[SECURITY] Fedora 16 Update: libvirt-0.9.6.3-1.fc16
updates at fedoraproject.org
updates at fedoraproject.org
Wed Oct 17 00:29:13 UTC 2012
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-15640
2012-10-08 21:15:56
--------------------------------------------------------------------------------
Name : libvirt
Product : Fedora 16
Version : 0.9.6.3
Release : 1.fc16
URL : http://libvirt.org/
Summary : Library providing a simple virtualization API
Description :
Libvirt is a C toolkit to interact with the virtualization capabilities
of recent versions of Linux (and other OSes). The main package includes
the libvirtd server exporting the virtualization support.
--------------------------------------------------------------------------------
Update Information:
* Rebased to version 0.9.6.3
* CVE-2012-4423 Fix null dereference (bz #857135, bz #857133)
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 7 2012 Cole Robinson <crobinso at redhat.com> - 0.9.6.3-1
- Rebased to version 0.9.6.3
- CVE-2012-4423 Fix null dereference (bz #857135, bz #857133)
* Mon Aug 13 2012 Cole Robinson <crobinso at redhat.com> - 0.9.6.2-1
- Rebased to version 0.9.6.2
- Fix crash in virTypedParameterArrayClear (bz 844745, bz 844734)
* Fri Jun 15 2012 Cole Robinson <crobinso at redhat.com> - 0.9.6.1-1
- Rebased to version 0.9.6.1
- Emit spice graphics events (bz 784813)
- Add usbredir spice channel (bz 821469)
- Add default spice channel (bz 821474)
- Various stream fixes and improvements (bz 743900)
- Fix state syncing when xen domain shuts down (bz 746007)
- Don't show <console> for xen dom0 (bz 752271)
- Fix selinux denial on /usr/libexec/pt_chown from LXC (bz 785411)
- Don't flood LXC log file (bz 785431)
- Fix several double close bugs (bz 827127)
- Fix PCI assignment for USB2.0 controllers (bz 822160)
* Fri Mar 30 2012 Osier Yang <jyang at redhat.com> - 0.9.6-6
- fix typo in chkconfig commandline for specfile - Bug 786890
* Sun Mar 4 2012 Cole Robinson <crobinso at redhat.com> - 0.9.6-5
- Fix crash when migrating many guests with vdsm (bz 785789)
- Fix libvirtd hang in vmware guest (bz 796451)
- Don't start HAL in init script (bz 789234)
- Fix storage lookup errors with empty lvm pool (bz 782261)
- Fix test failures with new gnutls
* Mon Dec 19 2011 Laine Stump <laine at redhat.com> - 0.9.6-4
- replace "fedora-13" machine type with "pc-0.14" to prepare
systems for removal of "fedora-13" from qemu - Bug 754772
- don't add iptables rules for externally managed networks
- Buf 765964 / CVE-2011-4600
- specfile changes
- Bug 761329 don't use chkconfig --list
- Bug 758896 mark directories in /var/run as ghosts
- Bug 738725 fix logic bug in deciding to turn on cgconfig
- Bug 754909 add dmidecode as a prerequisite
- new async-safe time API + make logging async signal sage wrt.
time stamp generation - Bug 757382 (this required
enabling autoconf during the build)
* Tue Oct 11 2011 Dan HorĂ¡k <dan[at]danny.cz> - 0.9.6-3
- xenlight available only on Xen arches (#745020)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #857133 - CVE-2012-4423 libvirt: null function pointer invocation in virNetServerProgramDispatchCall()
https://bugzilla.redhat.com/show_bug.cgi?id=857133
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update libvirt' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list