Overview

File _patchinfo of Package patchinfo.6442

<patchinfo incident="6442">
  <issue id="1076500" tracker="bnc">VUL-1: CVE-2018-5748: libvirt: resource exhaustion via qemuMonitorIORead() method</issue>
  <issue id="2018-5748" tracker="cve" />
  <issue id="1072887" tracker="bnc">LXC: virt-create-rootfs script - missing case statement in install_sle function</issue>
  <issue id="1070130" tracker="bnc">Xen host not rebooting with 4 VMs</issue>
  <issue id="1073973" tracker="bnc">Relax-NG validity error : Element domain failed to validate content</issue>
  <issue id="324177" tracker="fate" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>jfehlig</packager>
  <description>This update for libvirt provides several fixes.

This security issue was fixed:

- CVE-2018-5748: Prevent resource exhaustion via qemuMonitorIORead() method which allowed to cause DoS (bsc#1076500).

These security issues were fixed:

- Add a qemu hook script providing functionality similar to Xen's block-dmmd script.
  (fate#324177)
- schema: Make disk driver name attribute optional. (bsc#1073973)
- virt-create-rootfs: Handle all SLE 12 versions. (bsc#1072887)
- libvirt-guests: Fix the 'stop' operation when action is 'suspend'. (bsc#1070130)
</description>
  <summary>Security update for libvirt</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places