Overview

File _patchinfo of Package patchinfo.8091

<patchinfo incident="8091">
  <issue tracker="bnc" id="1083625">VUL-0: CVE-2018-1064: libvirt: Denial of service reading from guest agent</issue>
  <issue tracker="bnc" id="980558">&lt;numatune&gt;&lt;memory mode='strict' nodeset='X'/&gt;  fails for non node 0.</issue>
  <issue tracker="bnc" id="968483">zypper reloads updated rpms in the wrong order causing libvirt reload to fail</issue>
  <issue tracker="bnc" id="897352">systemd fails to ignore LSB services</issue>
  <issue tracker="bnc" id="956298">virsh domxml-to-native causes segfault of libvirtd</issue>
  <issue tracker="bnc" id="964465">libvirtd.service causes systemd warning about xencommons service</issue>
  <issue tracker="bnc" id="1079869">VUL-0: libvirt: fixes for speculative side channel attacks  aka "SpectreAttack" (var2)</issue>
  <issue tracker="bnc" id="1092885">VUL-0: CVE-2018-3639:  qemu,kvm,libvirt: V4 &#8211; Speculative Store Bypass aka "Memory Disambiguation"</issue>
  <issue tracker="bnc" id="954872">script block-dmmd not working as expected - libxl: error: libxl_dm.c</issue>
  <issue tracker="bnc" id="854343">libvirt installation run inappropriate systemd restart</issue>
  <issue tracker="bnc" id="987527">VUL-1: CVE-2016-5008: libvirt: empty VNC password disables authentication</issue>
  <issue tracker="bnc" id="1076500">VUL-1: CVE-2018-5748: libvirt: resource exhaustion via qemuMonitorIORead() method</issue>
  <issue tracker="cve" id="2017-5715"/>
  <issue tracker="cve" id="2018-1064"/>
  <issue tracker="cve" id="2018-3639"/>
  <issue tracker="cve" id="2016-5008"/>
  <issue tracker="cve" id="2018-5748"/>
  <category>security</category>
  <rating>important</rating>
  <packager>jfehlig</packager>
  <description>This update for libvirt fixes the following issues:

Security issues fixed:

- CVE-2018-3639: Add support for 'ssbd' and 'virt-ssbd' CPUID feature bits to address V4 Speculative Store Bypass aka "Memory Disambiguation" (bsc#1092885).
- CVE-2018-1064: Fix denial of service problem during reading from guest agent (bsc#1083625).
- CVE-2018-5748: Fix resource exhaustion via qemuMonitorIORead() method (bsc#1076500).
- CVE-2016-5008: Fix that an empty VNC password disables authentication (bsc#987527).
- CVE-2017-5715: Fix speculative side channel attacks aka &quot;SpectreAttack&quot; (var2) (bsc#1079869).

Bug fixes:

- bsc#980558: Fix NUMA node memory allocation.
- bsc#968483: Restart daemons in %posttrans after connection drivers.
- bsc#897352: Systemd fails to ignore LSB services.
- bsc#956298: virsh domxml-to-native causes segfault of libvirtd.
- bsc#964465: libvirtd.service causes systemd warning about xencommons service.
- bsc#954872: Script block-dmmd not working as expected.
- bsc#854343: libvirt installation run inappropriate systemd restart.
</description>
  <summary>Security update for libvirt</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places