ELSA-2018-3113

ELSA-2018-3113 - libvirt security, bug fix, and enhancement update

Type:SECURITY
Severity:MODERATE
Release Date:2018-11-05

Description


[4.5.0-10]
- conf: correct false boot order error during domain parse (rhbz#1601318)

[4.5.0-9]
- virDomainDefCompatibleDevice: Relax alias change check (rhbz#1621910)
- virDomainDetachDeviceFlags: Clarify update semantics (rhbz#1621910)
- virDomainNetDefCheckABIStability: Check for MTU change too (rhbz#1623157)

[4.5.0-8]
- storage: Add --shrink to qemu-img command when shrinking vol (rhbz#1613746)
- access: Fix nwfilter-binding ACL access API name generation (rhbz#1611320)
- qemu: mdev: Use vfio-pci 'display' property only with vfio-pci mdevs (rhbz#1624735)

[4.5.0-7]
- qemu_migration: Avoid writing to freed memory (rhbz#1593137)
- qemu: hotplug: Fix asynchronous unplug of 'shmem' (rhbz#1618622)
- tests: rename hugepages to hugepages-default (rhbz#1591235)
- tests: extract hugepages-numa-default-dimm out of hugepages-numa (rhbz#1591235)
- tests: rename hugepages-numa into hugepages-numa-default (rhbz#1591235)
- tests: remove unnecessary XML elements from hugepages-numa-default (rhbz#1591235)
- tests: extract pages-discard out of hugepages-pages (rhbz#1591235)
- tests: rename hugepages-pages into hugepages-numa-nodeset (rhbz#1591235)
- tests: rename hugepages-pages2 into hugepages-numa-default-2M (rhbz#1591235)
- tests: extract pages-discard-hugepages out of hugepages-pages3 (rhbz#1591235)
- tests: rename hugepages-pages3 into hugepages-numa-nodeset-part (rhbz#1591235)
- tests: rename hugepages-pages4 into hugepages-numa-nodeset-nonexist (rhbz#1591235)
- tests: rename hugepages-pages5 into hugepages-default-2M (rhbz#1591235)
- tests: rename hugepages-pages6 into hugepages-default-system-size (rhbz#1591235)
- tests: rename hugepages-pages7 into pages-dimm-discard (rhbz#1591235)
- tests: rename hugepages-pages8 into hugepages-nodeset-nonexist (rhbz#1591235)
- tests: introduce hugepages-default-1G-nodeset-2M (rhbz#1591235)
- tests: introduce hugepages-nodeset (rhbz#1591235)
- conf: Move hugepage XML validation check out of qemu_command (rhbz#1591235)
- conf: Move hugepages validation out of XML parser (rhbz#1591235)
- conf: Introduce virDomainDefPostParseMemtune (rhbz#1591235)
- tests: sev: Test launch-security with specific QEMU version (rhbz#1612009)
- qemu: Fix probing of AMD SEV support (rhbz#1612009)
- qemu: caps: Format SEV platform data into qemuCaps cache (rhbz#1612009)

[4.5.0-6]
- qemu: Exempt video model 'none' from getting a PCI address on Q35 (rhbz#1609087)
- conf: Fix a error msg typo in virDomainVideoDefValidate (rhbz#1607825)

[4.5.0-5]
- esx storage: Fix typo lsilogic -> lsiLogic (rhbz#1571759)
- networkGetDHCPLeases: Dont always report error if unable to read leases file (rhbz#1600468)
- nwfilter: Resolve SEGV for NWFilter Snoop processing (rhbz#1599973)
- qemu: Remove unused bypassSecurityDriver from qemuOpenFileAs (rhbz#1589115)
- qemuDomainSaveMemory: Dont enforce dynamicOwnership (rhbz#1589115)
- domain_nwfilter: Return early if net has no name in virDomainConfNWFilterTeardownImpl (rhbz#1607831)
- examples: Add clean-traffic-gateway into nwfilters (rhbz#1603115)

[4.5.0-4]
- qemu: hotplug: dont overwrite error message in qemuDomainAttachNetDevice (rhbz#1598311)
- qemu: hotplug: report error when changing rom enabled attr for net iface (rhbz#1599513)
- qemu: Fix setting global_period cputune element (rhbz#1600427)
- tests: qemucaps: Add test data for upcoming qemu 3.0.0 (rhbz#1475770)
- qemu: capabilities: Add capability for werror/rerror for 'usb-device' frontend (rhbz#1475770)
- qemu: command: Move graphics iteration to its own function (rhbz#1475770)
- qemu: address: Handle all the video devices within a single loop (rhbz#1475770)
- conf: Introduce virDomainVideoDefClear helper (rhbz#1475770)
- conf: Introduce virDomainDefPostParseVideo helper (rhbz#1475770)
- qemu: validate: Enforce compile time switch type checking for videos (rhbz#1475770)
- tests: Add capabilities data for QEMU 2.11 x86_64 (rhbz#1475770)
- tests: Update capabilities data for QEMU 3.0.0 x86_64 (rhbz#1475770)
- qemu: qemuBuildHostdevCommandLine: Use a helper variable mdevsrc (rhbz#1475770)
- qemu: caps: Introduce a capability for egl-headless (rhbz#1475770)
- qemu: Introduce a new graphics display type 'headless' (rhbz#1475770)
- qemu: caps: Add vfio-pci.display capability (rhbz#1475770)
- conf: Introduce virDomainGraphicsDefHasOpenGL helper (rhbz#1475770)
- conf: Replace 'error' with 'cleanup' in virDomainHostdevDefParseXMLSubsys (rhbz#1475770)
- conf: Introduce new attribute 'display' (rhbz#1475770)
- qemu: command: Enable formatting vfio-pci.display option onto cmdline (rhbz#1475770)
- docs: Rephrase the mediated devices hostdev section a bit (rhbz#1475770)
- conf: Introduce new video type 'none' (rhbz#1475770)
- virt-xml-validate: Add schema for nwfilterbinding (rhbz#1600330)
- tools: Fix typo generating adapter_wwpn field (rhbz#1601377)
- src: Fix memory leak in virNWFilterBindingDispose (rhbz#1603025)

[4.5.0-3]
- qemu: hotplug: Do not try to add secret object for TLS if it does not exist (rhbz#1598015)
- qemu: monitor: Make qemuMonitorAddObject more robust against programming errors (rhbz#1598015)
- spec: Explicitly require matching libvirt-libs (rhbz#1600122)
- virDomainConfNWFilterInstantiate: initialize @xml to avoid random crash (rhbz#1599545)
- qemuProcessStartPRDaemonHook: Try to set NS iff domain was started with one (rhbz#1470007)
- qemuDomainValidateStorageSource: Relax PR validation (rhbz#1470007)
- virStoragePRDefFormat: Suppress path formatting for migratable XML (rhbz#1470007)
- qemu: Wire up PR_MANAGER_STATUS_CHANGED event (rhbz#1470007)
- qemu_monitor: Introduce qemuMonitorJSONGetPRManagerInfo (rhbz#1470007)
- qemu: Fetch pr-helper process info on reconnect (rhbz#1470007)
- qemu: Fix ATTRIBUTE_NONNULL for qemuMonitorAddObject (rhbz#1598015)
- virsh.pod: Fix a command name typo in nwfilter-binding-undefine (rhbz#1600329)
- docs: schema: Add missing to vsock device (rhbz#1600345)
- virnetdevtap: Dont crash on !ifname in virNetDevTapInterfaceStats (rhbz#1595184)

[4.5.0-2]
- qemu: Add capability for the HTM pSeries feature (rhbz#1525599)
- conf: Parse and format the HTM pSeries feature (rhbz#1525599)
- qemu: Format the HTM pSeries feature (rhbz#1525599)
- qemu: hotplug: Dont access srcPriv when its not allocated (rhbz#1597550)
- qemuDomainNestedJobAllowed: Allow QEMU_JOB_NONE (rhbz#1598084)
- src: Mention DEVICE_REMOVAL_FAILED event in virDomainDetachDeviceAlias docs (rhbz#1598087)
- virsh.pod: Drop --persistent for detach-device-alias (rhbz#1598087)
- qemu: dont use chardev FD passing with standalone args (rhbz#1598281)
- qemu: remove chardevStdioLogd param from vhostuser code path (rhbz#1597940)
- qemu: consolidate parameters of qemuBuildChrChardevStr into flags (rhbz#1597940)
- qemu: dont use chardev FD passing for vhostuser backend (rhbz#1597940)
- qemu: fix UNIX socket chardevs operating in client mode (rhbz#1598440)
- qemuDomainDeviceDefValidateNetwork: Check for range only if IP prefix set (rhbz#1515533)

[4.5.0-1]
- Rebased to libvirt-4.5.0 (rhbz#1563169)
- The rebase also fixes the following bugs:
rhbz#1291851, rhbz#1393106, rhbz#1468422, rhbz#1469338, rhbz#1526382
rhbz#1529059, rhbz#1541921, rhbz#1544869, rhbz#1552092, rhbz#1568407
rhbz#1583623, rhbz#1584091, rhbz#1585108, rhbz#1586027, rhbz#1588295
rhbz#1588336, rhbz#1589730, rhbz#1590214, rhbz#1591017, rhbz#1591561
rhbz#1591628, rhbz#1591645, rhbz#1593549

[4.4.0-2]
- build: Dont install sysconfig files as scripts (rhbz#1563169)

[4.4.0-1]
- Rebased to libvirt-4.4.0 (rhbz#1563169)
- The rebase also fixes the following bugs:
rhbz#1149445, rhbz#1291851, rhbz#1300772, rhbz#1400475, rhbz#1456165
rhbz#1470007, rhbz#1480668, rhbz#1534418, rhbz#1549531, rhbz#1559284
rhbz#1559835, rhbz#1560946, rhbz#1566416, rhbz#1569861, rhbz#1572491
rhbz#1574089, rhbz#1576916, rhbz#1583484, rhbz#1583927, rhbz#1584071
rhbz#1584073

[4.3.0-1]
- Rebased to libvirt-4.3.0 (rhbz#1563169)
- The rebase also fixes the following bugs:
rhbz#1509870, rhbz#1530451, rhbz#1577920, rhbz#1283700, rhbz#1425757
rhbz#1448149, rhbz#1454709, rhbz#1502754, rhbz#1507737, rhbz#1519130
rhbz#1519146, rhbz#1522706, rhbz#1523564, rhbz#1524399, rhbz#1525496
rhbz#1527740, rhbz#1550980, rhbz#916061, rhbz#1494454, rhbz#1515533
rhbz#1532542, rhbz#1538570, rhbz#1544325, rhbz#1544659, rhbz#1546971
rhbz#1347550, rhbz#1367238, rhbz#1483816, rhbz#1543775, rhbz#1551000
rhbz#1552127, rhbz#1553075, rhbz#1553085, rhbz#1554876, rhbz#1556828
rhbz#1558317, rhbz#1425058, rhbz#1490158, rhbz#1492597, rhbz#1520821
rhbz#1529256, rhbz#1547250, rhbz#1557769, rhbz#1560917, rhbz#1560976
rhbz#1568148, rhbz#1569678, rhbz#1576464


Related CVEs


CVE-2018-6764

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (x86_64) libvirt-4.5.0-10.el7.src.rpm7b9f57271a35965bcb9948dc23067883ELBA-2021-9111
libvirt-4.5.0-10.el7.x86_64.rpm6beb25f9275dd0875c8aaa1e72270ecdELBA-2021-9111
libvirt-admin-4.5.0-10.el7.x86_64.rpm9502db16b97c8cdbffba2f7e9327b975ELBA-2021-9111
libvirt-bash-completion-4.5.0-10.el7.x86_64.rpm6b8fb5435cbb5ee7b2f90bc60de1e1ddELBA-2021-9111
libvirt-client-4.5.0-10.el7.i686.rpm5894c3575c85247317d334efb6da9c54ELBA-2021-9111
libvirt-client-4.5.0-10.el7.x86_64.rpm98ee9d9c23be6c6f05dfe7ff4726b08bELBA-2021-9111
libvirt-daemon-4.5.0-10.el7.x86_64.rpmfebf661731e49b4d9faf3e08054ed177ELBA-2021-9111
libvirt-daemon-config-network-4.5.0-10.el7.x86_64.rpm777a58f33a84a1e938966b549b7026b6ELBA-2021-9111
libvirt-daemon-config-nwfilter-4.5.0-10.el7.x86_64.rpm36c2f3c172f5b6ab3f07b88bf878023bELBA-2021-9111
libvirt-daemon-driver-interface-4.5.0-10.el7.x86_64.rpm96f5e8d1ed98a85d62fdc2634b209bd6ELBA-2021-9111
libvirt-daemon-driver-lxc-4.5.0-10.el7.x86_64.rpmfebb5c7229c14e67b1dc208eee02288aELBA-2021-9111
libvirt-daemon-driver-network-4.5.0-10.el7.x86_64.rpm68cd158f74d70776847bd7774ef0a87cELBA-2021-9111
libvirt-daemon-driver-nodedev-4.5.0-10.el7.x86_64.rpmaa45670c53497b418b3fe106a59eabb0ELBA-2021-9111
libvirt-daemon-driver-nwfilter-4.5.0-10.el7.x86_64.rpm00a967a9f3f87e99c460d0ea5e79772bELBA-2021-9111
libvirt-daemon-driver-qemu-4.5.0-10.el7.x86_64.rpm61abc5ed0f55521db87a60a3a76f956eELBA-2021-9111
libvirt-daemon-driver-secret-4.5.0-10.el7.x86_64.rpmf6c1836f5de8d7c9529d4bd43bf1d954ELBA-2021-9111
libvirt-daemon-driver-storage-4.5.0-10.el7.x86_64.rpme29f7dca6c5a8c3f77a2ca2db652e159ELBA-2021-9111
libvirt-daemon-driver-storage-core-4.5.0-10.el7.x86_64.rpm0d94b0d52d335c41b7f2cccf735366fbELBA-2021-9111
libvirt-daemon-driver-storage-disk-4.5.0-10.el7.x86_64.rpma5dd48f8cbe1fff3fb8b54389f768147ELBA-2021-9111
libvirt-daemon-driver-storage-gluster-4.5.0-10.el7.x86_64.rpm446d446ef1e6f209637d439458b42846ELBA-2021-9111
libvirt-daemon-driver-storage-iscsi-4.5.0-10.el7.x86_64.rpmc872af5c609aaf3051b7e0862d846412ELBA-2021-9111
libvirt-daemon-driver-storage-logical-4.5.0-10.el7.x86_64.rpm527a54014d2be45a8f7c3c2a5c69b235ELBA-2021-9111
libvirt-daemon-driver-storage-mpath-4.5.0-10.el7.x86_64.rpmaf43669f1ef393af1f9fcb4671cea49fELBA-2021-9111
libvirt-daemon-driver-storage-rbd-4.5.0-10.el7.x86_64.rpm527bc9c332eb85548a67d4bd9e8510a5ELBA-2021-9111
libvirt-daemon-driver-storage-scsi-4.5.0-10.el7.x86_64.rpm72ae68974b583aa50db066758c23b75bELBA-2021-9111
libvirt-daemon-kvm-4.5.0-10.el7.x86_64.rpmf5cc9d8e678a11a3839087091cb3da46ELBA-2021-9111
libvirt-daemon-lxc-4.5.0-10.el7.x86_64.rpme03500566557ed7f915360a84f81cba8ELBA-2021-9111
libvirt-devel-4.5.0-10.el7.i686.rpm59b606268f2e4e04502372b28642845aELBA-2021-9111
libvirt-devel-4.5.0-10.el7.x86_64.rpmf9ca251f60bb762ea6c08824028e729aELBA-2021-9111
libvirt-docs-4.5.0-10.el7.x86_64.rpm5d352574a740a2a44675003457b8db9fELBA-2021-9111
libvirt-libs-4.5.0-10.el7.i686.rpm9ab0fb6ba6a225faf59e4b58125ce4f6ELBA-2021-9111
libvirt-libs-4.5.0-10.el7.x86_64.rpmb7d8db1c7cf9bd37f601bf12f0330c6dELBA-2021-9111
libvirt-lock-sanlock-4.5.0-10.el7.x86_64.rpm7256e80ff1719d92fcddf9fd6f061724ELBA-2021-9111
libvirt-login-shell-4.5.0-10.el7.x86_64.rpmae65e738c22b82ef0044c54c76db507aELBA-2021-9111
libvirt-nss-4.5.0-10.el7.i686.rpme0230dfbb315ba821da4615ec010bfcfELBA-2021-9111
libvirt-nss-4.5.0-10.el7.x86_64.rpma25e0485f6f28572acba53b2e724bddcELBA-2021-9111



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete