Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: <riehecky-13hema8v3vg <at> public.gmane.org>
Subject: Security ERRATA Low: libguestfs on SL6.x x86_64
Newsgroups: gmane.linux.scientific.errata
Date: Monday 9th July 2012 15:04:48 UTC (over 4 years ago)
Synopsis:    Low: libguestfs security, bug fix, and enhancement update
Issue Date:  2012-06-20
CVE Numbers: CVE-2012-2690


libguestfs is a library for accessing and modifying guest disk images.

It was found that editing files with virt-edit left said files in a
world-readable state (and did not preserve the file owner or
Security-Enhanced Linux context). If an administrator on the host used
virt-edit to edit a file inside a guest, the file would be left with
world-readable permissions. This could lead to unprivileged guest users
accessing files they would otherwise be unable to. (CVE-2012-2690)

These updated libguestfs packages include numerous bug fixes and
enhancements.

Users of libguestfs are advised to upgrade to these updated packages, which
fix these issues and add these enhancements.

SL6:
  x86_64
     libguestfs-1.16.19-1.el6.x86_64.rpm
     libguestfs-debuginfo-1.16.19-1.el6.x86_64.rpm
     libguestfs-devel-1.16.19-1.el6.x86_64.rpm
     libguestfs-java-1.16.19-1.el6.x86_64.rpm
     libguestfs-java-devel-1.16.19-1.el6.x86_64.rpm
     libguestfs-javadoc-1.16.19-1.el6.x86_64.rpm
     libguestfs-tools-1.16.19-1.el6.x86_64.rpm
     libguestfs-tools-c-1.16.19-1.el6.x86_64.rpm
     ocaml-libguestfs-1.16.19-1.el6.x86_64.rpm
     ocaml-libguestfs-devel-1.16.19-1.el6.x86_64.rpm
     perl-Sys-Guestfs-1.16.19-1.el6.x86_64.rpm
     python-libguestfs-1.16.19-1.el6.x86_64.rpm
     ruby-libguestfs-1.16.19-1.el6.x86_64.rpm

- Scientific Linux Development Team
 
CD: 3ms