Sicherheit: Fehlerhafte Zugriffsrechte in libvirt - Pro-Linux

Name        : libvirt
Product     : Fedora 16
Version     : 0.9.6
Release     : 4.fc16
URL         : http://libvirt.org/
Summary     : Library providing a simple virtualization API
Description :
Libvirt is a C toolkit to interact with the virtualization capabilities
of recent versions of Linux (and other OSes). The main package includes
the libvirtd server exporting the virtualization support.

-------------------------------------------------------------------------------
-
Update Information:

This release of libvirt fixes a minor security problem with extraneous iptables
 rules being added when an externally managed network (new feature in 0.9.4) exists, along with several bugfixes. Another important change in this release is code to automatically convert guest definitions containing the deprecated "fedora-13" machine type over to "pc-0.14" - support for the "fedora-13" machine type will be removed from qemu in Fedora 17, so all guests will need to be reconfigured before that time; the code in this update handles the reconfiguration automatically.
-------------------------------------------------------------------------------
-
ChangeLog:

* Mon Dec 19 2011 Laine Stump <laine@redhat.com> - 0.9.6-4
- replace "fedora-13" machine type with "pc-0.14" to prepare
  systems for removal of "fedora-13" from qemu - Bug 754772
- don't add iptables rules for externally managed networks
  - Buf 765964 / CVE-2011-4600
- specfile changes
  - Bug 761329 don't use chkconfig --list
  - Bug 758896 mark directories in /var/run as ghosts
  - Bug 738725 fix logic bug in deciding to turn on cgconfig
  - Bug 754909 add dmidecode as a prerequisite
- new async-safe time API + make logging async signal sage wrt.
  time stamp generation - Bug 757382 (this required
  enabling autoconf during the build)
* Tue Oct 11 2011 Dan Horák <dan[at]danny.cz> - 0.9.6-3
- xenlight available only on Xen arches (#745020)
-------------------------------------------------------------------------------
-
References:

  [ 1 ] Bug #754772 - Convert all uses of "fedora-13" machine type into
 "pc-0.14"
        https://bugzilla.redhat.com/show_bug.cgi?id=754772
  [ 2 ] Bug #766104 - CVE-2011-4600 libvirt: unintended firewall port exposure
 after restarting libvirtd when defining a bridged forward-mode network [fedora-16]
        https://bugzilla.redhat.com/show_bug.cgi?id=766104
  [ 3 ] Bug #761329 - should use systemctl instead of chkconfig --list
        https://bugzilla.redhat.com/show_bug.cgi?id=761329
  [ 4 ] Bug #758896 - Please Update Spec File to use %ghost on files in
 /var/run and /var/lock
        https://bugzilla.redhat.com/show_bug.cgi?id=758896
  [ 5 ] Bug #757382 - libvirt occasionally has a failure and is non-operational
 afterwards
        https://bugzilla.redhat.com/show_bug.cgi?id=757382
  [ 6 ] Bug #738725 - installing libvirt issues warnings due to outdated spec
 file %postinstalls
        https://bugzilla.redhat.com/show_bug.cgi?id=738725
  [ 7 ] Bug #754909 - libvirt: Failed to find path for dmidecode binary
        https://bugzilla.redhat.com/show_bug.cgi?id=754909
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program.  Use 
su -c 'yum update libvirt' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce