File _patchinfo of Package patchinfo.9813
<patchinfo incident="9813"> <issue tracker="bnc" id="1123642">When write some notes on Cyrillic in the Guest summary form for KVM and shutdown the guest then it can not start</issue> <issue tracker="bnc" id="1130129">apparmor confined libvirt containers fail to start</issue> <issue tracker="bnc" id="1124667">L3: after to-migrate leftover qemu process with 100% cpu load, although VirtualDomain says exit 0</issue> <issue tracker="bnc" id="1126325">L3: No way to set max_grant_frames for domUs via libvirt</issue> <issue tracker="bnc" id="1112182">[SLES15] VxLAN macvtap interface is not listing in virt-manager GUI in SLES15 OS</issue> <issue tracker="bnc" id="1127458">VUL-0: CVE-2019-3840: libvirt: NULL pointer dereference after running qemuAgentCommand in qemuAgentGetInterfaces function</issue> <issue tracker="bnc" id="1125665">libvirt regression: can't start domains in qemu:///session -- prctl failed to enable 'dac_override' in the AMBIENT set</issue> <issue tracker="bnc" id="1118952">AppArmor profile update</issue> <issue tracker="bnc" id="1081516">Crash kexec not working in Xen HVM domains created by libvirt</issue> <issue tracker="bnc" id="1117058">libvirt needs updated apparmor profile</issue> <issue tracker="bnc" id="1104662">zypper patch executes /usr/bin/systemctl try-restart libvirt-guests.service</issue> <issue tracker="bnc" id="1102604">root only permissions on sev device</issue> <issue tracker="bnc" id="1106420">libvirt-daemon error "virHashSearch:727 : Hash operation not allowed during iteration"</issue> <issue tracker="bnc" id="1108395">Calling the virNodeGetSEVInfo API will crash libvirtd on an AMD SEV enabled host</issue> <issue tracker="bnc" id="1120813">Virsh setmem –config does not preserve memory settings on live migrate</issue> <issue tracker="bnc" id="1108086">Migration of Xen VMs via libvirt can fail on busy hosts</issue> <issue tracker="cve" id="2019-3840"/> <issue tracker="fate" id="325817"/> <category>security</category> <rating>important</rating> <packager>jfehlig</packager> <description>This update for libvirt provides the following fixes: Security issue fixed: - CVE-2019-3840: Fixed a null pointer dereference vulnerability in virJSONValueObjectHasKey function which could have resulted in a remote denial of service via the guest agent (bsc#1127458). Other issues addressed: - apparmor: reintroduce upstream lxc mount rules (bsc#1130129). - hook: encode incoming XML to UTF-8 before passing to lxml etree from string method (bsc#1123642). - supportconfig: collect rotated logs in /var/log/libvirt/* (bsc#1124667). - libxl: support Xen's max_grant_frames setting with maxGrantFrames attribute on the xenbus controller (bsc#1126325). - conf: added new 'xenbus' controller type - util: skip RDMA detection for non-PCI network devices (bsc#1112182). - qemu: don't use CAP_DAC_OVERRIDE capability if non-root (bsc#1125665). - qemu: fix issues related to restricted permissions on /dev/sev(bsc#1102604). - apparmor: add support for named profiles (bsc#1118952). - libxl: save current memory value after successful balloon (bsc#1120813). - apparmor: Fix ptrace rules. (bsc#1117058) - libxl: Add support for soft reset. (bsc#1081516) - libxl: Fix VM migration on busy hosts. (bsc#1108086) - qemu: Add support for SEV guests. (fate#325817) - util: Don't check for parallel iteration in hash-related functions. (bsc#1106420) - spec: Don't restart libvirt-guests when updating libvirt-client. (bsc#1104662) - Fix virNodeGetSEVInfo API crashing libvirtd on AMD SEV enabled hosts. (bsc#1108395) </description> <summary>Security update for libvirt</summary> </patchinfo>
