FEDORA-2019-b2dfb13daf created by crobinso a year ago for Fedora 30
stable
  • CVE-2019-10161: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (bz #1722463, bz #1720115)
  • CVE-2019-10166: virDomainManagedSaveDefineXML API exposed to readonly clients (bz #1722462, bz #1720114)
  • CVE-2019-10167: arbitrary command execution via virConnectGetDomainCapabilities API (bz #1722464, bz #1720117)
  • CVE-2019-10168: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs (bz #1722466, bz #1720118)
  • CVE-2019-3886: virsh domhostname command discloses guest hostname in readonly mode [fedora-rawhide
  • Cannot start VM with a CBR 2.0 TPM device (bz #1712556)
  • libvirtd does not update VM .xml configurations after virsh snapshot/blockcommit (bz #1722348)

How to install

sudo dnf upgrade --advisory=FEDORA-2019-b2dfb13daf

This update has been submitted for testing by crobinso.

a year ago

This update test gating status has been changed to 'waiting'.

a year ago

This update test gating status has been changed to 'ignored'.

a year ago

This update has been pushed to testing.

12 months ago
User Icon atim provided feedback 12 months ago
karma

crobinso edited this update.

12 months ago
User Icon smithp commented & provided feedback 12 months ago
karma

+1

User Icon frantisekz commented & provided feedback 12 months ago
karma

Works fine

User Icon jlanda provided feedback 11 months ago
karma
User Icon alciregi commented & provided feedback 11 months ago
karma

WFM

User Icon kparal commented & provided feedback 11 months ago
karma

my VMs in virt-manager still work fine

This update has reached the stable karma threshold and can be pushed to stable now if the maintainer wishes.

11 months ago
karma

This update has been submitted for stable by crobinso.

11 months ago

This update has been pushed to stable.

11 months ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
7
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Dates
submitted
a year ago
in testing
12 months ago
in stable
11 months ago
modified
12 months ago
BZ#1694880 CVE-2019-3886 libvirt: virsh domhostname command discloses guest hostname in readonly mode
0
0
BZ#1696055 CVE-2019-3886 libvirt: virsh domhostname command discloses guest hostname in readonly mode [fedora-rawhide]
0
0
BZ#1712556 Cannot start VM with a CBR 2.0 TPM device shows message "Failed to create v1 controller cpu for group: No such file or directory"
0
0
BZ#1720114 CVE-2019-10166 libvirt: virDomainManagedSaveDefineXML API exposed to readonly clients
0
0
BZ#1720115 CVE-2019-10161 libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API
0
0
BZ#1720117 CVE-2019-10167 libvirt: arbitrary command execution via virConnectGetDomainCapabilities API
0
0
BZ#1720118 CVE-2019-10168 libvirt: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs
0
0
BZ#1722348 libvirtd does not update VM .xml configurations on filesystem after virsh snapshot/blockcommit
0
0
BZ#1722462 CVE-2019-10166 libvirt: virDomainManagedSaveDefineXML API exposed to readonly clients [fedora-all]
0
0
BZ#1722463 CVE-2019-10161 libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API [fedora-all]
0
0
BZ#1722464 CVE-2019-10167 libvirt: arbitrary command execution via virConnectGetDomainCapabilities API [fedora-all]
0
0
BZ#1722466 CVE-2019-10168 libvirt: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs [fedora-all]
0
0

Automated Test Results