Oracle Linux Security Advisory ELSA-2022-9668

https://linux.oracle.com/errata/ELSA-2022-9668.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unb=
reakable Linux Network:

aarch64:
libvirt-5.7.0-34.el7.aarch64.rpm
libvirt-bash-completion-5.7.0-34.el7.aarch64.rpm
libvirt-client-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-config-network-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-config-nwfilter-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-driver-interface-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-driver-lxc-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-driver-network-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-driver-nodedev-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-driver-nwfilter-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-driver-qemu-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-driver-secret-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-driver-storage-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-driver-storage-core-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-driver-storage-disk-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-driver-storage-gluster-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-driver-storage-iscsi-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-driver-storage-logical-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-driver-storage-mpath-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-driver-storage-rbd-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-driver-storage-scsi-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-kvm-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-qemu-5.7.0-34.el7.aarch64.rpm
libvirt-devel-5.7.0-34.el7.aarch64.rpm
libvirt-docs-5.7.0-34.el7.aarch64.rpm
libvirt-libs-5.7.0-34.el7.aarch64.rpm
libvirt-admin-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-lxc-5.7.0-34.el7.aarch64.rpm
libvirt-lock-sanlock-5.7.0-34.el7.aarch64.rpm
libvirt-login-shell-5.7.0-34.el7.aarch64.rpm
libvirt-nss-5.7.0-34.el7.aarch64.rpm
python2-libvirt-5.7.0-34.el7.aarch64.rpm


SRPMS:
https://oss.oracle.com/ol7/SRPMS-updates/libvirt-5.7.0-34.el7.src.rpm
https://oss.oracle.com/ol7/SRPMS-updates/libvirt-python-5.7.0-34.el7.src.rpm

Related CVEs:

CVE-2021-3975




Description of changes:

libvirt
[5.7.0-34.el7]
- qemu: blockcopy: Allow late opening of the backing chain of a shallow cop=
y (Peter Krempa)  [Orabug: 33091019]
- qemu: capabilities: Introduce QEMU_CAPS_BLOCKDEV_SNAPSHOT_ALLOW_WRITE_ONL=
Y (Peter Krempa)  [Orabug: 33091019]
- qemuDomainBlockCopyCommon: Record updated flags to block job (Peter Kremp=
a)  [Orabug: 33091019]
- qemuDomainBlockPivot: Move check prior to executing the pivot steps (Pete=
r Krempa)  [Orabug: 33091019]
- qemuDomainBlockPivot: Copy bitmaps backing checkpoints for virDomainBlock=
Copy (Peter Krempa)  [Orabug: 33091019]
- qemu: block: Introduce function to calculate bitmap handling for block-co=
py (Peter Krempa)  [Orabug: 33091019]
- qemu: block: Add validator for bitmap chains accross backing chains (Pete=
r Krempa)  [Orabug: 33091019]
- qemu: blockjob: Store 'flags' for all the block job types (Peter Krempa) =
 [Orabug: 33091019]
- qemu: blockjob: Store 'jobflags' with block job data (Peter Krempa)  [Ora=
bug: 33091019]
- util: json: Introduce virJSONValueArrayConcat (Peter Krempa)  [Orabug: 33=
091019]
- qemu: block: Extract calls of qemuBlockGetNamedNodeData into a helper fun=
ction (Peter Krempa)  [Orabug: 33091019]
- qemu: checkpoint: Track and relabel images for bitmap merging (Peter Krem=
pa)  [Orabug: 33091019]
- qemu: checkpoint: Introduce support for deleting checkpoints accross snap=
shots (Peter Krempa)  [Orabug: 33091019]
- qemu: checkpoint: Extract calculation of bitmap merging for checkpoint de=
letion (Peter Krempa)  [Orabug: 33091019]
- qemu: checkpoint: Introduce helper to find checkpoint disk definition in =
parents (Peter Krempa)  [Orabug: 33091019]
- qemu: checkpoint: tolerate missing disks on checkpoint deletion (Peter Kr=
empa)  [Orabug: 33091019]
- qemu: checkpoint: Use disk definition directly when creating checkpoint (=
Peter Krempa)  [Orabug: 33091019]
- qemu: checkpoint: rename disk->chkdisk in qemuCheckpointAddActions (Peter=
 Krempa)  [Orabug: 33091019]
- qemu: checkpoint: rename disk->chkdisk in qemuCheckpointDiscardBitmaps (P=
eter Krempa)  [Orabug: 33091019]
- qemu: checkpoint: split out checkpoint deletion bitmaps (Peter Krempa)  [=
Orabug: 33091019]
- qemu: checkpoint: Store whether deleted checkpoint is current in a variab=
le (Peter Krempa)  [Orabug: 33091019]
- qemu: checkpoint: Extract and export rollback of checkpoint metadata stor=
ing (Peter Krempa)  [Orabug: 33091019]
- qemu: block: Introduce qemuBlockNamedNodeDataGetBitmapByName (Peter Kremp=
a)  [Orabug: 33091019]
- qemu: snapshot: Propagate active bitmaps through external snapshots (Pete=
r Krempa)  [Orabug: 33091019]
- qemu: monitor: Add 'granularity' parameter for block-dirty-bitmap-add (Pe=
ter Krempa)  [Orabug: 33091019]
- qemu: snapshot: Fold formatting of snapshot transaction into prepare func=
 (Peter Krempa)  [Orabug: 33091019]
- qemu: Check for explicit failure of qemuBlockSnapshotAddBlockdev (Peter K=
rempa)  [Orabug: 33091019]
- qemu: monitor: Extract internals of qemuMonitorJSONBlockGetNamedNodeData =
(Peter Krempa)  [Orabug: 33091019]
- qemu: monitor: Extract data about dirty-bimaps in qemuMonitorBlockGetName=
dNodeData (Peter Krempa)  [Orabug: 33091019]
- qemu: block: enable the snapshot image deletion feature (Pavel Mores)  [O=
rabug: 33091019]
- qemu: block: propagate the delete flag to where it can actually be used (=
Pavel Mores)  [Orabug: 33091019]
- qemu: checkpoint: fix NULL dereference at create time (Cole Robinson)  [O=
rabug: 33091019]
- qemu: snapshot: Mark file becoming backingStore as read-only (Peter Kremp=
a)  [Orabug: 33091019]
- util: consolidate on one free callback for hash data (Daniel P. Berrang=
=E9)  [Orabug: 33091019]
- conf: stop using hash key when free'ing hash entries (Daniel P. Berrang=
=E9)  [Orabug: 33091019]
- qemu: checkpoint: Use qemuMonitorTransactionBitmapMergeSourceAddBitmap (P=
eter Krempa)  [Orabug: 33091019]
- qemu: checkpoint: Fix rollback and access to unlocked 'vm' when deleting =
checkpoints (Peter Krempa)  [Orabug: 33091019]
- qemu: snapshot: split out preparation of a snapshot with blockdev (Peter =
Krempa)  [Orabug: 33091019]
- qemu: monitor: Add helper for generating data for block bitmap merging (P=
eter Krempa)  [Orabug: 33091019]
- qemu: checkpoint: Extract finalizing steps of checkpoint creation (Peter =
Krempa)  [Orabug: 33091019]
- qemu: checkpoint: Split out checkpoint creation code (Peter Krempa)  [Ora=
bug: 33091019]
- qemu: block: Don't query monitor in qemuBlockStorageSourceCreateDetectSiz=
e (Peter Krempa)  [Orabug: 33091019]
- qemu: monitor: Introduce new interface to query-named-block-nodes (Peter =
Krempa)  [Orabug: 33091019]
- util: hash: Introduce virHashHasEntry (Peter Krempa)  [Orabug: 33091019]
- util: hash: Add new constructor 'virHashNew' (Peter Krempa)  [Orabug: 330=
91019]
- util: hash: Add possibility to use simpler data free function in virHash =
(Peter Krempa)  [Orabug: 33091019]
- conf: Introduce virDomainDiskByTarget (Peter Krempa)  [Orabug: 33091019]
- qemu: checkpoint: Don't update current checkpoint until we are done (Pete=
r Krempa)  [Orabug: 33091019]
- qemu: checkpoint: Replace open-coded transaction action generators (Peter=
 Krempa)  [Orabug: 33091019]
- qemu: checkpoint: Refactor cleanup in qemuCheckpointCreateXML (Peter Krem=
pa)  [Orabug: 33091019]
- qemu: domain: Move checkpoint related code to qemu_checkpoint.c (Peter Kr=
empa)  [Orabug: 33091019]
- qemu: driver: Move checkpoint-related code to qemu_checkpoint.c (Peter Kr=
empa)  [Orabug: 33091019]
- qemu: Move, rename and export qemuDomObjFromDomain (Peter Krempa)  [Orabu=
g: 33091019]
- qemu: checkpoint: Don't forbid checkpoint when VM is marked for autodestr=
oy (Peter Krempa)  [Orabug: 33091019]
- Prepare to hotplug vNUMA targets for non-X86_64 guests (Wim ten Have)  [O=
rabug: 34256070]
- qemu: Add missing lock in qemuProcessHandleMonitorEOF (Peng Liang)  [Orab=
ug: 34210159]  {CVE-2021-3975}
- libvirt: Fix Auto host partitioning threads under single-socket hosts (Wi=
m ten Have)  [Orabug: 34153152]

libvirt-python
[5.7.0-34.el7]
- libvirt-python.spec: Bump "Obsoletes" version number for libvirt-python (=
Karl
  Heubaum)  [Orabug: 34185868]


_______________________________________________
El-errata mailing list
[email protected]
https://oss.oracle.com/mailman/listinfo/el-errata

Oracle7: ELSA-2022-9668: libvirt Important Security Update

Summary

Description of changes: libvirt [5.7.0-34.el7] - qemu: blockcopy: Allow late opening of the backing chain of a shallow cop= y (Peter Krempa) [Orabug: 33091019] - qemu: capabilities: Introduce QEMU_CAPS_BLOCKDEV_SNAPSHOT_ALLOW_WRITE_ONL= Y (Peter Krempa) [Orabug: 33091019] - qemuDomainBlockCopyCommon: Record updated flags to block job (Peter Kremp= a) [Orabug: 33091019] - qemuDomainBlockPivot: Move check prior to executing the pivot steps (Pete= r Krempa) [Orabug: 33091019] - qemuDomainBlockPivot: Copy bitmaps backing checkpoints for virDomainBlock= Copy (Peter Krempa) [Orabug: 33091019] - qemu: block: Introduce function to calculate bitmap handling for block-co= py (Peter Krempa) [Orabug: 33091019] - qemu: block: Add validator for bitmap chains accross backing chains (Pete= r Krempa) [Orabug: 33091019] - qemu: blockjob: Store 'flags' for all the block job types (Peter Krempa) = [Orabug: 33091019] - qemu: blockjob: Store 'jobflags' with block job data (Peter Krempa) [Ora= bug: 33091019] - util: json: Introduce virJSONValueArrayConcat (Peter Krempa) [Orabug: 33= 091019] - qemu: block: Extract calls of qemuBlockGetNamedNodeData into a helper fun= ction (Peter Krempa) [Orabug: 33091019] - qemu: checkpoint: Track and relabel images for bitmap merging (Peter Krem= pa) [Orabug: 33091019] - qemu: checkpoint: Introduce support for deleting checkpoints accross snap= shots (Peter Krempa) [Orabug: 33091019] - qemu: checkpoint: Extract calculation of bitmap merging for checkpoint de= letion (Peter Krempa) [Orabug: 33091019] - qemu: checkpoint: Introduce helper to find checkpoint disk definition in = parents (Peter Krempa) [Orabug: 33091019] - qemu: checkpoint: tolerate missing disks on checkpoint deletion (Peter Kr= empa) [Orabug: 33091019] - qemu: checkpoint: Use disk definition directly when creating checkpoint (= Peter Krempa) [Orabug: 33091019] - qemu: checkpoint: rename disk->chkdisk in qemuCheckpointAddActions (Peter= Krempa) [Orabug: 33091019] - qemu: checkpoint: rename disk->chkdisk in qemuCheckpointDiscardBitmaps (P= eter Krempa) [Orabug: 33091019] - qemu: checkpoint: split out checkpoint deletion bitmaps (Peter Krempa) [= Orabug: 33091019] - qemu: checkpoint: Store whether deleted checkpoint is current in a variab= le (Peter Krempa) [Orabug: 33091019] - qemu: checkpoint: Extract and export rollback of checkpoint metadata stor= ing (Peter Krempa) [Orabug: 33091019] - qemu: block: Introduce qemuBlockNamedNodeDataGetBitmapByName (Peter Kremp= a) [Orabug: 33091019] - qemu: snapshot: Propagate active bitmaps through external snapshots (Pete= r Krempa) [Orabug: 33091019] - qemu: monitor: Add 'granularity' parameter for block-dirty-bitmap-add (Pe= ter Krempa) [Orabug: 33091019] - qemu: snapshot: Fold formatting of snapshot transaction into prepare func= (Peter Krempa) [Orabug: 33091019] - qemu: Check for explicit failure of qemuBlockSnapshotAddBlockdev (Peter K= rempa) [Orabug: 33091019] - qemu: monitor: Extract internals of qemuMonitorJSONBlockGetNamedNodeData = (Peter Krempa) [Orabug: 33091019] - qemu: monitor: Extract data about dirty-bimaps in qemuMonitorBlockGetName= dNodeData (Peter Krempa) [Orabug: 33091019] - qemu: block: enable the snapshot image deletion feature (Pavel Mores) [O= rabug: 33091019] - qemu: block: propagate the delete flag to where it can actually be used (= Pavel Mores) [Orabug: 33091019] - qemu: checkpoint: fix NULL dereference at create time (Cole Robinson) [O= rabug: 33091019] - qemu: snapshot: Mark file becoming backingStore as read-only (Peter Kremp= a) [Orabug: 33091019] - util: consolidate on one free callback for hash data (Daniel P. Berrang= =E9) [Orabug: 33091019] - conf: stop using hash key when free'ing hash entries (Daniel P. Berrang= =E9) [Orabug: 33091019] - qemu: checkpoint: Use qemuMonitorTransactionBitmapMergeSourceAddBitmap (P= eter Krempa) [Orabug: 33091019] - qemu: checkpoint: Fix rollback and access to unlocked 'vm' when deleting = checkpoints (Peter Krempa) [Orabug: 33091019] - qemu: snapshot: split out preparation of a snapshot with blockdev (Peter = Krempa) [Orabug: 33091019] - qemu: monitor: Add helper for generating data for block bitmap merging (P= eter Krempa) [Orabug: 33091019] - qemu: checkpoint: Extract finalizing steps of checkpoint creation (Peter = Krempa) [Orabug: 33091019] - qemu: checkpoint: Split out checkpoint creation code (Peter Krempa) [Ora= bug: 33091019] - qemu: block: Don't query monitor in qemuBlockStorageSourceCreateDetectSiz= e (Peter Krempa) [Orabug: 33091019] - qemu: monitor: Introduce new interface to query-named-block-nodes (Peter = Krempa) [Orabug: 33091019] - util: hash: Introduce virHashHasEntry (Peter Krempa) [Orabug: 33091019] - util: hash: Add new constructor 'virHashNew' (Peter Krempa) [Orabug: 330= 91019] - util: hash: Add possibility to use simpler data free function in virHash = (Peter Krempa) [Orabug: 33091019] - conf: Introduce virDomainDiskByTarget (Peter Krempa) [Orabug: 33091019] - qemu: checkpoint: Don't update current checkpoint until we are done (Pete= r Krempa) [Orabug: 33091019] - qemu: checkpoint: Replace open-coded transaction action generators (Peter= Krempa) [Orabug: 33091019] - qemu: checkpoint: Refactor cleanup in qemuCheckpointCreateXML (Peter Krem= pa) [Orabug: 33091019] - qemu: domain: Move checkpoint related code to qemu_checkpoint.c (Peter Kr= empa) [Orabug: 33091019] - qemu: driver: Move checkpoint-related code to qemu_checkpoint.c (Peter Kr= empa) [Orabug: 33091019] - qemu: Move, rename and export qemuDomObjFromDomain (Peter Krempa) [Orabu= g: 33091019] - qemu: checkpoint: Don't forbid checkpoint when VM is marked for autodestr= oy (Peter Krempa) [Orabug: 33091019] - Prepare to hotplug vNUMA targets for non-X86_64 guests (Wim ten Have) [O= rabug: 34256070] - qemu: Add missing lock in qemuProcessHandleMonitorEOF (Peng Liang) [Orab= ug: 34210159] {CVE-2021-3975} - libvirt: Fix Auto host partitioning threads under single-socket hosts (Wi= m ten Have) [Orabug: 34153152] libvirt-python [5.7.0-34.el7] - libvirt-python.spec: Bump "Obsoletes" version number for libvirt-python (= Karl Heubaum) [Orabug: 34185868]

i386

x86_64

SRPMS

https://oss.oracle.com/ol7/SRPMS-updates/libvirt-5.7.0-34.el7.src.rpm https://oss.oracle.com/ol7/SRPMS-updates/libvirt-python-5.7.0-34.el7.src.rpm

Severity

Related CVEs: CVE-2021-3975

Advisories

What Are You Looking For?

Popular Tags

Oracle7: ELSA-2022-9668: libvirt Important Security Update

Summary

i386

x86_64

SRPMS

News

Advisories

HOWTOs

Features

Open-Source VPN Protocols Compared: Why WireGuard is on the Rise!

Open Source OSINT Tools and Techniques

The Story Behind the Linux Security Quick Reference Guide

Benefits & Drawbacks of Using a VPN on Linux

How a WAF Could Improve the Security of Your Linux Web Applications

About Us

Powered By

Advisories

What Are You Looking For?

Popular Tags

Oracle7: ELSA-2022-9668: libvirt Important Security Update

Summary

i386

x86_64

SRPMS

Get the Latest News & Insights

News

Advisories

HOWTOs

Features

Open-Source VPN Protocols Compared: Why WireGuard is on the Rise!

Open Source OSINT Tools and Techniques

The Story Behind the Linux Security Quick Reference Guide

Benefits & Drawbacks of Using a VPN on Linux

How a WAF Could Improve the Security of Your Linux Web Applications

About Us

Powered By