Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2019.2962 libvirt security, bug fix, and enhancement update 7 August 2019 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: libvirt Publisher: Red Hat Operating System: Red Hat Enterprise Linux Server 7 Red Hat Enterprise Linux WS/Desktop 7 Impact/Access: Denial of Service -- Existing Account Access Confidential Data -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2019-3840 Reference: ESB-2019.1295 ESB-2019.0838 Original Bulletin: https://access.redhat.com/errata/RHSA-2019:2294 - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: libvirt security, bug fix, and enhancement update Advisory ID: RHSA-2019:2294-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:2294 Issue date: 2019-08-06 CVE Names: CVE-2019-3840 ===================================================================== 1. Summary: An update for libvirt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fix(es): * libvirt: NULL pointer dereference after running qemuAgentCommand in qemuAgentGetInterfaces function (CVE-2019-3840) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the updated packages, libvirtd will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1501450 - Race starting multiple libvirtd user sessions at the same time 1558558 - Enhance detection of host CPU model to avoid guesses based on fea.ture list length 1584663 - [RFE] Add functionality to virsh to mount nfs shares using commands like mountvers, nosuid, nodev. 1592737 - Cannot use a xml file with XML declaration as a input of cpu-compare 1594266 - virt-xml-validate validate fails for volume having backing file 1609454 - nwfilter-binding-create succeed on interface which does not exist 1609720 - Starting VM without source configured for pci-serial device caused libvirtd crash 1612943 - Wrong RESUME event after I/O error 1613737 - Allow the inputvol to be encrypted when creating a volume from another volume 1615680 - Improve --adapter-parent-wwnn,--adapter-parent-wwpn and --adapter-parent-fabric-wwn info for pool-define-as in man page 1628469 - libvirt uses incorrect method to detect that KVM is working 1628892 - Permission denied when start guest with egl-headless display 1631606 - Create luks vol failed when give the user access control for storage-vol API 1631622 - guest with an interface referred to nwfilter killed by libvirt when restart libvirtd with access driver enabled 1632711 - [RHEL] VMs on gluster storage domain can't be migrated 1632833 - scsi host device passthrough limits IO writes 1633077 - domxml-to-native should treat --xml as the default option 1633389 - libvirt creating qemu channels with the wrong permissions 1640465 - [RHHI] Hosted Engine migration fails in gluster storage domain 1641702 - check tsc scaling fea-ture of destination host on migration 1647365 - VIR_DOMAIN_EVENT_SUSPENDED_POSTCOPY is never used in postcopy migration 1652894 - when create vhba without indicating wwpn/wwnn, libvirt will generate duplicated ones 1656360 - when <shareable/> removed from scsi hostdev xml, related chardev's unpriv_sgio not set back to zero. 1657468 - different behaviors when create storage pool via NPIV in RHEL7.5 and RHEL7.6 1658198 - libvirt sends VIR_DOMAIN_EVENT_ID_DEVICE_REMOVED event too soon (before it has finished tearing down the device's resources and objects) 1658406 - mode="host-model" VMs include broken "arch-facilities" flag name [libvirt] 1658652 - Missing librbd1 dependecy for libvirt-daemon-driver-storage-rbd is causing problem with RHEL host upgrade 1660531 - Garbled output on memory locking failure 1663051 - libvirtd encountered sigsegv due to null pointer in virJSONValueObjectHasKey() 1665228 - CVE-2019-3840 libvirt: NULL pointer dereference after running qemuAgentCommand in qemuAgentGetInterfaces function 1665474 - libvirt segfaults with vfio-pci hostdev device 1665553 - Unable to migrate VM's using ceph storage - Unsafe migration: Migration without shared storage is unsafe 1669581 - libvirtd crash when hotplug 'block' type 'lun' device disk without 'sgio' setting to guest 1669586 - Cannot passthrough a iscsi lun to vm as a hostdev device 1672957 - [RHEL 7.7] [libvirt] Backport 07c9d6601 ("qemu: use line breaks in command line args written to log") 1683175 - Don't emit a log error message if ovs-vsctl doesn't support a particular statistic type on a vif 1690122 - RFE: backport upstream patches for polling buffers/caches from balloon driver 1690703 - Fails to query domjobinfo when do snapshot 1691358 - Network filters are not honouring explicitly listed parameters for MAC 1692296 - Attaching a device with a taken address succeeds 1703661 - 'cannot set CPU affinity' error when starting guest 1716387 - internal error: Failed to parse bitmap '' when starting guest 1718172 - NULL pointer access in qemuProcessInitCpuAffinity() 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: libvirt-4.5.0-23.el7.src.rpm x86_64: libvirt-4.5.0-23.el7.x86_64.rpm libvirt-bash-completion-4.5.0-23.el7.x86_64.rpm libvirt-client-4.5.0-23.el7.i686.rpm libvirt-client-4.5.0-23.el7.x86_64.rpm libvirt-daemon-4.5.0-23.el7.x86_64.rpm libvirt-daemon-config-network-4.5.0-23.el7.x86_64.rpm libvirt-daemon-config-nwfilter-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-interface-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-lxc-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-network-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-nodedev-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-nwfilter-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-qemu-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-secret-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-storage-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-storage-core-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-storage-disk-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-storage-gluster-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-storage-iscsi-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-storage-logical-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-storage-mpath-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-storage-rbd-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-storage-scsi-4.5.0-23.el7.x86_64.rpm libvirt-daemon-kvm-4.5.0-23.el7.x86_64.rpm libvirt-debuginfo-4.5.0-23.el7.i686.rpm libvirt-debuginfo-4.5.0-23.el7.x86_64.rpm libvirt-libs-4.5.0-23.el7.i686.rpm libvirt-libs-4.5.0-23.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: libvirt-admin-4.5.0-23.el7.x86_64.rpm libvirt-daemon-lxc-4.5.0-23.el7.x86_64.rpm libvirt-debuginfo-4.5.0-23.el7.i686.rpm libvirt-debuginfo-4.5.0-23.el7.x86_64.rpm libvirt-devel-4.5.0-23.el7.i686.rpm libvirt-devel-4.5.0-23.el7.x86_64.rpm libvirt-docs-4.5.0-23.el7.x86_64.rpm libvirt-lock-sanlock-4.5.0-23.el7.x86_64.rpm libvirt-login-shell-4.5.0-23.el7.x86_64.rpm libvirt-nss-4.5.0-23.el7.i686.rpm libvirt-nss-4.5.0-23.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: libvirt-4.5.0-23.el7.src.rpm x86_64: libvirt-bash-completion-4.5.0-23.el7.x86_64.rpm libvirt-client-4.5.0-23.el7.i686.rpm libvirt-client-4.5.0-23.el7.x86_64.rpm libvirt-debuginfo-4.5.0-23.el7.i686.rpm libvirt-debuginfo-4.5.0-23.el7.x86_64.rpm libvirt-libs-4.5.0-23.el7.i686.rpm libvirt-libs-4.5.0-23.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: libvirt-4.5.0-23.el7.x86_64.rpm libvirt-admin-4.5.0-23.el7.x86_64.rpm libvirt-daemon-4.5.0-23.el7.x86_64.rpm libvirt-daemon-config-network-4.5.0-23.el7.x86_64.rpm libvirt-daemon-config-nwfilter-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-interface-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-lxc-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-network-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-nodedev-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-nwfilter-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-qemu-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-secret-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-storage-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-storage-core-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-storage-disk-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-storage-gluster-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-storage-iscsi-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-storage-logical-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-storage-mpath-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-storage-rbd-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-storage-scsi-4.5.0-23.el7.x86_64.rpm libvirt-daemon-kvm-4.5.0-23.el7.x86_64.rpm libvirt-daemon-lxc-4.5.0-23.el7.x86_64.rpm libvirt-debuginfo-4.5.0-23.el7.i686.rpm libvirt-debuginfo-4.5.0-23.el7.x86_64.rpm libvirt-devel-4.5.0-23.el7.i686.rpm libvirt-devel-4.5.0-23.el7.x86_64.rpm libvirt-docs-4.5.0-23.el7.x86_64.rpm libvirt-lock-sanlock-4.5.0-23.el7.x86_64.rpm libvirt-login-shell-4.5.0-23.el7.x86_64.rpm libvirt-nss-4.5.0-23.el7.i686.rpm libvirt-nss-4.5.0-23.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: libvirt-4.5.0-23.el7.src.rpm ppc64: libvirt-4.5.0-23.el7.ppc64.rpm libvirt-bash-completion-4.5.0-23.el7.ppc64.rpm libvirt-client-4.5.0-23.el7.ppc.rpm libvirt-client-4.5.0-23.el7.ppc64.rpm libvirt-daemon-4.5.0-23.el7.ppc64.rpm libvirt-daemon-config-network-4.5.0-23.el7.ppc64.rpm libvirt-daemon-config-nwfilter-4.5.0-23.el7.ppc64.rpm libvirt-daemon-driver-interface-4.5.0-23.el7.ppc64.rpm libvirt-daemon-driver-lxc-4.5.0-23.el7.ppc64.rpm libvirt-daemon-driver-network-4.5.0-23.el7.ppc64.rpm libvirt-daemon-driver-nodedev-4.5.0-23.el7.ppc64.rpm libvirt-daemon-driver-nwfilter-4.5.0-23.el7.ppc64.rpm libvirt-daemon-driver-qemu-4.5.0-23.el7.ppc64.rpm libvirt-daemon-driver-secret-4.5.0-23.el7.ppc64.rpm libvirt-daemon-driver-storage-4.5.0-23.el7.ppc64.rpm libvirt-daemon-driver-storage-core-4.5.0-23.el7.ppc64.rpm libvirt-daemon-driver-storage-disk-4.5.0-23.el7.ppc64.rpm libvirt-daemon-driver-storage-iscsi-4.5.0-23.el7.ppc64.rpm libvirt-daemon-driver-storage-logical-4.5.0-23.el7.ppc64.rpm libvirt-daemon-driver-storage-mpath-4.5.0-23.el7.ppc64.rpm libvirt-daemon-driver-storage-scsi-4.5.0-23.el7.ppc64.rpm libvirt-debuginfo-4.5.0-23.el7.ppc.rpm libvirt-debuginfo-4.5.0-23.el7.ppc64.rpm libvirt-devel-4.5.0-23.el7.ppc.rpm libvirt-devel-4.5.0-23.el7.ppc64.rpm libvirt-docs-4.5.0-23.el7.ppc64.rpm libvirt-libs-4.5.0-23.el7.ppc.rpm libvirt-libs-4.5.0-23.el7.ppc64.rpm ppc64le: libvirt-4.5.0-23.el7.ppc64le.rpm libvirt-bash-completion-4.5.0-23.el7.ppc64le.rpm libvirt-client-4.5.0-23.el7.ppc64le.rpm libvirt-daemon-4.5.0-23.el7.ppc64le.rpm libvirt-daemon-config-network-4.5.0-23.el7.ppc64le.rpm libvirt-daemon-config-nwfilter-4.5.0-23.el7.ppc64le.rpm libvirt-daemon-driver-interface-4.5.0-23.el7.ppc64le.rpm libvirt-daemon-driver-lxc-4.5.0-23.el7.ppc64le.rpm libvirt-daemon-driver-network-4.5.0-23.el7.ppc64le.rpm libvirt-daemon-driver-nodedev-4.5.0-23.el7.ppc64le.rpm libvirt-daemon-driver-nwfilter-4.5.0-23.el7.ppc64le.rpm libvirt-daemon-driver-qemu-4.5.0-23.el7.ppc64le.rpm libvirt-daemon-driver-secret-4.5.0-23.el7.ppc64le.rpm libvirt-daemon-driver-storage-4.5.0-23.el7.ppc64le.rpm libvirt-daemon-driver-storage-core-4.5.0-23.el7.ppc64le.rpm libvirt-daemon-driver-storage-disk-4.5.0-23.el7.ppc64le.rpm libvirt-daemon-driver-storage-iscsi-4.5.0-23.el7.ppc64le.rpm libvirt-daemon-driver-storage-logical-4.5.0-23.el7.ppc64le.rpm libvirt-daemon-driver-storage-mpath-4.5.0-23.el7.ppc64le.rpm libvirt-daemon-driver-storage-scsi-4.5.0-23.el7.ppc64le.rpm libvirt-daemon-kvm-4.5.0-23.el7.ppc64le.rpm libvirt-debuginfo-4.5.0-23.el7.ppc64le.rpm libvirt-devel-4.5.0-23.el7.ppc64le.rpm libvirt-docs-4.5.0-23.el7.ppc64le.rpm libvirt-libs-4.5.0-23.el7.ppc64le.rpm s390x: libvirt-4.5.0-23.el7.s390x.rpm libvirt-bash-completion-4.5.0-23.el7.s390x.rpm libvirt-client-4.5.0-23.el7.s390.rpm libvirt-client-4.5.0-23.el7.s390x.rpm libvirt-daemon-4.5.0-23.el7.s390x.rpm libvirt-daemon-config-network-4.5.0-23.el7.s390x.rpm libvirt-daemon-config-nwfilter-4.5.0-23.el7.s390x.rpm libvirt-daemon-driver-interface-4.5.0-23.el7.s390x.rpm libvirt-daemon-driver-lxc-4.5.0-23.el7.s390x.rpm libvirt-daemon-driver-network-4.5.0-23.el7.s390x.rpm libvirt-daemon-driver-nodedev-4.5.0-23.el7.s390x.rpm libvirt-daemon-driver-nwfilter-4.5.0-23.el7.s390x.rpm libvirt-daemon-driver-qemu-4.5.0-23.el7.s390x.rpm libvirt-daemon-driver-secret-4.5.0-23.el7.s390x.rpm libvirt-daemon-driver-storage-4.5.0-23.el7.s390x.rpm libvirt-daemon-driver-storage-core-4.5.0-23.el7.s390x.rpm libvirt-daemon-driver-storage-disk-4.5.0-23.el7.s390x.rpm libvirt-daemon-driver-storage-iscsi-4.5.0-23.el7.s390x.rpm libvirt-daemon-driver-storage-logical-4.5.0-23.el7.s390x.rpm libvirt-daemon-driver-storage-mpath-4.5.0-23.el7.s390x.rpm libvirt-daemon-driver-storage-scsi-4.5.0-23.el7.s390x.rpm libvirt-daemon-kvm-4.5.0-23.el7.s390x.rpm libvirt-debuginfo-4.5.0-23.el7.s390.rpm libvirt-debuginfo-4.5.0-23.el7.s390x.rpm libvirt-devel-4.5.0-23.el7.s390.rpm libvirt-devel-4.5.0-23.el7.s390x.rpm libvirt-docs-4.5.0-23.el7.s390x.rpm libvirt-libs-4.5.0-23.el7.s390.rpm libvirt-libs-4.5.0-23.el7.s390x.rpm x86_64: libvirt-4.5.0-23.el7.x86_64.rpm libvirt-bash-completion-4.5.0-23.el7.x86_64.rpm libvirt-client-4.5.0-23.el7.i686.rpm libvirt-client-4.5.0-23.el7.x86_64.rpm libvirt-daemon-4.5.0-23.el7.x86_64.rpm libvirt-daemon-config-network-4.5.0-23.el7.x86_64.rpm libvirt-daemon-config-nwfilter-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-interface-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-lxc-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-network-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-nodedev-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-nwfilter-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-qemu-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-secret-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-storage-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-storage-core-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-storage-disk-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-storage-gluster-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-storage-iscsi-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-storage-logical-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-storage-mpath-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-storage-rbd-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-storage-scsi-4.5.0-23.el7.x86_64.rpm libvirt-daemon-kvm-4.5.0-23.el7.x86_64.rpm libvirt-debuginfo-4.5.0-23.el7.i686.rpm libvirt-debuginfo-4.5.0-23.el7.x86_64.rpm libvirt-devel-4.5.0-23.el7.i686.rpm libvirt-devel-4.5.0-23.el7.x86_64.rpm libvirt-docs-4.5.0-23.el7.x86_64.rpm libvirt-libs-4.5.0-23.el7.i686.rpm libvirt-libs-4.5.0-23.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: libvirt-admin-4.5.0-23.el7.ppc64.rpm libvirt-daemon-lxc-4.5.0-23.el7.ppc64.rpm libvirt-debuginfo-4.5.0-23.el7.ppc.rpm libvirt-debuginfo-4.5.0-23.el7.ppc64.rpm libvirt-lock-sanlock-4.5.0-23.el7.ppc64.rpm libvirt-login-shell-4.5.0-23.el7.ppc64.rpm libvirt-nss-4.5.0-23.el7.ppc.rpm libvirt-nss-4.5.0-23.el7.ppc64.rpm ppc64le: libvirt-admin-4.5.0-23.el7.ppc64le.rpm libvirt-daemon-lxc-4.5.0-23.el7.ppc64le.rpm libvirt-debuginfo-4.5.0-23.el7.ppc64le.rpm libvirt-lock-sanlock-4.5.0-23.el7.ppc64le.rpm libvirt-login-shell-4.5.0-23.el7.ppc64le.rpm libvirt-nss-4.5.0-23.el7.ppc64le.rpm s390x: libvirt-admin-4.5.0-23.el7.s390x.rpm libvirt-daemon-lxc-4.5.0-23.el7.s390x.rpm libvirt-debuginfo-4.5.0-23.el7.s390.rpm libvirt-debuginfo-4.5.0-23.el7.s390x.rpm libvirt-lock-sanlock-4.5.0-23.el7.s390x.rpm libvirt-login-shell-4.5.0-23.el7.s390x.rpm libvirt-nss-4.5.0-23.el7.s390.rpm libvirt-nss-4.5.0-23.el7.s390x.rpm x86_64: libvirt-admin-4.5.0-23.el7.x86_64.rpm libvirt-daemon-lxc-4.5.0-23.el7.x86_64.rpm libvirt-debuginfo-4.5.0-23.el7.i686.rpm libvirt-debuginfo-4.5.0-23.el7.x86_64.rpm libvirt-lock-sanlock-4.5.0-23.el7.x86_64.rpm libvirt-login-shell-4.5.0-23.el7.x86_64.rpm libvirt-nss-4.5.0-23.el7.i686.rpm libvirt-nss-4.5.0-23.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: libvirt-4.5.0-23.el7.src.rpm x86_64: libvirt-4.5.0-23.el7.x86_64.rpm libvirt-bash-completion-4.5.0-23.el7.x86_64.rpm libvirt-client-4.5.0-23.el7.i686.rpm libvirt-client-4.5.0-23.el7.x86_64.rpm libvirt-daemon-4.5.0-23.el7.x86_64.rpm libvirt-daemon-config-network-4.5.0-23.el7.x86_64.rpm libvirt-daemon-config-nwfilter-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-interface-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-lxc-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-network-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-nodedev-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-nwfilter-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-qemu-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-secret-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-storage-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-storage-core-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-storage-disk-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-storage-gluster-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-storage-iscsi-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-storage-logical-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-storage-mpath-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-storage-rbd-4.5.0-23.el7.x86_64.rpm libvirt-daemon-driver-storage-scsi-4.5.0-23.el7.x86_64.rpm libvirt-daemon-kvm-4.5.0-23.el7.x86_64.rpm libvirt-debuginfo-4.5.0-23.el7.i686.rpm libvirt-debuginfo-4.5.0-23.el7.x86_64.rpm libvirt-devel-4.5.0-23.el7.i686.rpm libvirt-devel-4.5.0-23.el7.x86_64.rpm libvirt-docs-4.5.0-23.el7.x86_64.rpm libvirt-libs-4.5.0-23.el7.i686.rpm libvirt-libs-4.5.0-23.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: libvirt-admin-4.5.0-23.el7.x86_64.rpm libvirt-daemon-lxc-4.5.0-23.el7.x86_64.rpm libvirt-debuginfo-4.5.0-23.el7.i686.rpm libvirt-debuginfo-4.5.0-23.el7.x86_64.rpm libvirt-lock-sanlock-4.5.0-23.el7.x86_64.rpm libvirt-login-shell-4.5.0-23.el7.x86_64.rpm libvirt-nss-4.5.0-23.el7.i686.rpm libvirt-nss-4.5.0-23.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-3840 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.7_release_notes/index 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXUl3DNzjgjWX9erEAQhrhg//URP3oLtPlvXvZoLPTqSgCzCreg2DpxUL ckkmRATrG4juO5f1WBBi1OE64fidtb9cl3n8OqMC06dgQK4TxpsWab9diMPw1d0J pS7kmIo4uSwvxzJVLLZLb5FU75A+qpqycxlpQIoO0rjXJmNvujLb8Slj57U36E2a 2/KcGmbAdQT9VVneT2soLkZNvN+WXKHXoS3LdBFzrPURDB5bAn2zwcl8o9L20U7S EbyODV5zgOZIUNwB9LdUv/Rs8jyNOmyYgdnX83iHvQDZFhnuLyINYwSR0bHoLWnW ID+uExdQGKABPkWVPkDWAX3lWzhq5od7DRlKgsXBe50he68ZN8O9GtGU4xmyahZt HoWHKtkHJ2BeA0q4Qw7avfVZLncGC9mO6s6QuaotMdcnrbV3RQ0nprH6eavy5m3B LePzIXV0QO6AzoquKLQ7su57uF0o3+B2SBueAYZcacslovFnRvA20vnk3u6z7Tu1 nRxvuFB++Ot6uzibkA1kAr8kruOPrCnzgU0iKaJfvy8LcMwk6O6sszkHVhhNT0lC W4QWBbKQBE3cWQpw4Nb3DBawcMv7h//JI5+Hu5Ouvu2hJSxMUXrWYyqdblLzdf2e W0ZGB2REMbfi9zCQCEVvkG2HVB+xXlMu2VowXh4zOwvSelTnAhlX1TkqJstHKmbl cRUC8yT680g= =qNGf - -----END PGP SIGNATURE----- - -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXUpb1GaOgq3Tt24GAQgWPg//el6G4i3DaM7CpQzWQJgE+tVa3baYfoGo Xair3S2xhyohMyv6pJijdf9EJBQAqYohOm21LPVMpOktjCzbWU+GqGJF5AuRjauM UERb3vrzBmUcVU9jZaVj1/usw3C6EC2uxn3cwdTTB8eBVNyda5wc6v4C1q2a2DBC 979FQMolRWI4wlOip2gqq39GuUI6O5BLaAwXXLRczNlHHI+dRJuAR8qGYGbpPLiv 0Ra+nyA/1wC398cBwpk8gV05u/AKHLrgjBbVaCVoYLuNuKWboJTeg9oUZohYjO2k TschFWt6wpbpKpo9hLdck0pQ1oRX6rTJ5N2ht+qrZIx4rYOtWfAC4WYHT5u0WBs0 mV8/B10XdZagDR/Sy0Kvcb7ho/T6w6FgBWH7OiISnPjAZR2UVJrYRfyXmfQm002f IUws/nq5oUFCisqZlTrUEZpne0JmmipKgdP0c4C0154+LNQJdPSOce+CXOW8bHq2 /i7sFh99UWlOl8j6tB53wH6RD1v/jcvbQfu4FsegrXXeF/eeApEn1eo97mCPlHfx Iioe1hA+ivb2GHoAV5BaLQkbkVHkfgr9gd4X0NX6GZs4qkt5gtzUzG23GrkIMfjO +PdS2ksQXIzs/ekv18/U+dn5JySdpa67HBYTP5mY2ZREUmr1VgyhSxFoNSHKaD1n WU3caDOARrM= =MPd2 -----END PGP SIGNATURE-----