Oracle Errata System
Oracle Linux
5.3
2021-09-09T12:48:39
ELSA-2019-4714: libvirt security update (IMPORTANT)
Oracle Linux 7
[5.0.0-9.el7]
- qemu: remove cpuhostmask and cpuguestmask from virCaps structure (Wim ten
Have) [Orabug: 29956508]
[5.0.0-8.el7]
- api: disallow virDomainSaveImageGetXMLDesc on read-only connections (Jan Tomko) [Orabug: 29955742] {CVE-2019-10161}
- domain: Define explicit flags for saved image xml (Eric Blake) [Orabug: 29955742]
- api: disallow virDomainManagedSaveDefineXML on read-only connections (Jan Tomko) [Orabug: 29955742] {CVE-2019-10166}
- api: disallow virConnectGetDomainCapabilities on read-only connections (Jan Tomko) [Orabug: 29955742] {CVE-2019-10167}
- api: disallow virConnect*HypervisorCPU on read-only connections (Jan Tomko) [Orabug: 29955742] {CVE-2019-10168}
[5.0.0-7.el7]
- cpu_map: Define md-clear CPUID bit (Jiri Denemark) [Orabug: 29874181]
{CVE-2018-12126} {CVE-2018-12127} {CVE-2018-12130} {CVE-2019-11091}
[5.0.0-6.el7]
- qemu: Driver change adding private lock to auto-tune hugepages (Wim ten Have)
[Orabug: 29809943]
[5.0.0-5.el7]
- qemu: disable setmem change requests for vNUMA targets (Wim ten Have) [Orabug: 29797366]
- domain: Disable memballoon memory configuration support for vNUMA guests (Wim ten Have) [Orabug: 29797366]
- qemu: Driver change to target for vNUMA setmaxmem change request (Wim ten Have) [Orabug: 29749852]
- domain: Add domain memory config support for vNUMA guests (Wim ten Have) [Orabug: 29749852]
- logging: restrict sockets to mode 0600 (Daniel P. Berrange) [Orabug: 29861433] {CVE-2019-10132}
- locking: restrict sockets to mode 0600 (Daniel P. Berrange) [Orabug: 29861433] {CVE-2019-10132}
- admin: reject clients unless their UID matches the current UID (Daniel P. Berrange) [Orabug: 29861433] {CVE-2019-10132}
IMPORTANT
Copyright 2019 Oracle, Inc.
CVE-2018-12126
CVE-2018-12130
CVE-2018-12127
CVE-2019-11091
CVE-2019-10167
CVE-2019-10168
CVE-2019-10161
CVE-2019-10166
libvirt-daemon-driver-storage-logical
libvirt-daemon-driver-qemu
libvirt-nss
libvirt-daemon-driver-storage-core
libvirt-daemon-driver-nwfilter
libvirt-login-shell
libvirt-daemon-driver-lxc
libvirt-devel
libvirt-daemon-qemu
libvirt-daemon-lxc
libvirt-daemon
libvirt-daemon-config-nwfilter
libvirt-daemon-driver-storage
libvirt-daemon-driver-interface
libvirt-daemon-config-network
libvirt-daemon-driver-storage-disk
libvirt-admin
libvirt-bash-completion
libvirt-daemon-driver-storage-scsi
libvirt-client
libvirt
libvirt-daemon-driver-network
libvirt-daemon-driver-storage-mpath
libvirt-docs
libvirt-lock-sanlock
libvirt-daemon-driver-storage-gluster
oraclelinux-release
libvirt-libs
libvirt-daemon-kvm
libvirt-daemon-driver-storage-rbd
libvirt-daemon-driver-storage-iscsi
libvirt-daemon-driver-secret
libvirt-daemon-driver-nodedev
72f97b74ec551f03
^7
aarch64
0:5.0.0-9.el7
x86_64