Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: Pat Riehecky <riehecky-13hema8v3vg <at> public.gmane.org>
Subject: Security ERRATA Low: libvirt on SL5.x i386/x86_64
Newsgroups: gmane.linux.scientific.errata
Date: Wednesday 16th January 2013 22:10:27 UTC (over 3 years ago)
Synopsis:          Low: libvirt security and bug fix update
Issue Date:        2013-01-08
CVE Numbers:       CVE-2012-2693
--

Bus and device IDs were ignored when attempting to attach multiple USB 
devices
with identical vendor or product IDs to a guest. This could result in 
the wrong
device being attached to a guest, giving that guest root access to the 
device.
(CVE-2012-2693)

This update also fixes the following bugs:

* Previously, the libvirtd library failed to set the autostart flags for
already defined QEMU domains. This bug has been fixed, and the domains 
can now
be successfully marked as autostarted.

* Prior to this update, the virFileAbsPath() function was not taking into
account the slash ("/") directory separator when allocating memory for
combining the cwd() function and a path. This behavior could lead to a 
memory
corruption. With this update, a transformation to the virAsprintff() 
function
has been introduced into virFileAbsPath(). As a result, the aforementioned
behavior no longer occurs.

* With this update, a man page of the virsh user interface has been
enhanced
with information on the "domxml-from-native" and "domxml-to-native" 
commands. A
correct notation of the format argument has been clarified. As a result,
confusion is avoided when setting the format argument in the described
commands.

After installing the updated packages, libvirtd will be restarted
automatically.
--

SL5
   x86_64
     libvirt-0.8.2-29.el5.i386.rpm
     libvirt-0.8.2-29.el5.x86_64.rpm
     libvirt-debuginfo-0.8.2-29.el5.i386.rpm
     libvirt-debuginfo-0.8.2-29.el5.x86_64.rpm
     libvirt-devel-0.8.2-29.el5.i386.rpm
     libvirt-devel-0.8.2-29.el5.x86_64.rpm
     libvirt-python-0.8.2-29.el5.x86_64.rpm
   i386
     libvirt-0.8.2-29.el5.i386.rpm
     libvirt-debuginfo-0.8.2-29.el5.i386.rpm
     libvirt-devel-0.8.2-29.el5.i386.rpm
     libvirt-python-0.8.2-29.el5.i386.rpm

- Scientific Linux Development Team
 
CD: 290ms