Overview Repositories Revisions Requests Users Attributes Meta
Security update for libvirt

This update for libvirt provides the following fixes:

Security issue fixed:

- CVE-2019-3840: Fixed a null pointer dereference vulnerability in virJSONValueObjectHasKey function which could
have resulted in a remote denial of service via the guest agent (bsc#1127458).

Other issues addressed:

- apparmor: reintroduce upstream lxc mount rules (bsc#1130129).
- hook: encode incoming XML to UTF-8 before passing to lxml etree from string method (bsc#1123642).
- supportconfig: collect rotated logs in /var/log/libvirt/* (bsc#1124667).
- libxl: support Xen's max_grant_frames setting with maxGrantFrames attribute on the xenbus controller (bsc#1126325).
- conf: added new 'xenbus' controller type
- util: skip RDMA detection for non-PCI network devices (bsc#1112182).
- qemu: don't use CAP_DAC_OVERRIDE capability if non-root (bsc#1125665).
- qemu: fix issues related to restricted permissions on /dev/sev(bsc#1102604).
- apparmor: add support for named profiles (bsc#1118952).
- libxl: save current memory value after successful balloon (bsc#1120813).
- apparmor: Fix ptrace rules. (bsc#1117058)
- libxl: Add support for soft reset. (bsc#1081516)
- libxl: Fix VM migration on busy hosts. (bsc#1108086)
- qemu: Add support for SEV guests. (fate#325817)
- util: Don't check for parallel iteration in hash-related functions. (bsc#1106420)
- spec: Don't restart libvirt-guests when updating libvirt-client. (bsc#1104662)
- Fix virNodeGetSEVInfo API crashing libvirtd on AMD SEV enabled hosts. (bsc#1108395)

This update was imported from the SUSE:SLE-15:Update update project.

Fixed bugs
bnc#1123642
When write some notes on Cyrillic in the Guest summary form for KVM and shutdown the guest then it can not start
bnc#1130129
apparmor confined libvirt containers fail to start
bnc#1124667
L3: after to-migrate leftover qemu process with 100% cpu load, although VirtualDomain says exit 0
bnc#1126325
L3: No way to set max_grant_frames for domUs via libvirt
bnc#1112182
[SLES15] VxLAN macvtap interface is not listing in virt-manager GUI in SLES15 OS
bnc#1127458
VUL-0: CVE-2019-3840: libvirt: NULL pointer dereference after running qemuAgentCommand in qemuAgentGetInterfaces function
bnc#1125665
libvirt regression: can't start domains in qemu:///session -- prctl failed to enable 'dac_override' in the AMBIENT set
bnc#1118952
AppArmor profile update
bnc#1081516
Crash kexec not working in Xen HVM domains created by libvirt
bnc#1117058
libvirt needs updated apparmor profile
bnc#1104662
zypper patch executes /usr/bin/systemctl try-restart libvirt-guests.service
bnc#1102604
root only permissions on sev device
bnc#1106420
libvirt-daemon error "virHashSearch:727 : Hash operation not allowed during iteration"
bnc#1108395
Calling the virNodeGetSEVInfo API will crash libvirtd on an AMD SEV enabled host
bnc#1120813
Virsh setmem –config does not preserve memory settings on live migrate
bnc#1108086
Migration of Xen VMs via libvirt can fail on busy hosts
CVE-2019-3840
fate#325817
Selected Binaries
openSUSE Build Service is sponsored by
Places