You are here
Home > Preporuke > Sigurnosni nedostatak programske biblioteke libvirt

Sigurnosni nedostatak programske biblioteke libvirt

openSUSE Security Update: Security update for libvirt
______________________________________________________________________________

Announcement ID: openSUSE-SU-2018:2306-1
Rating: moderate
References: #1074014 #1076861 #1079150 #1087416 #1092885
#1094325 #1094480 #1094725 #1095556 #959329

Cross-References: CVE-2018-3639
Affected Products:
openSUSE Leap 42.3
______________________________________________________________________________

An update that solves one vulnerability and has 9 fixes is
now available.

Description:

This update for libvirt fixes the following issues:

Security issue fixed:

– CVE-2018-3639: Add support for ‘ssbd’ and ‘virt-ssbd’ CPUID feature bits
to address V4 Speculative Store Bypass aka “Memory Disambiguation”
(bsc#1092885).

Bug fixes:

– bsc#1094325: Enable virsh blockresize for XEN guests (FATE#325467).
– bsc#1095556: Fix qemu VM creating with –boot uefi due to missing
AppArmor profile.
– bsc#1094725: Fix `virsh blockresize` to work with Xen qdisks.
– bsc#1094480: Fix `virsh list` to list domains with `xl list`.
– bsc#1087416: Fix missing video device within guest with default
installation by virt-mamanger.
– bsc#1079150: Fix libvirt-guests start dependency.
– bsc#1076861: Fix locking of lockspace resource
‘/devcfs/disks/uatidmsvn1-xvda’.
– bsc#1074014: Fix KVM live migration when shutting down cluster node.
– bsc#959329: Fix wrong state of VMs in virtual manager.

This update was imported from the SUSE:SLE-12-SP3:Update update project.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

– openSUSE Leap 42.3:

zypper in -t patch openSUSE-2018-860=1

Package List:

– openSUSE Leap 42.3 (i586 x86_64):

libvirt-3.3.0-18.1
libvirt-admin-3.3.0-18.1
libvirt-admin-debuginfo-3.3.0-18.1
libvirt-client-3.3.0-18.1
libvirt-client-debuginfo-3.3.0-18.1
libvirt-daemon-3.3.0-18.1
libvirt-daemon-config-network-3.3.0-18.1
libvirt-daemon-config-nwfilter-3.3.0-18.1
libvirt-daemon-debuginfo-3.3.0-18.1
libvirt-daemon-driver-interface-3.3.0-18.1
libvirt-daemon-driver-interface-debuginfo-3.3.0-18.1
libvirt-daemon-driver-lxc-3.3.0-18.1
libvirt-daemon-driver-lxc-debuginfo-3.3.0-18.1
libvirt-daemon-driver-network-3.3.0-18.1
libvirt-daemon-driver-network-debuginfo-3.3.0-18.1
libvirt-daemon-driver-nodedev-3.3.0-18.1
libvirt-daemon-driver-nodedev-debuginfo-3.3.0-18.1
libvirt-daemon-driver-nwfilter-3.3.0-18.1
libvirt-daemon-driver-nwfilter-debuginfo-3.3.0-18.1
libvirt-daemon-driver-qemu-3.3.0-18.1
libvirt-daemon-driver-qemu-debuginfo-3.3.0-18.1
libvirt-daemon-driver-secret-3.3.0-18.1
libvirt-daemon-driver-secret-debuginfo-3.3.0-18.1
libvirt-daemon-driver-storage-3.3.0-18.1
libvirt-daemon-driver-storage-core-3.3.0-18.1
libvirt-daemon-driver-storage-core-debuginfo-3.3.0-18.1
libvirt-daemon-driver-storage-disk-3.3.0-18.1
libvirt-daemon-driver-storage-disk-debuginfo-3.3.0-18.1
libvirt-daemon-driver-storage-iscsi-3.3.0-18.1
libvirt-daemon-driver-storage-iscsi-debuginfo-3.3.0-18.1
libvirt-daemon-driver-storage-logical-3.3.0-18.1
libvirt-daemon-driver-storage-logical-debuginfo-3.3.0-18.1
libvirt-daemon-driver-storage-mpath-3.3.0-18.1
libvirt-daemon-driver-storage-mpath-debuginfo-3.3.0-18.1
libvirt-daemon-driver-storage-scsi-3.3.0-18.1
libvirt-daemon-driver-storage-scsi-debuginfo-3.3.0-18.1
libvirt-daemon-driver-uml-3.3.0-18.1
libvirt-daemon-driver-uml-debuginfo-3.3.0-18.1
libvirt-daemon-driver-vbox-3.3.0-18.1
libvirt-daemon-driver-vbox-debuginfo-3.3.0-18.1
libvirt-daemon-hooks-3.3.0-18.1
libvirt-daemon-lxc-3.3.0-18.1
libvirt-daemon-qemu-3.3.0-18.1
libvirt-daemon-uml-3.3.0-18.1
libvirt-daemon-vbox-3.3.0-18.1
libvirt-debugsource-3.3.0-18.1
libvirt-devel-3.3.0-18.1
libvirt-doc-3.3.0-18.1
libvirt-libs-3.3.0-18.1
libvirt-libs-debuginfo-3.3.0-18.1
libvirt-lock-sanlock-3.3.0-18.1
libvirt-lock-sanlock-debuginfo-3.3.0-18.1
libvirt-nss-3.3.0-18.1
libvirt-nss-debuginfo-3.3.0-18.1

– openSUSE Leap 42.3 (x86_64):

libvirt-client-debuginfo-32bit-3.3.0-18.1
libvirt-daemon-driver-libxl-3.3.0-18.1
libvirt-daemon-driver-libxl-debuginfo-3.3.0-18.1
libvirt-daemon-driver-storage-rbd-3.3.0-18.1
libvirt-daemon-driver-storage-rbd-debuginfo-3.3.0-18.1
libvirt-daemon-xen-3.3.0-18.1
libvirt-devel-32bit-3.3.0-18.1

References:

https://www.suse.com/security/cve/CVE-2018-3639.html
https://bugzilla.suse.com/1074014
https://bugzilla.suse.com/1076861
https://bugzilla.suse.com/1079150
https://bugzilla.suse.com/1087416
https://bugzilla.suse.com/1092885
https://bugzilla.suse.com/1094325
https://bugzilla.suse.com/1094480
https://bugzilla.suse.com/1094725
https://bugzilla.suse.com/1095556
https://bugzilla.suse.com/959329


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

Top
More in Preporuke
Sigurnosni nedostaci jezgre operacijskog sustava

Otkriveni su sigurnosni nedostaci jezgre operacijskog sustava Ubuntu. Otkriveni nedostaci potencijalnim napadačima omogućuju izazivanje DoS stanja, stjecanje uvećanih ovlasti ili...

Close