libvirt-4.5.0-36.el7_9.3.x86_64
[202 KiB] |
Changelog
by Jiri Denemark (2020-10-20):
- rpc: gendispatch: handle empty flags (CVE-2020-25637)
- rpc: add support for filtering @acls by uint params (CVE-2020-25637)
- rpc: require write acl for guest agent in virDomainInterfaceAddresses (CVE-2020-25637)
- qemu: agent: set ifname to NULL after freeing (CVE-2020-25637)
- conf: properly clear out autogenerated macvtap names when formatting/parsing (rhbz#1868549)
|
libvirt-4.5.0-36.el7.x86_64
[200 KiB] |
Changelog
by Jiri Denemark (2020-05-13):
- virDevMapperGetTargetsImpl: Be tolerant to kernels without DM support (rhbz#1823976)
- virDevMapperGetTargetsImpl: quit early if device is not a devmapper target (rhbz#1823976)
|
libvirt-4.5.0-23.el7.x86_64
[195 KiB] |
Changelog
by Jiri Denemark (2019-06-20):
- api: disallow virDomainSaveImageGetXMLDesc on read-only connections (CVE-2019-10161)
- api: disallow virDomainManagedSaveDefineXML on read-only connections (CVE-2019-10166)
- api: disallow virConnectGetDomainCapabilities on read-only connections (CVE-2019-10167)
- api: disallow virConnect*HypervisorCPU on read-only connections (CVE-2019-10168)
|
libvirt-4.5.0-10.el7_6.12.x86_64
[184 KiB] |
Changelog
by Jiri Denemark (2019-06-18):
- api: disallow virDomainSaveImageGetXMLDesc on read-only connections (CVE-2019-10161)
- api: disallow virDomainManagedSaveDefineXML on read-only connections (CVE-2019-10166)
- api: disallow virConnectGetDomainCapabilities on read-only connections (CVE-2019-10167)
- api: disallow virConnect*HypervisorCPU on read-only connections (CVE-2019-10168)
|
libvirt-4.5.0-10.el7_6.10.x86_64
[184 KiB] |
Changelog
by Jiri Denemark (2019-05-16):
- virnwfilterbindingobj: Introduce and use virNWFilterBindingObjStealDef (rhbz#1702173)
- admin: reject clients unless their UID matches the current UID (CVE-2019-10132)
- locking: restrict sockets to mode 0600 (CVE-2019-10132)
- logging: restrict sockets to mode 0600 (CVE-2019-10132)
|
libvirt-4.5.0-10.el7_6.9.x86_64
[183 KiB] |
Changelog
by Jiri Denemark (2019-04-16):
- qemu: Don't cache microcode version (CVE-2018-12127, CVE-2018-12126, CVE-2018-12130)
|
libvirt-4.5.0-10.el7.x86_64
[179 KiB] |
Changelog
by Jiri Denemark (2018-09-18):
- conf: correct false boot order error during domain parse (rhbz#1601318)
|
libvirt-3.9.0-14.el7_5.6.x86_64
[172 KiB] |
Changelog
by Jiri Denemark (2018-06-05):
- logging: Don't inhibit shutdown in system daemon (rhbz#1573268)
- util: don't check for parallel iteration in hash-related functions (rhbz#1581364)
- cpu: define the 'virt-ssbd' CPUID feature bit (CVE-2018-3639)
- virNumaGetHugePageInfo: Return page_avail and page_free as ULL (rhbz#1582418)
|
libvirt-3.9.0-14.el7_5.5.x86_64
[172 KiB] |
Changelog
by Jiri Denemark (2018-05-10):
- cpu: define the 'ssbd' CPUID feature bit (CVE-2018-3639)
|
libvirt-3.9.0-14.el7_5.4.x86_64
[172 KiB] |
Changelog
by Jiri Denemark (2018-04-13):
- lxc: Drop useless check in live device update (rhbz#1557922)
- Pass oldDev to virDomainDefCompatibleDevice on device update (rhbz#1557922)
- qemu: Fix updating device with boot order (rhbz#1557922)
- conf: Fix crash in virDomainDefCompatibleDevice (rhbz#1557922)
- vmx: check for present/enabled devices earlier (rhbz#1566524)
- vmx: allocate space for network interfaces if needed (rhbz#1566524)
- internal: add STRCASEPREFIX (rhbz#1566524)
- vmx: convert any amount of NICs (rhbz#1566524)
- qemu: Use dynamic buffer for storing PTY aliases (rhbz#1566525)
- qemu: avoid denial of service reading from QEMU monitor (CVE-2018-5748) (CVE-2018-5748)
- qemu: avoid denial of service reading from QEMU guest agent (CVE-2018-1064) (CVE-2018-1064)
|
libvirt-3.2.0-14.el7_4.7.x86_64
[157 KiB] |
Changelog
by Jiri Denemark (2017-12-19):
- qemu: Properly store microcode version in QEMU caps cache (CVE-2017-5715)
|
libvirt-2.0.0-10.el7.x86_64
[135 KiB] |
Changelog
by Jiri Denemark (2016-09-21):
- virtlogd: Don't stop or restart along with libvirtd (rhbz#1372576)
|
libvirt-1.2.8-16.el7.x86_64
[94 KiB] |
Changelog
by Jiri Denemark (2015-01-28):
- qemu: don't setup cpuset.mems if memory mode in numatune is not 'strict' (rhbz#1186094)
- lxc: don't setup cpuset.mems if memory mode in numatune is not 'strict' (rhbz#1186094)
|
libvirt-1.1.1-29.el7_0.4.x86_64
[69 KiB] |
Changelog
by Jiri Denemark (2014-12-09):
- qemu: blockcopy: Don't remove existing disk mirror info (rhbz#1149078)
- qemu: copy: Accept 'format' parameter when copying to a non-existing img (rhbz#1149078)
- qemu: reject rather than hang on blockcommit of active layer (rhbz#1150379)
- CVE-2014-7823: dumpxml: security hole with migratable flag (CVE-2014-7823)
- Fix crash when saving a domain with type none dac label (rhbz#1171124)
|
libvirt-1.1.1-29.el7_0.3.x86_64
[69 KiB] |
Changelog
by Jiri Denemark (2014-09-23):
- domain_conf: fix domain deadlock (CVE-2014-3657)
|
libvirt-1.1.1-29.el7_0.1.x86_64
[69 KiB] |
Changelog
by Jiri Denemark (2014-07-03):
- LSN-2014-0003: Don't expand entities when parsing XML (CVE-2014-0179)
- virNetClientSetTLSSession: Restore original signal mask (rhbz#1112689)
- Don't use AI_ADDRCONFIG when binding to wildcard addresses (rhbz#1112692)
- qemu: Unlock the NWFilter update lock by leaving via the cleanup label (rhbz#1112690)
|