libvirt-daemon-4.5.0-36.el7_9.3.x86_64
[810 KiB] |
Changelog
by Jiri Denemark (2020-10-20):
- rpc: gendispatch: handle empty flags (CVE-2020-25637)
- rpc: add support for filtering @acls by uint params (CVE-2020-25637)
- rpc: require write acl for guest agent in virDomainInterfaceAddresses (CVE-2020-25637)
- qemu: agent: set ifname to NULL after freeing (CVE-2020-25637)
- conf: properly clear out autogenerated macvtap names when formatting/parsing (rhbz#1868549)
|
libvirt-daemon-4.5.0-36.el7.x86_64
[808 KiB] |
Changelog
by Jiri Denemark (2020-05-13):
- virDevMapperGetTargetsImpl: Be tolerant to kernels without DM support (rhbz#1823976)
- virDevMapperGetTargetsImpl: quit early if device is not a devmapper target (rhbz#1823976)
|
libvirt-daemon-4.5.0-23.el7.x86_64
[805 KiB] |
Changelog
by Jiri Denemark (2019-06-20):
- api: disallow virDomainSaveImageGetXMLDesc on read-only connections (CVE-2019-10161)
- api: disallow virDomainManagedSaveDefineXML on read-only connections (CVE-2019-10166)
- api: disallow virConnectGetDomainCapabilities on read-only connections (CVE-2019-10167)
- api: disallow virConnect*HypervisorCPU on read-only connections (CVE-2019-10168)
|
libvirt-daemon-4.5.0-10.el7_6.12.x86_64
[795 KiB] |
Changelog
by Jiri Denemark (2019-06-18):
- api: disallow virDomainSaveImageGetXMLDesc on read-only connections (CVE-2019-10161)
- api: disallow virDomainManagedSaveDefineXML on read-only connections (CVE-2019-10166)
- api: disallow virConnectGetDomainCapabilities on read-only connections (CVE-2019-10167)
- api: disallow virConnect*HypervisorCPU on read-only connections (CVE-2019-10168)
|
libvirt-daemon-4.5.0-10.el7_6.10.x86_64
[828 KiB] |
Changelog
by Jiri Denemark (2019-05-16):
- virnwfilterbindingobj: Introduce and use virNWFilterBindingObjStealDef (rhbz#1702173)
- admin: reject clients unless their UID matches the current UID (CVE-2019-10132)
- locking: restrict sockets to mode 0600 (CVE-2019-10132)
- logging: restrict sockets to mode 0600 (CVE-2019-10132)
|
libvirt-daemon-4.5.0-10.el7_6.9.x86_64
[828 KiB] |
Changelog
by Jiri Denemark (2019-04-16):
- qemu: Don't cache microcode version (CVE-2018-12127, CVE-2018-12126, CVE-2018-12130)
|
libvirt-daemon-4.5.0-10.el7.x86_64
[786 KiB] |
Changelog
by Jiri Denemark (2018-09-18):
- conf: correct false boot order error during domain parse (rhbz#1601318)
|
libvirt-daemon-3.9.0-14.el7_5.6.x86_64
[811 KiB] |
Changelog
by Jiri Denemark (2018-06-05):
- logging: Don't inhibit shutdown in system daemon (rhbz#1573268)
- util: don't check for parallel iteration in hash-related functions (rhbz#1581364)
- cpu: define the 'virt-ssbd' CPUID feature bit (CVE-2018-3639)
- virNumaGetHugePageInfo: Return page_avail and page_free as ULL (rhbz#1582418)
|
libvirt-daemon-3.9.0-14.el7_5.5.x86_64
[811 KiB] |
Changelog
by Jiri Denemark (2018-05-10):
- cpu: define the 'ssbd' CPUID feature bit (CVE-2018-3639)
|
libvirt-daemon-3.9.0-14.el7_5.4.x86_64
[810 KiB] |
Changelog
by Jiri Denemark (2018-04-13):
- lxc: Drop useless check in live device update (rhbz#1557922)
- Pass oldDev to virDomainDefCompatibleDevice on device update (rhbz#1557922)
- qemu: Fix updating device with boot order (rhbz#1557922)
- conf: Fix crash in virDomainDefCompatibleDevice (rhbz#1557922)
- vmx: check for present/enabled devices earlier (rhbz#1566524)
- vmx: allocate space for network interfaces if needed (rhbz#1566524)
- internal: add STRCASEPREFIX (rhbz#1566524)
- vmx: convert any amount of NICs (rhbz#1566524)
- qemu: Use dynamic buffer for storing PTY aliases (rhbz#1566525)
- qemu: avoid denial of service reading from QEMU monitor (CVE-2018-5748) (CVE-2018-5748)
- qemu: avoid denial of service reading from QEMU guest agent (CVE-2018-1064) (CVE-2018-1064)
|
libvirt-daemon-3.2.0-14.el7_4.7.x86_64
[765 KiB] |
Changelog
by Jiri Denemark (2017-12-19):
- qemu: Properly store microcode version in QEMU caps cache (CVE-2017-5715)
|