SUSE-SU-2018:0385-1

LOW2.8

Security update for libvirt

Published Feb 7, 2018

Modified 8 years ago

Fix available

Details

Description of the patch:

This update for libvirt provides several fixes.

This security issue was fixed:

CVE-2018-5748: Prevent resource exhaustion via qemuMonitorIORead() method which allowed to cause DoS (bsc#1076500).

These security issues were fixed:

Add a qemu hook script providing functionality similar to Xen's block-dmmd script. (fate#324177)
schema: Make disk driver name attribute optional. (bsc#1073973)
virt-create-rootfs: Handle all SLE 12 versions. (bsc#1072887)
libvirt-guests: Fix the 'stop' operation when action is 'suspend'. (bsc#1070130)

Affected Packages(22 packages)

libvirt

SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Server 12 SP2SUSE Linux Enterprise Server for Raspberry Pi 12 SP2SUSE Linux Enterprise Server for SAP Applications 12 SP2

Fixed in:

2.0.0-27.29.1

libvirt-client

SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Server 12 SP2SUSE Linux Enterprise Server for Raspberry Pi 12 SP2SUSE Linux Enterprise Server for SAP Applications 12 SP2

Fixed in:

2.0.0-27.29.1

libvirt-client-32bit

SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Workstation Extension 12 SP2

Fixed in:

2.0.0-27.29.1

libvirt-daemon

SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Server 12 SP2SUSE Linux Enterprise Server for Raspberry Pi 12 SP2SUSE Linux Enterprise Server for SAP Applications 12 SP2

Fixed in:

2.0.0-27.29.1

libvirt-daemon-config-network

SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Server 12 SP2SUSE Linux Enterprise Server for Raspberry Pi 12 SP2SUSE Linux Enterprise Server for SAP Applications 12 SP2

Fixed in:

2.0.0-27.29.1

libvirt-daemon-config-nwfilter

SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Server 12 SP2SUSE Linux Enterprise Server for Raspberry Pi 12 SP2SUSE Linux Enterprise Server for SAP Applications 12 SP2

Fixed in:

2.0.0-27.29.1

libvirt-daemon-driver-interface

SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Server 12 SP2SUSE Linux Enterprise Server for Raspberry Pi 12 SP2SUSE Linux Enterprise Server for SAP Applications 12 SP2

Fixed in:

2.0.0-27.29.1

libvirt-daemon-driver-libxl

SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Server 12 SP2SUSE Linux Enterprise Server for SAP Applications 12 SP2

Fixed in:

2.0.0-27.29.1

libvirt-daemon-driver-lxc

SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Server 12 SP2SUSE Linux Enterprise Server for Raspberry Pi 12 SP2SUSE Linux Enterprise Server for SAP Applications 12 SP2

Fixed in:

2.0.0-27.29.1

libvirt-daemon-driver-network

SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Server 12 SP2SUSE Linux Enterprise Server for Raspberry Pi 12 SP2SUSE Linux Enterprise Server for SAP Applications 12 SP2

Fixed in:

2.0.0-27.29.1

References

ADVISORY

https://bugzilla.suse.com/1070130

ADVISORY

https://bugzilla.suse.com/1072887

ADVISORY

https://bugzilla.suse.com/1073973

ADVISORY

https://bugzilla.suse.com/1076500

ADVISORY