Type: | SECURITY |
Severity: | MODERATE |
Release Date: | 2013-11-26 |
[1:1.20.11-2]
- Fix CVE-2013-4419: insecure temporary directory handling for
guestfish's network socket
resolves: rhbz#1019737
[1:1.20.11-1]
- Rebase to libguestfs 1.20.11.
resolves: rhbz#958183
- Remove buildnet: builds now detect network automatically.
- The rhel-6.x branches containing the patches used in RHEL are
now stored on a public git repository
(https://github.com/libguestfs/libguestfs/branches).
- Compare spec file to Fedora 18 and fix where necessary.
- Backport new APIs part-get-gpt-type and part-set-gpt-type
resolves: rhbz#965495
- Fix DoS (abort) due to a double free flaw when inspecting certain guest
files / images (CVE-2013-2124)
resolves: rhbz#968337
- libguestfs-devel should depend on an explicit version of
libguestfs-tools-c, in order that the latest package is pulled in.
- Rebuild against Augeas >= 1.0.0-5
resolves: rhbz#971207
- Backport Windows inspection changes
resolves: rhbz#971090
- Add back state test commands to guestfish
resolves: rhbz#971664
- Work around problem with ntfsresize command in RHEL 6
resolves: rhbz#971326
- Fix txz-out API
resolves: rhbz#972413
- Move virt-sysprep to the libguestfs-tools-c package since it's no longer
a shell script
resolves: rhbz#975572
- Fix hostname inspection because of faulty Augeas path expression
resolves: rhbz#975377
- Calculate appliance root correctly when iface drives are added
resolves: rhbz#975760
- Add notes about resizing Windows disk images to virt-resize documentation
resolves: rhbz#975753
- Remove dependency on lsscsi, not available in 6Client
resolves: rhbz#973425
- Fix yum cache copy so it works if there are multiple repos
resolves: rhbz#980502
- Fix hivex-commit API to fail with relative paths
resolves: rhbz#980372
- Better documentation for filesystem-available API
resolves: rhbz#980358
- Fix double free when kernel link fails during launch
resolves: rhbz#983690
- Fix virt-sysprep --firstboot option
resolves: rhbz#988863
- Fix cap-get-file so it returns empty string instead of error on no cap
resolves: rhbz#989352
- Better documentation for acl-set-file
resolves: rhbz#985269
- Fix bogus waitpid error when using guestfish --remote
resolves: rhbz#996825
- Disable 9p support
resolves: rhbz#997884
- Document that guestfish --remote doesn't work with certain other arguments
resolves: rhbz#996039
- Enable kvmclock in the appliance to reduce clock instability
resolves: rhbz#998108
- Fix 'sh' command before mount causes daemon to segfault
resolves: rhbz#1000122
- Various fixes to tar-out 'excludes' (RHBZ#1001875)
- Document use of glob + rsync-out (RHBZ#1001876)
- Document mke2fs blockscount (RHBZ#1002032)
CVE-2013-4419 |
Release/Architecture | Filename | MD5sum | Superseded By Advisory |
Oracle Linux 6 (x86_64) | libguestfs-1.20.11-2.el6.src.rpm | 5124fc7416bb964c9733436a02cf4dfb | ELSA-2017-0564 |
libguestfs-1.20.11-2.el6.x86_64.rpm | a0ba7016e50975b0b6e3de45bc924794 | ELSA-2017-0564 | |
libguestfs-devel-1.20.11-2.el6.x86_64.rpm | 7fcaacf70d58179cd1ca9258a0212e82 | ELSA-2017-0564 | |
libguestfs-java-1.20.11-2.el6.x86_64.rpm | bf7c5572f8c093a46c63c29634f741b4 | ELSA-2017-0564 | |
libguestfs-java-devel-1.20.11-2.el6.x86_64.rpm | 629d6604600586013372ad6110572e23 | ELSA-2017-0564 | |
libguestfs-javadoc-1.20.11-2.el6.x86_64.rpm | eb8eecee28eb931286f8b4333b351154 | ELSA-2017-0564 | |
libguestfs-tools-1.20.11-2.el6.x86_64.rpm | a36e9effe8ac3d9c0e219da41081934d | ELSA-2017-0564 | |
libguestfs-tools-c-1.20.11-2.el6.x86_64.rpm | 97c30266fda1b32ea04f9863b00942ec | ELSA-2017-0564 | |
ocaml-libguestfs-1.20.11-2.el6.x86_64.rpm | b983ce95d9c7a29cec4c301778ce779b | ELSA-2017-0564 | |
ocaml-libguestfs-devel-1.20.11-2.el6.x86_64.rpm | e0848a2aa65c90091966eef427b8b6c7 | ELSA-2017-0564 | |
perl-Sys-Guestfs-1.20.11-2.el6.x86_64.rpm | 74d2807a6ca7274fc796b3c9fa9cf82f | ELSA-2017-0564 | |
python-libguestfs-1.20.11-2.el6.x86_64.rpm | f68c141f3d70d97fe47610d9067d4488 | ELSA-2017-0564 | |
ruby-libguestfs-1.20.11-2.el6.x86_64.rpm | 035dd34c6f643a8bcf47e97f33725272 | ELSA-2017-0564 |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team