FEDORA-2019-9210998aaa created by crobinso 6 months ago for Fedora 29
stable
  • CVE-2019-10161: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (bz #1722463, bz #1720115)
  • CVE-2019-10166: virDomainManagedSaveDefineXML API exposed to readonly clients (bz #1722462, bz #1720114)
  • CVE-2019-10167: arbitrary command execution via virConnectGetDomainCapabilities API (bz #1722464, bz #1720117)
  • CVE-2019-10168: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs (bz #1722466, bz #1720118)
  • CVE-2019-3886: virsh domhostname command discloses guest hostname in readonly mode [fedora-rawhide
  • Failed to attache NEW rbd device to guest (bz #1672620)
  • PCI hostdev interface segfault (bz #1692053)

Fix systemd socket permissions (CVE-2019-10132) The virtlockd-admin.socket, virtlogd-admin.sock, virtlockd.socket & virtlogd.socket units must be restarted, if currently running. This can be done with a host reboot or systemctl commands.

How to install

sudo dnf upgrade --advisory=FEDORA-2019-9210998aaa

This update has been submitted for testing by crobinso.

6 months ago

This update test gating status has been changed to 'waiting'.

6 months ago

This update has obsoleted libvirt-4.7.0-4.fc29, and has inherited its bugs and notes.

6 months ago

This update test gating status has been changed to 'ignored'.

6 months ago

This update has been pushed to testing.

6 months ago

This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes

5 months ago

This update has been submitted for stable by crobinso.

5 months ago

This update has been pushed to stable.

5 months ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Dates
submitted
6 months ago
in testing
6 months ago
in stable
5 months ago
BZ#1672620 Failed to attache NEW rbd device to guest
0
0
BZ#1692053 PCI hostdev interface segfault
0
0
BZ#1694880 CVE-2019-3886 libvirt: virsh domhostname command discloses guest hostname in readonly mode
0
0
BZ#1706067 CVE-2019-10132 libvirt: wrong permissions in systemd admin-sock due to missing SocketMode parameter
0
0
BZ#1712498 CVE-2019-10132 libvirt: wrong permissions in systemd admin-sock due to missing SocketMode parameter [fedora-all]
0
0
BZ#1720114 CVE-2019-10166 libvirt: virDomainManagedSaveDefineXML API exposed to readonly clients
0
0
BZ#1720115 CVE-2019-10161 libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API
0
0
BZ#1720117 CVE-2019-10167 libvirt: arbitrary command execution via virConnectGetDomainCapabilities API
0
0
BZ#1720118 CVE-2019-10168 libvirt: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs
0
0
BZ#1722462 CVE-2019-10166 libvirt: virDomainManagedSaveDefineXML API exposed to readonly clients [fedora-all]
0
0
BZ#1722463 CVE-2019-10161 libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API [fedora-all]
0
0
BZ#1722464 CVE-2019-10167 libvirt: arbitrary command execution via virConnectGetDomainCapabilities API [fedora-all]
0
0
BZ#1722466 CVE-2019-10168 libvirt: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs [fedora-all]
0
0

Automated Test Results