[SECURITY] Fedora 16 Update: libvirt-0.9.6-4.fc16
updates at fedoraproject.org
updates at fedoraproject.org
Thu Jan 5 21:00:08 UTC 2012
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-17267
2011-12-22 21:43:19
--------------------------------------------------------------------------------
Name : libvirt
Product : Fedora 16
Version : 0.9.6
Release : 4.fc16
URL : http://libvirt.org/
Summary : Library providing a simple virtualization API
Description :
Libvirt is a C toolkit to interact with the virtualization capabilities
of recent versions of Linux (and other OSes). The main package includes
the libvirtd server exporting the virtualization support.
--------------------------------------------------------------------------------
Update Information:
This release of libvirt fixes a minor security problem with extraneous iptables rules being added when an externally managed network (new feature in 0.9.4) exists, along with several bugfixes. Another important change in this release is code to automatically convert guest definitions containing the deprecated "fedora-13" machine type over to "pc-0.14" - support for the "fedora-13" machine type will be removed from qemu in Fedora 17, so all guests will need to be reconfigured before that time; the code in this update handles the reconfiguration automatically.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 19 2011 Laine Stump <laine at redhat.com> - 0.9.6-4
- replace "fedora-13" machine type with "pc-0.14" to prepare
systems for removal of "fedora-13" from qemu - Bug 754772
- don't add iptables rules for externally managed networks
- Buf 765964 / CVE-2011-4600
- specfile changes
- Bug 761329 don't use chkconfig --list
- Bug 758896 mark directories in /var/run as ghosts
- Bug 738725 fix logic bug in deciding to turn on cgconfig
- Bug 754909 add dmidecode as a prerequisite
- new async-safe time API + make logging async signal sage wrt.
time stamp generation - Bug 757382 (this required
enabling autoconf during the build)
* Tue Oct 11 2011 Dan HorĂ¡k <dan[at]danny.cz> - 0.9.6-3
- xenlight available only on Xen arches (#745020)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #754772 - Convert all uses of "fedora-13" machine type into "pc-0.14"
https://bugzilla.redhat.com/show_bug.cgi?id=754772
[ 2 ] Bug #766104 - CVE-2011-4600 libvirt: unintended firewall port exposure after restarting libvirtd when defining a bridged forward-mode network [fedora-16]
https://bugzilla.redhat.com/show_bug.cgi?id=766104
[ 3 ] Bug #761329 - should use systemctl instead of chkconfig --list
https://bugzilla.redhat.com/show_bug.cgi?id=761329
[ 4 ] Bug #758896 - Please Update Spec File to use %ghost on files in /var/run and /var/lock
https://bugzilla.redhat.com/show_bug.cgi?id=758896
[ 5 ] Bug #757382 - libvirt occasionally has a failure and is non-operational afterwards
https://bugzilla.redhat.com/show_bug.cgi?id=757382
[ 6 ] Bug #738725 - installing libvirt issues warnings due to outdated spec file %postinstalls
https://bugzilla.redhat.com/show_bug.cgi?id=738725
[ 7 ] Bug #754909 - libvirt: Failed to find path for dmidecode binary
https://bugzilla.redhat.com/show_bug.cgi?id=754909
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update libvirt' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list