Synopsis: Moderate: libguestfs and virt-p2v security, bug fix, and enhancement update
Advisory ID: SLSA-2016:2576-2
Issue Date: 2016-11-03
CVE Numbers: CVE-2015-8869
—
Virt-p2v is a tool for conversion of a physical server to a virtual guest.
The following packages have been upgraded to a newer upstream version:
libguestfs (1.32.7), virt-p2v (1.32.7).
Security Fix(es):
* An integer conversion flaw was found in the way OCaml’s String handled
its length. Certain operations on an excessively long String could trigger
a buffer overflow or result in an information leak. (CVE-2015-8869)
Note: The libguestfs packages in this advisory were rebuilt with a fixed
version of OCaml to address this issue.
Additional Changes:
—
SL7
x86_64
libguestfs-1.32.7-3.el7.x86_64.rpm
libguestfs-debuginfo-1.32.7-3.el7.x86_64.rpm
libguestfs-java-1.32.7-3.el7.x86_64.rpm
libguestfs-tools-c-1.32.7-3.el7.x86_64.rpm
libguestfs-xfs-1.32.7-3.el7.x86_64.rpm
perl-Sys-Guestfs-1.32.7-3.el7.x86_64.rpm
python-libguestfs-1.32.7-3.el7.x86_64.rpm
libguestfs-devel-1.32.7-3.el7.x86_64.rpm
libguestfs-gfs2-1.32.7-3.el7.x86_64.rpm
libguestfs-gobject-1.32.7-3.el7.x86_64.rpm
libguestfs-gobject-devel-1.32.7-3.el7.x86_64.rpm
libguestfs-java-devel-1.32.7-3.el7.x86_64.rpm
libguestfs-rescue-1.32.7-3.el7.x86_64.rpm
libguestfs-rsync-1.32.7-3.el7.x86_64.rpm
lua-guestfs-1.32.7-3.el7.x86_64.rpm
ocaml-libguestfs-1.32.7-3.el7.x86_64.rpm
ocaml-libguestfs-devel-1.32.7-3.el7.x86_64.rpm
ruby-libguestfs-1.32.7-3.el7.x86_64.rpm
virt-dib-1.32.7-3.el7.x86_64.rpm
noarch
libguestfs-inspect-icons-1.32.7-3.el7.noarch.rpm
libguestfs-tools-1.32.7-3.el7.noarch.rpm
libguestfs-bash-completion-1.32.7-3.el7.noarch.rpm
libguestfs-gobject-doc-1.32.7-3.el7.noarch.rpm
libguestfs-javadoc-1.32.7-3.el7.noarch.rpm
libguestfs-man-pages-ja-1.32.7-3.el7.noarch.rpm
libguestfs-man-pages-uk-1.32.7-3.el7.noarch.rpm
– Scientific Linux Development Team
