FEDORA-2019-9210998aaa created by crobinso a year ago for Fedora 29
stable
  • CVE-2019-10161: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (bz #1722463, bz #1720115)
  • CVE-2019-10166: virDomainManagedSaveDefineXML API exposed to readonly clients (bz #1722462, bz #1720114)
  • CVE-2019-10167: arbitrary command execution via virConnectGetDomainCapabilities API (bz #1722464, bz #1720117)
  • CVE-2019-10168: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs (bz #1722466, bz #1720118)
  • CVE-2019-3886: virsh domhostname command discloses guest hostname in readonly mode [fedora-rawhide
  • Failed to attache NEW rbd device to guest (bz #1672620)
  • PCI hostdev interface segfault (bz #1692053)

Fix systemd socket permissions (CVE-2019-10132) The virtlockd-admin.socket, virtlogd-admin.sock, virtlockd.socket & virtlogd.socket units must be restarted, if currently running. This can be done with a host reboot or systemctl commands.

How to install

sudo dnf upgrade --advisory=FEDORA-2019-9210998aaa

This update has been submitted for testing by crobinso.

a year ago

This update test gating status has been changed to 'waiting'.

a year ago

This update has obsoleted libvirt-4.7.0-4.fc29, and has inherited its bugs and notes.

a year ago

This update test gating status has been changed to 'ignored'.

a year ago

This update has been pushed to testing.

a year ago

This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes

11 months ago

This update has been submitted for stable by crobinso.

11 months ago

This update has been pushed to stable.

11 months ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Dates
submitted
a year ago
in testing
a year ago
in stable
11 months ago
BZ#1672620 Failed to attache NEW rbd device to guest
0
0
BZ#1692053 PCI hostdev interface segfault
0
0
BZ#1694880 CVE-2019-3886 libvirt: virsh domhostname command discloses guest hostname in readonly mode
0
0
BZ#1706067 CVE-2019-10132 libvirt: wrong permissions in systemd admin-sock due to missing SocketMode parameter
0
0
BZ#1712498 CVE-2019-10132 libvirt: wrong permissions in systemd admin-sock due to missing SocketMode parameter [fedora-all]
0
0
BZ#1720114 CVE-2019-10166 libvirt: virDomainManagedSaveDefineXML API exposed to readonly clients
0
0
BZ#1720115 CVE-2019-10161 libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API
0
0
BZ#1720117 CVE-2019-10167 libvirt: arbitrary command execution via virConnectGetDomainCapabilities API
0
0
BZ#1720118 CVE-2019-10168 libvirt: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs
0
0
BZ#1722462 CVE-2019-10166 libvirt: virDomainManagedSaveDefineXML API exposed to readonly clients [fedora-all]
0
0
BZ#1722463 CVE-2019-10161 libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API [fedora-all]
0
0
BZ#1722464 CVE-2019-10167 libvirt: arbitrary command execution via virConnectGetDomainCapabilities API [fedora-all]
0
0
BZ#1722466 CVE-2019-10168 libvirt: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs [fedora-all]
0
0

Automated Test Results