Sicherheit: Fehlerhafte Zugriffsrechte in libvirt
Aktuelle Meldungen Distributionen
Name: Fehlerhafte Zugriffsrechte in libvirt
ID: FEDORA-2011-17267
Distribution: Fedora
Plattformen: Fedora 16
Datum: Fr, 6. Januar 2012, 11:33
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4600
Applikationen: libvirt


Name        : libvirt
Product : Fedora 16
Version : 0.9.6
Release : 4.fc16
URL : http://libvirt.org/
Summary : Library providing a simple virtualization API
Description :
Libvirt is a C toolkit to interact with the virtualization capabilities
of recent versions of Linux (and other OSes). The main package includes
the libvirtd server exporting the virtualization support.

Update Information:

This release of libvirt fixes a minor security problem with extraneous iptables
rules being added when an externally managed network (new feature in 0.9.4) exists, along with several bugfixes. Another important change in this release is code to automatically convert guest definitions containing the deprecated "fedora-13" machine type over to "pc-0.14" - support for the "fedora-13" machine type will be removed from qemu in Fedora 17, so all guests will need to be reconfigured before that time; the code in this update handles the reconfiguration automatically.

* Mon Dec 19 2011 Laine Stump <laine@redhat.com> - 0.9.6-4
- replace "fedora-13" machine type with "pc-0.14" to prepare
systems for removal of "fedora-13" from qemu - Bug 754772
- don't add iptables rules for externally managed networks
- Buf 765964 / CVE-2011-4600
- specfile changes
- Bug 761329 don't use chkconfig --list
- Bug 758896 mark directories in /var/run as ghosts
- Bug 738725 fix logic bug in deciding to turn on cgconfig
- Bug 754909 add dmidecode as a prerequisite
- new async-safe time API + make logging async signal sage wrt.
time stamp generation - Bug 757382 (this required
enabling autoconf during the build)
* Tue Oct 11 2011 Dan Horák <dan[at]danny.cz> - 0.9.6-3
- xenlight available only on Xen arches (#745020)

[ 1 ] Bug #754772 - Convert all uses of "fedora-13" machine type into
[ 2 ] Bug #766104 - CVE-2011-4600 libvirt: unintended firewall port exposure
after restarting libvirtd when defining a bridged forward-mode network [fedora-16]
[ 3 ] Bug #761329 - should use systemctl instead of chkconfig --list
[ 4 ] Bug #758896 - Please Update Spec File to use %ghost on files in
/var/run and /var/lock
[ 5 ] Bug #757382 - libvirt occasionally has a failure and is non-operational
[ 6 ] Bug #738725 - installing libvirt issues warnings due to outdated spec
file %postinstalls
[ 7 ] Bug #754909 - libvirt: Failed to find path for dmidecode binary

This update can be installed with the "yum" update program. Use
su -c 'yum update libvirt' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list
Neue Nachrichten