Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2018.1482 Low: libvirt security and bug fix update 16 May 2018 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: libvirt Publisher: Red Hat Operating System: Red Hat Enterprise Linux Server 7 Red Hat Enterprise Linux WS/Desktop 7 Impact/Access: Denial of Service -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2018-5748 CVE-2018-1064 Reference: ESB-2018.1115 ESB-2018.0992 ESB-2018.0754 ESB-2018.0509 Original Bulletin: https://access.redhat.com/errata/RHSA-2018:1396 - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Low: libvirt security and bug fix update Advisory ID: RHSA-2018:1396-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:1396 Issue date: 2018-05-14 CVE Names: CVE-2018-1064 CVE-2018-5748 ===================================================================== 1. Summary: An update for libvirt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - ppc64le, s390x Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - aarch64, ppc64le, s390x 3. Description: The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fix(es): * libvirt: Resource exhaustion via qemuMonitorIORead() method (CVE-2018-5748) * libvirt: Incomplete fix for CVE-2018-5748 triggered by QEMU guest agent (CVE-2018-1064) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. The CVE-2018-1064 issue was discovered by Daniel P. Berrangé (Red Hat) and the CVE-2018-5748 issue was discovered by Daniel P. Berrange (Red Hat) and Peter Krempa (Red Hat). Bug Fix(es): * Previously, the check for a non-unique device boot order did not properly handle updates of existing devices when a new device was attached to a guest. Consequently, updating any device with a specified boot order failed. With this update, the duplicity check detects correctly handles updates and ignores the original device, which avoids reporting false conflicts. As a result, updating a device with a boot order succeeds. (BZ#1557922) * In Red Hat Enterprise Linux 7.5, guests with SCSI passthrough enabled failed to boot because of changes in kernel CGroup detection. With this update, libvirt fetches dependencies and adds them to the device CGroup. As a result, and the affected guests now start as expected. (BZ#1564996) * The VMX parser in libvirt did not parse more than four network interfaces. As a consequence, the esx driver did not expose more than four network interface cards (NICs) for guests running ESXi. With this update, the VMX parser parses all the available NICs in .vmx files. As a result, libvirt reports all the NICs of guests running ESXi. (BZ#1566524) * Previously, user aliases for PTY devices that were longer than 32 characters were not supported. Consequently, if a domain included a PTY device with a user alias longer than 32 characters, the domain would not start. With this update, a static buffer was replaced with a dynamic buffer. As a result, the domain starts even if the length of the user alias for a PTY device is longer than 32 characters. (BZ#1566525) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the updated packages, libvirtd will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1528396 - CVE-2018-5748 libvirt: Resource exhaustion via qemuMonitorIORead() method 1550672 - CVE-2018-1064 libvirt: Incomplete fix for CVE-2018-5748 triggered by QEMU guest agent 1557922 - Cannot modify vNIC profile of running VM [rhel-7.5.z] 1564996 - Start VM with direct LUN attached with SCSI Pass-Through enabled fails on libvirtError [rhel-7.5.z] 1566524 - vmx parser cannot import more than 4 NICs [rhel-7.5.z] 1566525 - Hosted Engine VM (deployed in the past) fails to reboot with 'libvirtError: internal error: failed to format device alias for PTY retrieval' due to an error in console device in libvirt XML generated by the engine [rhel-7.5.z] 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: libvirt-3.9.0-14.el7_5.4.src.rpm x86_64: libvirt-3.9.0-14.el7_5.4.x86_64.rpm libvirt-client-3.9.0-14.el7_5.4.i686.rpm libvirt-client-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-config-network-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-interface-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-lxc-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-network-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-qemu-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-secret-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-storage-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-storage-gluster-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-storage-rbd-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-kvm-3.9.0-14.el7_5.4.x86_64.rpm libvirt-debuginfo-3.9.0-14.el7_5.4.i686.rpm libvirt-debuginfo-3.9.0-14.el7_5.4.x86_64.rpm libvirt-libs-3.9.0-14.el7_5.4.i686.rpm libvirt-libs-3.9.0-14.el7_5.4.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: libvirt-admin-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-lxc-3.9.0-14.el7_5.4.x86_64.rpm libvirt-debuginfo-3.9.0-14.el7_5.4.i686.rpm libvirt-debuginfo-3.9.0-14.el7_5.4.x86_64.rpm libvirt-devel-3.9.0-14.el7_5.4.i686.rpm libvirt-devel-3.9.0-14.el7_5.4.x86_64.rpm libvirt-docs-3.9.0-14.el7_5.4.x86_64.rpm libvirt-lock-sanlock-3.9.0-14.el7_5.4.x86_64.rpm libvirt-login-shell-3.9.0-14.el7_5.4.x86_64.rpm libvirt-nss-3.9.0-14.el7_5.4.i686.rpm libvirt-nss-3.9.0-14.el7_5.4.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: libvirt-3.9.0-14.el7_5.4.src.rpm x86_64: libvirt-client-3.9.0-14.el7_5.4.i686.rpm libvirt-client-3.9.0-14.el7_5.4.x86_64.rpm libvirt-debuginfo-3.9.0-14.el7_5.4.i686.rpm libvirt-debuginfo-3.9.0-14.el7_5.4.x86_64.rpm libvirt-libs-3.9.0-14.el7_5.4.i686.rpm libvirt-libs-3.9.0-14.el7_5.4.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: libvirt-3.9.0-14.el7_5.4.x86_64.rpm libvirt-admin-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-config-network-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-interface-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-lxc-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-network-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-qemu-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-secret-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-storage-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-storage-gluster-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-storage-rbd-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-kvm-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-lxc-3.9.0-14.el7_5.4.x86_64.rpm libvirt-debuginfo-3.9.0-14.el7_5.4.i686.rpm libvirt-debuginfo-3.9.0-14.el7_5.4.x86_64.rpm libvirt-devel-3.9.0-14.el7_5.4.i686.rpm libvirt-devel-3.9.0-14.el7_5.4.x86_64.rpm libvirt-docs-3.9.0-14.el7_5.4.x86_64.rpm libvirt-lock-sanlock-3.9.0-14.el7_5.4.x86_64.rpm libvirt-login-shell-3.9.0-14.el7_5.4.x86_64.rpm libvirt-nss-3.9.0-14.el7_5.4.i686.rpm libvirt-nss-3.9.0-14.el7_5.4.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: libvirt-3.9.0-14.el7_5.4.src.rpm ppc64: libvirt-3.9.0-14.el7_5.4.ppc64.rpm libvirt-client-3.9.0-14.el7_5.4.ppc.rpm libvirt-client-3.9.0-14.el7_5.4.ppc64.rpm libvirt-daemon-3.9.0-14.el7_5.4.ppc64.rpm libvirt-daemon-config-network-3.9.0-14.el7_5.4.ppc64.rpm libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.4.ppc64.rpm libvirt-daemon-driver-interface-3.9.0-14.el7_5.4.ppc64.rpm libvirt-daemon-driver-lxc-3.9.0-14.el7_5.4.ppc64.rpm libvirt-daemon-driver-network-3.9.0-14.el7_5.4.ppc64.rpm libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.4.ppc64.rpm libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.4.ppc64.rpm libvirt-daemon-driver-qemu-3.9.0-14.el7_5.4.ppc64.rpm libvirt-daemon-driver-secret-3.9.0-14.el7_5.4.ppc64.rpm libvirt-daemon-driver-storage-3.9.0-14.el7_5.4.ppc64.rpm libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.4.ppc64.rpm libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.4.ppc64.rpm libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.4.ppc64.rpm libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.4.ppc64.rpm libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.4.ppc64.rpm libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.4.ppc64.rpm libvirt-debuginfo-3.9.0-14.el7_5.4.ppc.rpm libvirt-debuginfo-3.9.0-14.el7_5.4.ppc64.rpm libvirt-devel-3.9.0-14.el7_5.4.ppc.rpm libvirt-devel-3.9.0-14.el7_5.4.ppc64.rpm libvirt-docs-3.9.0-14.el7_5.4.ppc64.rpm libvirt-libs-3.9.0-14.el7_5.4.ppc.rpm libvirt-libs-3.9.0-14.el7_5.4.ppc64.rpm ppc64le: libvirt-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-client-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-daemon-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-daemon-config-network-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-daemon-driver-interface-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-daemon-driver-lxc-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-daemon-driver-network-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-daemon-driver-qemu-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-daemon-driver-secret-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-daemon-driver-storage-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-daemon-kvm-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-debuginfo-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-devel-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-docs-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-libs-3.9.0-14.el7_5.4.ppc64le.rpm s390x: libvirt-3.9.0-14.el7_5.4.s390x.rpm libvirt-client-3.9.0-14.el7_5.4.s390.rpm libvirt-client-3.9.0-14.el7_5.4.s390x.rpm libvirt-daemon-3.9.0-14.el7_5.4.s390x.rpm libvirt-daemon-config-network-3.9.0-14.el7_5.4.s390x.rpm libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.4.s390x.rpm libvirt-daemon-driver-interface-3.9.0-14.el7_5.4.s390x.rpm libvirt-daemon-driver-lxc-3.9.0-14.el7_5.4.s390x.rpm libvirt-daemon-driver-network-3.9.0-14.el7_5.4.s390x.rpm libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.4.s390x.rpm libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.4.s390x.rpm libvirt-daemon-driver-qemu-3.9.0-14.el7_5.4.s390x.rpm libvirt-daemon-driver-secret-3.9.0-14.el7_5.4.s390x.rpm libvirt-daemon-driver-storage-3.9.0-14.el7_5.4.s390x.rpm libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.4.s390x.rpm libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.4.s390x.rpm libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.4.s390x.rpm libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.4.s390x.rpm libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.4.s390x.rpm libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.4.s390x.rpm libvirt-daemon-kvm-3.9.0-14.el7_5.4.s390x.rpm libvirt-debuginfo-3.9.0-14.el7_5.4.s390.rpm libvirt-debuginfo-3.9.0-14.el7_5.4.s390x.rpm libvirt-devel-3.9.0-14.el7_5.4.s390.rpm libvirt-devel-3.9.0-14.el7_5.4.s390x.rpm libvirt-docs-3.9.0-14.el7_5.4.s390x.rpm libvirt-libs-3.9.0-14.el7_5.4.s390.rpm libvirt-libs-3.9.0-14.el7_5.4.s390x.rpm x86_64: libvirt-3.9.0-14.el7_5.4.x86_64.rpm libvirt-client-3.9.0-14.el7_5.4.i686.rpm libvirt-client-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-config-network-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-interface-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-lxc-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-network-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-qemu-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-secret-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-storage-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-storage-gluster-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-storage-rbd-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-kvm-3.9.0-14.el7_5.4.x86_64.rpm libvirt-debuginfo-3.9.0-14.el7_5.4.i686.rpm libvirt-debuginfo-3.9.0-14.el7_5.4.x86_64.rpm libvirt-devel-3.9.0-14.el7_5.4.i686.rpm libvirt-devel-3.9.0-14.el7_5.4.x86_64.rpm libvirt-docs-3.9.0-14.el7_5.4.x86_64.rpm libvirt-libs-3.9.0-14.el7_5.4.i686.rpm libvirt-libs-3.9.0-14.el7_5.4.x86_64.rpm Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7): Source: libvirt-3.9.0-14.el7_5.4.src.rpm ppc64le: libvirt-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-client-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-daemon-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-daemon-config-network-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-daemon-driver-interface-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-daemon-driver-lxc-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-daemon-driver-network-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-daemon-driver-qemu-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-daemon-driver-secret-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-daemon-driver-storage-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-daemon-kvm-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-debuginfo-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-devel-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-docs-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-libs-3.9.0-14.el7_5.4.ppc64le.rpm s390x: libvirt-3.9.0-14.el7_5.4.s390x.rpm libvirt-client-3.9.0-14.el7_5.4.s390.rpm libvirt-client-3.9.0-14.el7_5.4.s390x.rpm libvirt-daemon-3.9.0-14.el7_5.4.s390x.rpm libvirt-daemon-config-network-3.9.0-14.el7_5.4.s390x.rpm libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.4.s390x.rpm libvirt-daemon-driver-interface-3.9.0-14.el7_5.4.s390x.rpm libvirt-daemon-driver-lxc-3.9.0-14.el7_5.4.s390x.rpm libvirt-daemon-driver-network-3.9.0-14.el7_5.4.s390x.rpm libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.4.s390x.rpm libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.4.s390x.rpm libvirt-daemon-driver-qemu-3.9.0-14.el7_5.4.s390x.rpm libvirt-daemon-driver-secret-3.9.0-14.el7_5.4.s390x.rpm libvirt-daemon-driver-storage-3.9.0-14.el7_5.4.s390x.rpm libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.4.s390x.rpm libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.4.s390x.rpm libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.4.s390x.rpm libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.4.s390x.rpm libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.4.s390x.rpm libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.4.s390x.rpm libvirt-daemon-kvm-3.9.0-14.el7_5.4.s390x.rpm libvirt-debuginfo-3.9.0-14.el7_5.4.s390.rpm libvirt-debuginfo-3.9.0-14.el7_5.4.s390x.rpm libvirt-devel-3.9.0-14.el7_5.4.s390.rpm libvirt-devel-3.9.0-14.el7_5.4.s390x.rpm libvirt-docs-3.9.0-14.el7_5.4.s390x.rpm libvirt-libs-3.9.0-14.el7_5.4.s390.rpm libvirt-libs-3.9.0-14.el7_5.4.s390x.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: libvirt-admin-3.9.0-14.el7_5.4.ppc64.rpm libvirt-daemon-lxc-3.9.0-14.el7_5.4.ppc64.rpm libvirt-debuginfo-3.9.0-14.el7_5.4.ppc.rpm libvirt-debuginfo-3.9.0-14.el7_5.4.ppc64.rpm libvirt-lock-sanlock-3.9.0-14.el7_5.4.ppc64.rpm libvirt-login-shell-3.9.0-14.el7_5.4.ppc64.rpm libvirt-nss-3.9.0-14.el7_5.4.ppc.rpm libvirt-nss-3.9.0-14.el7_5.4.ppc64.rpm ppc64le: libvirt-admin-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-daemon-lxc-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-debuginfo-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-lock-sanlock-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-login-shell-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-nss-3.9.0-14.el7_5.4.ppc64le.rpm s390x: libvirt-admin-3.9.0-14.el7_5.4.s390x.rpm libvirt-daemon-lxc-3.9.0-14.el7_5.4.s390x.rpm libvirt-debuginfo-3.9.0-14.el7_5.4.s390.rpm libvirt-debuginfo-3.9.0-14.el7_5.4.s390x.rpm libvirt-lock-sanlock-3.9.0-14.el7_5.4.s390x.rpm libvirt-login-shell-3.9.0-14.el7_5.4.s390x.rpm libvirt-nss-3.9.0-14.el7_5.4.s390.rpm libvirt-nss-3.9.0-14.el7_5.4.s390x.rpm x86_64: libvirt-admin-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-lxc-3.9.0-14.el7_5.4.x86_64.rpm libvirt-debuginfo-3.9.0-14.el7_5.4.i686.rpm libvirt-debuginfo-3.9.0-14.el7_5.4.x86_64.rpm libvirt-lock-sanlock-3.9.0-14.el7_5.4.x86_64.rpm libvirt-login-shell-3.9.0-14.el7_5.4.x86_64.rpm libvirt-nss-3.9.0-14.el7_5.4.i686.rpm libvirt-nss-3.9.0-14.el7_5.4.x86_64.rpm Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7): Source: libvirt-3.9.0-14.el7_5.4.src.rpm aarch64: libvirt-3.9.0-14.el7_5.4.aarch64.rpm libvirt-admin-3.9.0-14.el7_5.4.aarch64.rpm libvirt-client-3.9.0-14.el7_5.4.aarch64.rpm libvirt-daemon-3.9.0-14.el7_5.4.aarch64.rpm libvirt-daemon-config-network-3.9.0-14.el7_5.4.aarch64.rpm libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.4.aarch64.rpm libvirt-daemon-driver-interface-3.9.0-14.el7_5.4.aarch64.rpm libvirt-daemon-driver-lxc-3.9.0-14.el7_5.4.aarch64.rpm libvirt-daemon-driver-network-3.9.0-14.el7_5.4.aarch64.rpm libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.4.aarch64.rpm libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.4.aarch64.rpm libvirt-daemon-driver-qemu-3.9.0-14.el7_5.4.aarch64.rpm libvirt-daemon-driver-secret-3.9.0-14.el7_5.4.aarch64.rpm libvirt-daemon-driver-storage-3.9.0-14.el7_5.4.aarch64.rpm libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.4.aarch64.rpm libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.4.aarch64.rpm libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.4.aarch64.rpm libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.4.aarch64.rpm libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.4.aarch64.rpm libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.4.aarch64.rpm libvirt-daemon-kvm-3.9.0-14.el7_5.4.aarch64.rpm libvirt-daemon-lxc-3.9.0-14.el7_5.4.aarch64.rpm libvirt-debuginfo-3.9.0-14.el7_5.4.aarch64.rpm libvirt-devel-3.9.0-14.el7_5.4.aarch64.rpm libvirt-docs-3.9.0-14.el7_5.4.aarch64.rpm libvirt-libs-3.9.0-14.el7_5.4.aarch64.rpm libvirt-lock-sanlock-3.9.0-14.el7_5.4.aarch64.rpm libvirt-login-shell-3.9.0-14.el7_5.4.aarch64.rpm libvirt-nss-3.9.0-14.el7_5.4.aarch64.rpm ppc64le: libvirt-admin-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-daemon-lxc-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-debuginfo-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-lock-sanlock-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-login-shell-3.9.0-14.el7_5.4.ppc64le.rpm libvirt-nss-3.9.0-14.el7_5.4.ppc64le.rpm s390x: libvirt-admin-3.9.0-14.el7_5.4.s390x.rpm libvirt-daemon-lxc-3.9.0-14.el7_5.4.s390x.rpm libvirt-debuginfo-3.9.0-14.el7_5.4.s390.rpm libvirt-debuginfo-3.9.0-14.el7_5.4.s390x.rpm libvirt-lock-sanlock-3.9.0-14.el7_5.4.s390x.rpm libvirt-login-shell-3.9.0-14.el7_5.4.s390x.rpm libvirt-nss-3.9.0-14.el7_5.4.s390.rpm libvirt-nss-3.9.0-14.el7_5.4.s390x.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: libvirt-3.9.0-14.el7_5.4.src.rpm x86_64: libvirt-3.9.0-14.el7_5.4.x86_64.rpm libvirt-client-3.9.0-14.el7_5.4.i686.rpm libvirt-client-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-config-network-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-interface-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-lxc-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-network-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-qemu-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-secret-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-storage-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-storage-gluster-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-storage-rbd-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-kvm-3.9.0-14.el7_5.4.x86_64.rpm libvirt-debuginfo-3.9.0-14.el7_5.4.i686.rpm libvirt-debuginfo-3.9.0-14.el7_5.4.x86_64.rpm libvirt-devel-3.9.0-14.el7_5.4.i686.rpm libvirt-devel-3.9.0-14.el7_5.4.x86_64.rpm libvirt-docs-3.9.0-14.el7_5.4.x86_64.rpm libvirt-libs-3.9.0-14.el7_5.4.i686.rpm libvirt-libs-3.9.0-14.el7_5.4.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: libvirt-admin-3.9.0-14.el7_5.4.x86_64.rpm libvirt-daemon-lxc-3.9.0-14.el7_5.4.x86_64.rpm libvirt-debuginfo-3.9.0-14.el7_5.4.i686.rpm libvirt-debuginfo-3.9.0-14.el7_5.4.x86_64.rpm libvirt-lock-sanlock-3.9.0-14.el7_5.4.x86_64.rpm libvirt-login-shell-3.9.0-14.el7_5.4.x86_64.rpm libvirt-nss-3.9.0-14.el7_5.4.i686.rpm libvirt-nss-3.9.0-14.el7_5.4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2018-1064 https://access.redhat.com/security/cve/CVE-2018-5748 https://access.redhat.com/security/updates/classification/#low 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2018 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBWvsEJdzjgjWX9erEAQgAtQ/8CPBoSbdFbZNWUV0pLf7RkeW2HYtsMena Hag4QsausBs0OCwZNnQwaJ/Y2OAq9GUb7V372eSVX0QBJfp73u0VpBz4N0biTWlF hSzHGD5y3HLwzvZY/4UxM81WrmGdMRqar3Y780SF5/5kQ7QnU2wbW9qpaVM4gBWO DQ3X3p1ML3coh1/zEwlRzwocm/5c4eyVCQJnUb798diSb3Tf5UTcipRh1jSeu3kw q3VaafMZlqLwApfTGV0WBg7Q9H/13va0MGnR+41bhZEK/IFgfKop8uK8evI66byk MzXErWIHWQ01BgG3xY26srtyGWRpu8m33mmjhqkvvfohkfajGpQTkRAYRf14I/dm Qujct+X4uzEg8VOEzNDw3GDskGTBaiTRG7SX5pST9W7mdjHFJ5oRBpSHqDxfoRAg zN9C2mZWJOuDsbgThPgi+LKg5shURsP0UoGmTMvDl12eopf1XX5PYh3/bcrHt5pf 0vKyfvnCL+xYeKoC1RCsAWxzjHNtm5Kf6pD3jJuW9BsBdoXkkziuj/igsvXcPcA3 U5osNu+gjIwl+xGKaKHjXBO3nngHw2IyqqsGfAej6rfHCETs0YD24O1AtpCvhFNB Y6/dilL17cq2+vNxfUMoaP1PwO8V+8SvWQKgN6p2NovEosFTHLe6LDJOVELLkxpp GrcrJ+m1JfI= =KjDD - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBWvt2B4x+lLeg9Ub1AQjQTxAAkZ1QiqKcfhBjwtN059Q/khPUOfbwqSom kk3LCySPIBxRiGqtDaCLt/ZsLFVunbgDknxWtl5ol2KmVIUgty/Gbds3ndnOygLP 1bBUaVYo4eNB8FDh0dqiELx9OMa/xuzfBhvvy2uIR5MsMbhxCWgI7WhM0W55DsSL hJBJCGEtYq6xLi0TSpPeV4onKulLELttHW8m7rtgvClu8T5KY0qRsPSQcgJ52iyK m7eJIC5liCgubQPZ3MQ6lbLdKNbT1pNJ4HWqgZJ+XS1iO+jY/FHh3i7sUmDe1Bek vf1GkKNBD2Ix819kfYk5NRahZvXctXfzLhm7MpxFDwn+I9J2vNzRWCezvAtzuN+0 T+XblAKhfJaLRokstnL/2bRolZ+RcsQuRfwhK7bkXQvc9HeBLAkJZk9HjLYN3MpX /5j2D+jS5A36gxR6pVGpeZ6kM49LWqYuERGYSc3M6UjPK1KGRVQiZocWf5G642XB lXABtJLMqlDjHITSfSim+osUwpuQSH1Z1z7RvRASbuX0UX0MYAp4tyjrYBt42GJr tuWqriTOrK2UW+ZSqhhy/oN3y+O2Qca3HVmXmfka70UPj9KOYqCXYajWi6gFXUAg OgtFxyeE/LuwTt677N2OFc6WE5WzU692E57rFuoEqwLi3FP3y07rHn54XFHdGEn3 wA2QEgUa510= =QIsk -----END PGP SIGNATURE-----