Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Fedora 22 Libvirt Security Update: Path Traversal and Disk Issues Fixed

fedora
Calendar Grey January 8, 2016
Dist Fedora Esm H88
Fedora 22 has deployed a critical security patch for Libvirt addressing vulnerabilities related to path traversal, alongside various other enhancements.
* Rebased to version 1.2.13.2 * disk backend is not removed properly when disk frontent hotplug fails (bz #1265968) * Fix TPM cancel path on newer kernels (bz #1244895) * Remove ti...

Summary

Libvirt is a C toolkit to interact with the virtualization capabilities

of recent versions of Linux (and other OSes). The main package includes

the libvirtd server exporting the virtualization support.

Update Information:

* Rebased to version 1.2.13.2 * disk backend is not removed properly when disk frontent hotplug fails (bz #1265968) * Fix TPM cancel path on newer kernels (bz #1244895) * Remove timeout for libvirt-guests.service (bz #1195544) * CVE-2015-5313 libvirt: filesystem storage volume names path traversal flaw (bz #1291433) * Fix VM names with non-ascii (bz #1062943) * Fix backwards migration with graphics listen address (bz #1276883)

Change Log

References


[ 1 ] Bug #1277121 - CVE-2015-5313 libvirt: filesystem storage volume names path traversal flaw https://bugzilla.redhat.com/show_bug.cgi?id=1277121

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update libvirt' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
important
Lowest
Low
Medium
High
Critical

Name: libvirt
Product: Fedora 22
Version: 1.2.13.2
Release: 1.fc22
Summary: Library providing a simple virtualization API

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here