place.
Further, for increased security, the Gluster shared storage volume can be TLS
enabled, and access to the same restricted using the
See, this guide for more details.
No Major issues
Bugs addressed since release-4.0.1 are listed below.
- #1558959: [brick-mux] incorrect event-thread scaling in server_reconfigure()
- #1559079: test ./tests/bugs/ec/bug-1236065.t is generating crash on build
- #1559244: enable ownthread feature for glusterfs4_0_fop_prog
- #1561721: Rebalance failures on a dispersed volume with lookup-optimize enabled
- #1562728: SHD is not healing entries in halo replication
- #1564461: gfapi: fix a couple of minor issues
- #1565654: /var/log/glusterfs/bricks/export_vdb.log flooded with this error message "Not able to add to index [Too many links]"
- #1566822: [Remove-brick] Many files were not migrated from the decommissioned bricks; commit results in data loss
- #1569403: EIO errors on some operations when volume has mixed brick versions on a disperse volume
- #1570432: CVE-2018-1088 glusterfs: Privilege escalation via gluster_shared_storage when snapshot scheduling is enabled [fedora-all]