Synopsis: Moderate: libvirt security update
Advisory ID: SLSA-2019:1578-1
Issue Date: 2019-06-20
CVE Numbers: CVE-2019-10161
—
Security Fix(es):
* libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API
(CVE-2019-10161)
* libvirt: virDomainManagedSaveDefineXML API exposed to readonly clients
(CVE-2019-10166)
* libvirt: arbitrary command execution via virConnectGetDomainCapabilities
API (CVE-2019-10167)
* libvirt: arbitrary command execution via virConnectBaselineHypervisorCPU
and virConnectCompareHypervisorCPU APIs (CVE-2019-10168)
—
SL6
x86_64
libvirt-0.10.2-64.el6_10.2.x86_64.rpm
libvirt-client-0.10.2-64.el6_10.2.i686.rpm
libvirt-client-0.10.2-64.el6_10.2.x86_64.rpm
libvirt-debuginfo-0.10.2-64.el6_10.2.i686.rpm
libvirt-debuginfo-0.10.2-64.el6_10.2.x86_64.rpm
libvirt-python-0.10.2-64.el6_10.2.x86_64.rpm
libvirt-devel-0.10.2-64.el6_10.2.i686.rpm
libvirt-devel-0.10.2-64.el6_10.2.x86_64.rpm
libvirt-lock-sanlock-0.10.2-64.el6_10.2.x86_64.rpm
i386
libvirt-0.10.2-64.el6_10.2.i686.rpm
libvirt-client-0.10.2-64.el6_10.2.i686.rpm
libvirt-debuginfo-0.10.2-64.el6_10.2.i686.rpm
libvirt-python-0.10.2-64.el6_10.2.i686.rpm
libvirt-devel-0.10.2-64.el6_10.2.i686.rpm
– Scientific Linux Development Team
