openSUSE Build Service

update for libvirt

This update fixes the following security and non security issues with libvirt:

- bnc#857492: Fix libvirtd crash when hot-plugging disks for qemu
domains (CVE-2013-6458)
- bnc#858817: Don't crash if a connection closes early (CVE-2014-1447)
- bnc#858824: avoid crashing libvirtd when calling `virsh numatune' on
inactive Xen libxl domain (CVE-2013-6457)
- bnc#859051: filter global events by domain:getattr ACL (CVE-2014-0028)
- bnc#817407: Add CAP_SYS_PACCT capability to libvirtd AppArmor profile
- bnc#859041: Following the upstream pattern, introduce the
daemon-config-network subpackage to handle defining the default network
- bnc#857271: Fix initialization of emulated NICs
- bnc#857271: Fix potential segfault in libxl driver when domain create
fails

Submitted by James Fehlig (jfehlig)

Fixed bugs

bnc#817407

When performing device assignment of a Broadcom 57810 NIC on a Guest OS, the guest will not boot.

bnc#857492

VUL-0: CVE-2013-6458: libvirtd: qemu job usage issue in several API leading to libvirtd crash

bnc#859051

VUL-0: CVE-2014-0028: libvirt: event registration bypasses domain:getattr ACL

bnc#857271

Setting up CD ROM as boot media causes installation process to abort: qemu: prepended, but phy: (optical drive) or file: (ISO image) expected

bnc#858824

VUL-0: CVE-2013-6457: libvirt: avoid crashing if calling 'virsh numatune' on an inactive domain (libxl)

bnc#859041

libvirt-daemon has a postinstall check for a file in libvirt-daemon-driver-network

bnc#858817

VUL-0: CVE-2014-1447: libvirt: denial of service with keepalive

Places

Fixed bugs

Selected Binaries

Places