Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2019.2962
libvirt security, bug fix, and enhancement update
7 August 2019
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: libvirt
Publisher: Red Hat
Operating System: Red Hat Enterprise Linux Server 7
Red Hat Enterprise Linux WS/Desktop 7
Impact/Access: Denial of Service -- Existing Account
Access Confidential Data -- Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2019-3840
Reference: ESB-2019.1295
ESB-2019.0838
Original Bulletin:
https://access.redhat.com/errata/RHSA-2019:2294
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: libvirt security, bug fix, and enhancement update
Advisory ID: RHSA-2019:2294-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2019:2294
Issue date: 2019-08-06
CVE Names: CVE-2019-3840
=====================================================================
1. Summary:
An update for libvirt is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
3. Description:
The libvirt library contains a C API for managing and interacting with the
virtualization capabilities of Linux and other operating systems. In
addition, libvirt provides tools for remote management of virtualized
systems.
Security Fix(es):
* libvirt: NULL pointer dereference after running qemuAgentCommand in
qemuAgentGetInterfaces function (CVE-2019-3840)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.7 Release Notes linked from the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the updated packages, libvirtd will be restarted
automatically.
5. Bugs fixed (https://bugzilla.redhat.com/):
1501450 - Race starting multiple libvirtd user sessions at the same time
1558558 - Enhance detection of host CPU model to avoid guesses based on fea.ture list length
1584663 - [RFE] Add functionality to virsh to mount nfs shares using commands like mountvers, nosuid, nodev.
1592737 - Cannot use a xml file with XML declaration as a input of cpu-compare
1594266 - virt-xml-validate validate fails for volume having backing file
1609454 - nwfilter-binding-create succeed on interface which does not exist
1609720 - Starting VM without source configured for pci-serial device caused libvirtd crash
1612943 - Wrong RESUME event after I/O error
1613737 - Allow the inputvol to be encrypted when creating a volume from another volume
1615680 - Improve --adapter-parent-wwnn,--adapter-parent-wwpn and --adapter-parent-fabric-wwn info for pool-define-as in man page
1628469 - libvirt uses incorrect method to detect that KVM is working
1628892 - Permission denied when start guest with egl-headless display
1631606 - Create luks vol failed when give the user access control for storage-vol API
1631622 - guest with an interface referred to nwfilter killed by libvirt when restart libvirtd with access driver enabled
1632711 - [RHEL] VMs on gluster storage domain can't be migrated
1632833 - scsi host device passthrough limits IO writes
1633077 - domxml-to-native should treat --xml as the default option
1633389 - libvirt creating qemu channels with the wrong permissions
1640465 - [RHHI] Hosted Engine migration fails in gluster storage domain
1641702 - check tsc scaling fea-ture of destination host on migration
1647365 - VIR_DOMAIN_EVENT_SUSPENDED_POSTCOPY is never used in postcopy migration
1652894 - when create vhba without indicating wwpn/wwnn, libvirt will generate duplicated ones
1656360 - when <shareable/> removed from scsi hostdev xml, related chardev's unpriv_sgio not set back to zero.
1657468 - different behaviors when create storage pool via NPIV in RHEL7.5 and RHEL7.6
1658198 - libvirt sends VIR_DOMAIN_EVENT_ID_DEVICE_REMOVED event too soon (before it has finished tearing down the device's resources and objects)
1658406 - mode="host-model" VMs include broken "arch-facilities" flag name [libvirt]
1658652 - Missing librbd1 dependecy for libvirt-daemon-driver-storage-rbd is causing problem with RHEL host upgrade
1660531 - Garbled output on memory locking failure
1663051 - libvirtd encountered sigsegv due to null pointer in virJSONValueObjectHasKey()
1665228 - CVE-2019-3840 libvirt: NULL pointer dereference after running qemuAgentCommand in qemuAgentGetInterfaces function
1665474 - libvirt segfaults with vfio-pci hostdev device
1665553 - Unable to migrate VM's using ceph storage - Unsafe migration: Migration without shared storage is unsafe
1669581 - libvirtd crash when hotplug 'block' type 'lun' device disk without 'sgio' setting to guest
1669586 - Cannot passthrough a iscsi lun to vm as a hostdev device
1672957 - [RHEL 7.7] [libvirt] Backport 07c9d6601 ("qemu: use line breaks in command line args written to log")
1683175 - Don't emit a log error message if ovs-vsctl doesn't support a particular statistic type on a vif
1690122 - RFE: backport upstream patches for polling buffers/caches from balloon driver
1690703 - Fails to query domjobinfo when do snapshot
1691358 - Network filters are not honouring explicitly listed parameters for MAC
1692296 - Attaching a device with a taken address succeeds
1703661 - 'cannot set CPU affinity' error when starting guest
1716387 - internal error: Failed to parse bitmap '' when starting guest
1718172 - NULL pointer access in qemuProcessInitCpuAffinity()
6. Package List:
Red Hat Enterprise Linux Client (v. 7):
Source:
libvirt-4.5.0-23.el7.src.rpm
x86_64:
libvirt-4.5.0-23.el7.x86_64.rpm
libvirt-bash-completion-4.5.0-23.el7.x86_64.rpm
libvirt-client-4.5.0-23.el7.i686.rpm
libvirt-client-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-config-network-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-config-nwfilter-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-interface-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-lxc-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-network-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-nodedev-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-nwfilter-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-qemu-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-secret-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-storage-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-storage-core-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-storage-disk-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-storage-gluster-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-storage-iscsi-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-storage-logical-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-storage-mpath-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-storage-rbd-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-storage-scsi-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-kvm-4.5.0-23.el7.x86_64.rpm
libvirt-debuginfo-4.5.0-23.el7.i686.rpm
libvirt-debuginfo-4.5.0-23.el7.x86_64.rpm
libvirt-libs-4.5.0-23.el7.i686.rpm
libvirt-libs-4.5.0-23.el7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64:
libvirt-admin-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-lxc-4.5.0-23.el7.x86_64.rpm
libvirt-debuginfo-4.5.0-23.el7.i686.rpm
libvirt-debuginfo-4.5.0-23.el7.x86_64.rpm
libvirt-devel-4.5.0-23.el7.i686.rpm
libvirt-devel-4.5.0-23.el7.x86_64.rpm
libvirt-docs-4.5.0-23.el7.x86_64.rpm
libvirt-lock-sanlock-4.5.0-23.el7.x86_64.rpm
libvirt-login-shell-4.5.0-23.el7.x86_64.rpm
libvirt-nss-4.5.0-23.el7.i686.rpm
libvirt-nss-4.5.0-23.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source:
libvirt-4.5.0-23.el7.src.rpm
x86_64:
libvirt-bash-completion-4.5.0-23.el7.x86_64.rpm
libvirt-client-4.5.0-23.el7.i686.rpm
libvirt-client-4.5.0-23.el7.x86_64.rpm
libvirt-debuginfo-4.5.0-23.el7.i686.rpm
libvirt-debuginfo-4.5.0-23.el7.x86_64.rpm
libvirt-libs-4.5.0-23.el7.i686.rpm
libvirt-libs-4.5.0-23.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64:
libvirt-4.5.0-23.el7.x86_64.rpm
libvirt-admin-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-config-network-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-config-nwfilter-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-interface-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-lxc-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-network-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-nodedev-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-nwfilter-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-qemu-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-secret-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-storage-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-storage-core-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-storage-disk-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-storage-gluster-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-storage-iscsi-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-storage-logical-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-storage-mpath-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-storage-rbd-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-storage-scsi-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-kvm-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-lxc-4.5.0-23.el7.x86_64.rpm
libvirt-debuginfo-4.5.0-23.el7.i686.rpm
libvirt-debuginfo-4.5.0-23.el7.x86_64.rpm
libvirt-devel-4.5.0-23.el7.i686.rpm
libvirt-devel-4.5.0-23.el7.x86_64.rpm
libvirt-docs-4.5.0-23.el7.x86_64.rpm
libvirt-lock-sanlock-4.5.0-23.el7.x86_64.rpm
libvirt-login-shell-4.5.0-23.el7.x86_64.rpm
libvirt-nss-4.5.0-23.el7.i686.rpm
libvirt-nss-4.5.0-23.el7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source:
libvirt-4.5.0-23.el7.src.rpm
ppc64:
libvirt-4.5.0-23.el7.ppc64.rpm
libvirt-bash-completion-4.5.0-23.el7.ppc64.rpm
libvirt-client-4.5.0-23.el7.ppc.rpm
libvirt-client-4.5.0-23.el7.ppc64.rpm
libvirt-daemon-4.5.0-23.el7.ppc64.rpm
libvirt-daemon-config-network-4.5.0-23.el7.ppc64.rpm
libvirt-daemon-config-nwfilter-4.5.0-23.el7.ppc64.rpm
libvirt-daemon-driver-interface-4.5.0-23.el7.ppc64.rpm
libvirt-daemon-driver-lxc-4.5.0-23.el7.ppc64.rpm
libvirt-daemon-driver-network-4.5.0-23.el7.ppc64.rpm
libvirt-daemon-driver-nodedev-4.5.0-23.el7.ppc64.rpm
libvirt-daemon-driver-nwfilter-4.5.0-23.el7.ppc64.rpm
libvirt-daemon-driver-qemu-4.5.0-23.el7.ppc64.rpm
libvirt-daemon-driver-secret-4.5.0-23.el7.ppc64.rpm
libvirt-daemon-driver-storage-4.5.0-23.el7.ppc64.rpm
libvirt-daemon-driver-storage-core-4.5.0-23.el7.ppc64.rpm
libvirt-daemon-driver-storage-disk-4.5.0-23.el7.ppc64.rpm
libvirt-daemon-driver-storage-iscsi-4.5.0-23.el7.ppc64.rpm
libvirt-daemon-driver-storage-logical-4.5.0-23.el7.ppc64.rpm
libvirt-daemon-driver-storage-mpath-4.5.0-23.el7.ppc64.rpm
libvirt-daemon-driver-storage-scsi-4.5.0-23.el7.ppc64.rpm
libvirt-debuginfo-4.5.0-23.el7.ppc.rpm
libvirt-debuginfo-4.5.0-23.el7.ppc64.rpm
libvirt-devel-4.5.0-23.el7.ppc.rpm
libvirt-devel-4.5.0-23.el7.ppc64.rpm
libvirt-docs-4.5.0-23.el7.ppc64.rpm
libvirt-libs-4.5.0-23.el7.ppc.rpm
libvirt-libs-4.5.0-23.el7.ppc64.rpm
ppc64le:
libvirt-4.5.0-23.el7.ppc64le.rpm
libvirt-bash-completion-4.5.0-23.el7.ppc64le.rpm
libvirt-client-4.5.0-23.el7.ppc64le.rpm
libvirt-daemon-4.5.0-23.el7.ppc64le.rpm
libvirt-daemon-config-network-4.5.0-23.el7.ppc64le.rpm
libvirt-daemon-config-nwfilter-4.5.0-23.el7.ppc64le.rpm
libvirt-daemon-driver-interface-4.5.0-23.el7.ppc64le.rpm
libvirt-daemon-driver-lxc-4.5.0-23.el7.ppc64le.rpm
libvirt-daemon-driver-network-4.5.0-23.el7.ppc64le.rpm
libvirt-daemon-driver-nodedev-4.5.0-23.el7.ppc64le.rpm
libvirt-daemon-driver-nwfilter-4.5.0-23.el7.ppc64le.rpm
libvirt-daemon-driver-qemu-4.5.0-23.el7.ppc64le.rpm
libvirt-daemon-driver-secret-4.5.0-23.el7.ppc64le.rpm
libvirt-daemon-driver-storage-4.5.0-23.el7.ppc64le.rpm
libvirt-daemon-driver-storage-core-4.5.0-23.el7.ppc64le.rpm
libvirt-daemon-driver-storage-disk-4.5.0-23.el7.ppc64le.rpm
libvirt-daemon-driver-storage-iscsi-4.5.0-23.el7.ppc64le.rpm
libvirt-daemon-driver-storage-logical-4.5.0-23.el7.ppc64le.rpm
libvirt-daemon-driver-storage-mpath-4.5.0-23.el7.ppc64le.rpm
libvirt-daemon-driver-storage-scsi-4.5.0-23.el7.ppc64le.rpm
libvirt-daemon-kvm-4.5.0-23.el7.ppc64le.rpm
libvirt-debuginfo-4.5.0-23.el7.ppc64le.rpm
libvirt-devel-4.5.0-23.el7.ppc64le.rpm
libvirt-docs-4.5.0-23.el7.ppc64le.rpm
libvirt-libs-4.5.0-23.el7.ppc64le.rpm
s390x:
libvirt-4.5.0-23.el7.s390x.rpm
libvirt-bash-completion-4.5.0-23.el7.s390x.rpm
libvirt-client-4.5.0-23.el7.s390.rpm
libvirt-client-4.5.0-23.el7.s390x.rpm
libvirt-daemon-4.5.0-23.el7.s390x.rpm
libvirt-daemon-config-network-4.5.0-23.el7.s390x.rpm
libvirt-daemon-config-nwfilter-4.5.0-23.el7.s390x.rpm
libvirt-daemon-driver-interface-4.5.0-23.el7.s390x.rpm
libvirt-daemon-driver-lxc-4.5.0-23.el7.s390x.rpm
libvirt-daemon-driver-network-4.5.0-23.el7.s390x.rpm
libvirt-daemon-driver-nodedev-4.5.0-23.el7.s390x.rpm
libvirt-daemon-driver-nwfilter-4.5.0-23.el7.s390x.rpm
libvirt-daemon-driver-qemu-4.5.0-23.el7.s390x.rpm
libvirt-daemon-driver-secret-4.5.0-23.el7.s390x.rpm
libvirt-daemon-driver-storage-4.5.0-23.el7.s390x.rpm
libvirt-daemon-driver-storage-core-4.5.0-23.el7.s390x.rpm
libvirt-daemon-driver-storage-disk-4.5.0-23.el7.s390x.rpm
libvirt-daemon-driver-storage-iscsi-4.5.0-23.el7.s390x.rpm
libvirt-daemon-driver-storage-logical-4.5.0-23.el7.s390x.rpm
libvirt-daemon-driver-storage-mpath-4.5.0-23.el7.s390x.rpm
libvirt-daemon-driver-storage-scsi-4.5.0-23.el7.s390x.rpm
libvirt-daemon-kvm-4.5.0-23.el7.s390x.rpm
libvirt-debuginfo-4.5.0-23.el7.s390.rpm
libvirt-debuginfo-4.5.0-23.el7.s390x.rpm
libvirt-devel-4.5.0-23.el7.s390.rpm
libvirt-devel-4.5.0-23.el7.s390x.rpm
libvirt-docs-4.5.0-23.el7.s390x.rpm
libvirt-libs-4.5.0-23.el7.s390.rpm
libvirt-libs-4.5.0-23.el7.s390x.rpm
x86_64:
libvirt-4.5.0-23.el7.x86_64.rpm
libvirt-bash-completion-4.5.0-23.el7.x86_64.rpm
libvirt-client-4.5.0-23.el7.i686.rpm
libvirt-client-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-config-network-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-config-nwfilter-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-interface-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-lxc-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-network-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-nodedev-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-nwfilter-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-qemu-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-secret-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-storage-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-storage-core-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-storage-disk-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-storage-gluster-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-storage-iscsi-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-storage-logical-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-storage-mpath-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-storage-rbd-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-storage-scsi-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-kvm-4.5.0-23.el7.x86_64.rpm
libvirt-debuginfo-4.5.0-23.el7.i686.rpm
libvirt-debuginfo-4.5.0-23.el7.x86_64.rpm
libvirt-devel-4.5.0-23.el7.i686.rpm
libvirt-devel-4.5.0-23.el7.x86_64.rpm
libvirt-docs-4.5.0-23.el7.x86_64.rpm
libvirt-libs-4.5.0-23.el7.i686.rpm
libvirt-libs-4.5.0-23.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64:
libvirt-admin-4.5.0-23.el7.ppc64.rpm
libvirt-daemon-lxc-4.5.0-23.el7.ppc64.rpm
libvirt-debuginfo-4.5.0-23.el7.ppc.rpm
libvirt-debuginfo-4.5.0-23.el7.ppc64.rpm
libvirt-lock-sanlock-4.5.0-23.el7.ppc64.rpm
libvirt-login-shell-4.5.0-23.el7.ppc64.rpm
libvirt-nss-4.5.0-23.el7.ppc.rpm
libvirt-nss-4.5.0-23.el7.ppc64.rpm
ppc64le:
libvirt-admin-4.5.0-23.el7.ppc64le.rpm
libvirt-daemon-lxc-4.5.0-23.el7.ppc64le.rpm
libvirt-debuginfo-4.5.0-23.el7.ppc64le.rpm
libvirt-lock-sanlock-4.5.0-23.el7.ppc64le.rpm
libvirt-login-shell-4.5.0-23.el7.ppc64le.rpm
libvirt-nss-4.5.0-23.el7.ppc64le.rpm
s390x:
libvirt-admin-4.5.0-23.el7.s390x.rpm
libvirt-daemon-lxc-4.5.0-23.el7.s390x.rpm
libvirt-debuginfo-4.5.0-23.el7.s390.rpm
libvirt-debuginfo-4.5.0-23.el7.s390x.rpm
libvirt-lock-sanlock-4.5.0-23.el7.s390x.rpm
libvirt-login-shell-4.5.0-23.el7.s390x.rpm
libvirt-nss-4.5.0-23.el7.s390.rpm
libvirt-nss-4.5.0-23.el7.s390x.rpm
x86_64:
libvirt-admin-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-lxc-4.5.0-23.el7.x86_64.rpm
libvirt-debuginfo-4.5.0-23.el7.i686.rpm
libvirt-debuginfo-4.5.0-23.el7.x86_64.rpm
libvirt-lock-sanlock-4.5.0-23.el7.x86_64.rpm
libvirt-login-shell-4.5.0-23.el7.x86_64.rpm
libvirt-nss-4.5.0-23.el7.i686.rpm
libvirt-nss-4.5.0-23.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source:
libvirt-4.5.0-23.el7.src.rpm
x86_64:
libvirt-4.5.0-23.el7.x86_64.rpm
libvirt-bash-completion-4.5.0-23.el7.x86_64.rpm
libvirt-client-4.5.0-23.el7.i686.rpm
libvirt-client-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-config-network-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-config-nwfilter-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-interface-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-lxc-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-network-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-nodedev-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-nwfilter-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-qemu-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-secret-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-storage-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-storage-core-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-storage-disk-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-storage-gluster-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-storage-iscsi-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-storage-logical-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-storage-mpath-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-storage-rbd-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-driver-storage-scsi-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-kvm-4.5.0-23.el7.x86_64.rpm
libvirt-debuginfo-4.5.0-23.el7.i686.rpm
libvirt-debuginfo-4.5.0-23.el7.x86_64.rpm
libvirt-devel-4.5.0-23.el7.i686.rpm
libvirt-devel-4.5.0-23.el7.x86_64.rpm
libvirt-docs-4.5.0-23.el7.x86_64.rpm
libvirt-libs-4.5.0-23.el7.i686.rpm
libvirt-libs-4.5.0-23.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64:
libvirt-admin-4.5.0-23.el7.x86_64.rpm
libvirt-daemon-lxc-4.5.0-23.el7.x86_64.rpm
libvirt-debuginfo-4.5.0-23.el7.i686.rpm
libvirt-debuginfo-4.5.0-23.el7.x86_64.rpm
libvirt-lock-sanlock-4.5.0-23.el7.x86_64.rpm
libvirt-login-shell-4.5.0-23.el7.x86_64.rpm
libvirt-nss-4.5.0-23.el7.i686.rpm
libvirt-nss-4.5.0-23.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2019-3840
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.7_release_notes/index
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2019 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBXUl3DNzjgjWX9erEAQhrhg//URP3oLtPlvXvZoLPTqSgCzCreg2DpxUL
ckkmRATrG4juO5f1WBBi1OE64fidtb9cl3n8OqMC06dgQK4TxpsWab9diMPw1d0J
pS7kmIo4uSwvxzJVLLZLb5FU75A+qpqycxlpQIoO0rjXJmNvujLb8Slj57U36E2a
2/KcGmbAdQT9VVneT2soLkZNvN+WXKHXoS3LdBFzrPURDB5bAn2zwcl8o9L20U7S
EbyODV5zgOZIUNwB9LdUv/Rs8jyNOmyYgdnX83iHvQDZFhnuLyINYwSR0bHoLWnW
ID+uExdQGKABPkWVPkDWAX3lWzhq5od7DRlKgsXBe50he68ZN8O9GtGU4xmyahZt
HoWHKtkHJ2BeA0q4Qw7avfVZLncGC9mO6s6QuaotMdcnrbV3RQ0nprH6eavy5m3B
LePzIXV0QO6AzoquKLQ7su57uF0o3+B2SBueAYZcacslovFnRvA20vnk3u6z7Tu1
nRxvuFB++Ot6uzibkA1kAr8kruOPrCnzgU0iKaJfvy8LcMwk6O6sszkHVhhNT0lC
W4QWBbKQBE3cWQpw4Nb3DBawcMv7h//JI5+Hu5Ouvu2hJSxMUXrWYyqdblLzdf2e
W0ZGB2REMbfi9zCQCEVvkG2HVB+xXlMu2VowXh4zOwvSelTnAhlX1TkqJstHKmbl
cRUC8yT680g=
=qNGf
- -----END PGP SIGNATURE-----
- --
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBXUpb1GaOgq3Tt24GAQgWPg//el6G4i3DaM7CpQzWQJgE+tVa3baYfoGo
Xair3S2xhyohMyv6pJijdf9EJBQAqYohOm21LPVMpOktjCzbWU+GqGJF5AuRjauM
UERb3vrzBmUcVU9jZaVj1/usw3C6EC2uxn3cwdTTB8eBVNyda5wc6v4C1q2a2DBC
979FQMolRWI4wlOip2gqq39GuUI6O5BLaAwXXLRczNlHHI+dRJuAR8qGYGbpPLiv
0Ra+nyA/1wC398cBwpk8gV05u/AKHLrgjBbVaCVoYLuNuKWboJTeg9oUZohYjO2k
TschFWt6wpbpKpo9hLdck0pQ1oRX6rTJ5N2ht+qrZIx4rYOtWfAC4WYHT5u0WBs0
mV8/B10XdZagDR/Sy0Kvcb7ho/T6w6FgBWH7OiISnPjAZR2UVJrYRfyXmfQm002f
IUws/nq5oUFCisqZlTrUEZpne0JmmipKgdP0c4C0154+LNQJdPSOce+CXOW8bHq2
/i7sFh99UWlOl8j6tB53wH6RD1v/jcvbQfu4FsegrXXeF/eeApEn1eo97mCPlHfx
Iioe1hA+ivb2GHoAV5BaLQkbkVHkfgr9gd4X0NX6GZs4qkt5gtzUzG23GrkIMfjO
+PdS2ksQXIzs/ekv18/U+dn5JySdpa67HBYTP5mY2ZREUmr1VgyhSxFoNSHKaD1n
WU3caDOARrM=
=MPd2
-----END PGP SIGNATURE-----