===== git log ====
commit deafd5a4f8440fa2a6f54595722e6fd1d4b6ed55
Author: Jiffin Tony Thottan <jthottan@redhat.com>
Date:   Thu Sep 6 21:16:06 2018 +0530

    doc: Release notes for v4.1.4
    
    Change-Id: Idfce8b9ec79303b92045e68ab98765f7e2f98940
    fixes: bz#1623161
    Signed-off-by: Jiffin Tony Thottan <jthottan@redhat.com>

commit 39db09af1de261ef3b80ce354e8b1b89a599fd40
Author: Amar Tumballi <amarts@redhat.com>
Date:   Wed Sep 5 19:03:08 2018 +0530

    posix: disable open/read/write on special files
    
    In the file system, the responsibility w.r.to the block and char device
    files is related to only support for 'creating' them (using mknod(2)).
    
    Once the device files are created, the read/write syscalls for the specific
    devices are handled by the device driver registered for the specific major
    number, and depending on the minor number, it knows where to read from.
    Hence, we are at risk of reading contents from devices which are handled
    by the host kernel on server nodes.
    
    By disabling open/read/write on the device file, we would be safe with
    the bypass one can achieve from client side (using gfapi)
    
    Fixes: bz#1625096
    
    Change-Id: I48c776b0af1cbd2a5240862826d3d8918601e47f
    Signed-off-by: Amar Tumballi <amarts@redhat.com>

commit 3c66ee967cf7377595c714693e6e9a70861cf822
Author: Amar Tumballi <amarts@redhat.com>
Date:   Tue Jul 24 13:56:56 2018 +0530

    protocol: don't use alloca
    
    current implementation of alloca can cause issues when strings larger
    than the allocated buffer is passed to the xdr. Hence it makes sense
    to allow XDR decode functions to deal with memory allocations, which
    we can free later.
    
    Fixes: bz#1625097
    
    Change-Id: I3a05553f5702de9575c244649ca0e5ac9abaac94
    Signed-off-by: Amar Tumballi <amarts@redhat.com>


More commit messages for this ChangeLog can be found at
https://forge.gluster.org/glusterfs-core/glusterfs/commits/v4.1.4
