Oracle Linux Security Advisory ELSA-2022-9668

https://linux.oracle.com/errata/ELSA-2022-9668.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unb=
reakable Linux Network:

aarch64:
libvirt-5.7.0-34.el7.aarch64.rpm
libvirt-bash-completion-5.7.0-34.el7.aarch64.rpm
libvirt-client-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-config-network-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-config-nwfilter-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-driver-interface-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-driver-lxc-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-driver-network-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-driver-nodedev-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-driver-nwfilter-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-driver-qemu-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-driver-secret-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-driver-storage-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-driver-storage-core-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-driver-storage-disk-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-driver-storage-gluster-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-driver-storage-iscsi-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-driver-storage-logical-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-driver-storage-mpath-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-driver-storage-rbd-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-driver-storage-scsi-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-kvm-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-qemu-5.7.0-34.el7.aarch64.rpm
libvirt-devel-5.7.0-34.el7.aarch64.rpm
libvirt-docs-5.7.0-34.el7.aarch64.rpm
libvirt-libs-5.7.0-34.el7.aarch64.rpm
libvirt-admin-5.7.0-34.el7.aarch64.rpm
libvirt-daemon-lxc-5.7.0-34.el7.aarch64.rpm
libvirt-lock-sanlock-5.7.0-34.el7.aarch64.rpm
libvirt-login-shell-5.7.0-34.el7.aarch64.rpm
libvirt-nss-5.7.0-34.el7.aarch64.rpm
python2-libvirt-5.7.0-34.el7.aarch64.rpm


SRPMS:
https://oss.oracle.com/ol7/SRPMS-updates/libvirt-5.7.0-34.el7.src.rpm
https://oss.oracle.com/ol7/SRPMS-updates/libvirt-python-5.7.0-34.el7.src.rpm

Related CVEs:

CVE-2021-3975




Description of changes:

libvirt
[5.7.0-34.el7]
- qemu: blockcopy: Allow late opening of the backing chain of a shallow cop=
y (Peter Krempa)  [Orabug: 33091019]
- qemu: capabilities: Introduce QEMU_CAPS_BLOCKDEV_SNAPSHOT_ALLOW_WRITE_ONL=
Y (Peter Krempa)  [Orabug: 33091019]
- qemuDomainBlockCopyCommon: Record updated flags to block job (Peter Kremp=
a)  [Orabug: 33091019]
- qemuDomainBlockPivot: Move check prior to executing the pivot steps (Pete=
r Krempa)  [Orabug: 33091019]
- qemuDomainBlockPivot: Copy bitmaps backing checkpoints for virDomainBlock=
Copy (Peter Krempa)  [Orabug: 33091019]
- qemu: block: Introduce function to calculate bitmap handling for block-co=
py (Peter Krempa)  [Orabug: 33091019]
- qemu: block: Add validator for bitmap chains accross backing chains (Pete=
r Krempa)  [Orabug: 33091019]
- qemu: blockjob: Store 'flags' for all the block job types (Peter Krempa) =
 [Orabug: 33091019]
- qemu: blockjob: Store 'jobflags' with block job data (Peter Krempa)  [Ora=
bug: 33091019]
- util: json: Introduce virJSONValueArrayConcat (Peter Krempa)  [Orabug: 33=
091019]
- qemu: block: Extract calls of qemuBlockGetNamedNodeData into a helper fun=
ction (Peter Krempa)  [Orabug: 33091019]
- qemu: checkpoint: Track and relabel images for bitmap merging (Peter Krem=
pa)  [Orabug: 33091019]
- qemu: checkpoint: Introduce support for deleting checkpoints accross snap=
shots (Peter Krempa)  [Orabug: 33091019]
- qemu: checkpoint: Extract calculation of bitmap merging for checkpoint de=
letion (Peter Krempa)  [Orabug: 33091019]
- qemu: checkpoint: Introduce helper to find checkpoint disk definition in =
parents (Peter Krempa)  [Orabug: 33091019]
- qemu: checkpoint: tolerate missing disks on checkpoint deletion (Peter Kr=
empa)  [Orabug: 33091019]
- qemu: checkpoint: Use disk definition directly when creating checkpoint (=
Peter Krempa)  [Orabug: 33091019]
- qemu: checkpoint: rename disk->chkdisk in qemuCheckpointAddActions (Peter=
 Krempa)  [Orabug: 33091019]
- qemu: checkpoint: rename disk->chkdisk in qemuCheckpointDiscardBitmaps (P=
eter Krempa)  [Orabug: 33091019]
- qemu: checkpoint: split out checkpoint deletion bitmaps (Peter Krempa)  [=
Orabug: 33091019]
- qemu: checkpoint: Store whether deleted checkpoint is current in a variab=
le (Peter Krempa)  [Orabug: 33091019]
- qemu: checkpoint: Extract and export rollback of checkpoint metadata stor=
ing (Peter Krempa)  [Orabug: 33091019]
- qemu: block: Introduce qemuBlockNamedNodeDataGetBitmapByName (Peter Kremp=
a)  [Orabug: 33091019]
- qemu: snapshot: Propagate active bitmaps through external snapshots (Pete=
r Krempa)  [Orabug: 33091019]
- qemu: monitor: Add 'granularity' parameter for block-dirty-bitmap-add (Pe=
ter Krempa)  [Orabug: 33091019]
- qemu: snapshot: Fold formatting of snapshot transaction into prepare func=
 (Peter Krempa)  [Orabug: 33091019]
- qemu: Check for explicit failure of qemuBlockSnapshotAddBlockdev (Peter K=
rempa)  [Orabug: 33091019]
- qemu: monitor: Extract internals of qemuMonitorJSONBlockGetNamedNodeData =
(Peter Krempa)  [Orabug: 33091019]
- qemu: monitor: Extract data about dirty-bimaps in qemuMonitorBlockGetName=
dNodeData (Peter Krempa)  [Orabug: 33091019]
- qemu: block: enable the snapshot image deletion feature (Pavel Mores)  [O=
rabug: 33091019]
- qemu: block: propagate the delete flag to where it can actually be used (=
Pavel Mores)  [Orabug: 33091019]
- qemu: checkpoint: fix NULL dereference at create time (Cole Robinson)  [O=
rabug: 33091019]
- qemu: snapshot: Mark file becoming backingStore as read-only (Peter Kremp=
a)  [Orabug: 33091019]
- util: consolidate on one free callback for hash data (Daniel P. Berrang=
=E9)  [Orabug: 33091019]
- conf: stop using hash key when free'ing hash entries (Daniel P. Berrang=
=E9)  [Orabug: 33091019]
- qemu: checkpoint: Use qemuMonitorTransactionBitmapMergeSourceAddBitmap (P=
eter Krempa)  [Orabug: 33091019]
- qemu: checkpoint: Fix rollback and access to unlocked 'vm' when deleting =
checkpoints (Peter Krempa)  [Orabug: 33091019]
- qemu: snapshot: split out preparation of a snapshot with blockdev (Peter =
Krempa)  [Orabug: 33091019]
- qemu: monitor: Add helper for generating data for block bitmap merging (P=
eter Krempa)  [Orabug: 33091019]
- qemu: checkpoint: Extract finalizing steps of checkpoint creation (Peter =
Krempa)  [Orabug: 33091019]
- qemu: checkpoint: Split out checkpoint creation code (Peter Krempa)  [Ora=
bug: 33091019]
- qemu: block: Don't query monitor in qemuBlockStorageSourceCreateDetectSiz=
e (Peter Krempa)  [Orabug: 33091019]
- qemu: monitor: Introduce new interface to query-named-block-nodes (Peter =
Krempa)  [Orabug: 33091019]
- util: hash: Introduce virHashHasEntry (Peter Krempa)  [Orabug: 33091019]
- util: hash: Add new constructor 'virHashNew' (Peter Krempa)  [Orabug: 330=
91019]
- util: hash: Add possibility to use simpler data free function in virHash =
(Peter Krempa)  [Orabug: 33091019]
- conf: Introduce virDomainDiskByTarget (Peter Krempa)  [Orabug: 33091019]
- qemu: checkpoint: Don't update current checkpoint until we are done (Pete=
r Krempa)  [Orabug: 33091019]
- qemu: checkpoint: Replace open-coded transaction action generators (Peter=
 Krempa)  [Orabug: 33091019]
- qemu: checkpoint: Refactor cleanup in qemuCheckpointCreateXML (Peter Krem=
pa)  [Orabug: 33091019]
- qemu: domain: Move checkpoint related code to qemu_checkpoint.c (Peter Kr=
empa)  [Orabug: 33091019]
- qemu: driver: Move checkpoint-related code to qemu_checkpoint.c (Peter Kr=
empa)  [Orabug: 33091019]
- qemu: Move, rename and export qemuDomObjFromDomain (Peter Krempa)  [Orabu=
g: 33091019]
- qemu: checkpoint: Don't forbid checkpoint when VM is marked for autodestr=
oy (Peter Krempa)  [Orabug: 33091019]
- Prepare to hotplug vNUMA targets for non-X86_64 guests (Wim ten Have)  [O=
rabug: 34256070]
- qemu: Add missing lock in qemuProcessHandleMonitorEOF (Peng Liang)  [Orab=
ug: 34210159]  {CVE-2021-3975}
- libvirt: Fix Auto host partitioning threads under single-socket hosts (Wi=
m ten Have)  [Orabug: 34153152]

libvirt-python
[5.7.0-34.el7]
- libvirt-python.spec: Bump "Obsoletes" version number for libvirt-python (=
Karl
  Heubaum)  [Orabug: 34185868]


_______________________________________________
El-errata mailing list
[email protected]
https://oss.oracle.com/mailman/listinfo/el-errata

Oracle7: ELSA-2022-9668: libvirt Important Security Update

Summary

Description of changes: libvirt [5.7.0-34.el7] - qemu: blockcopy: Allow late opening of the backing chain of a shallow cop= y (Peter Krempa) [Orabug: 33091019] - qemu: capabilities: Introduce QEMU_CAPS_BLOCKDEV_SNAPSHOT_ALLOW_WRITE_ONL= Y (Peter Krempa) [Orabug: 33091019] - qemuDomainBlockCopyCommon: Record updated flags to block job (Peter Kremp= a) [Orabug: 33091019] - qemuDomainBlockPivot: Move check prior to executing the pivot steps (Pete= r Krempa) [Orabug: 33091019] - qemuDomainBlockPivot: Copy bitmaps backing checkpoints for virDomainBlock= Copy (Peter Krempa) [Orabug: 33091019] - qemu: block: Introduce function to calculate bitmap handling for block-co= py (Peter Krempa) [Orabug: 33091019] - qemu: block: Add validator for bitmap chains accross backing chains (Pete= r Krempa) [Orabug: 33091019] - qemu: blockjob: Store 'flags' for all the block job types (Peter Krempa) = [Orabug: 33091019] - qemu: blockjob: Store 'jobflags' with block job data (Peter Krempa) [Ora= bug: 33091019] - util: json: Introduce virJSONValueArrayConcat (Peter Krempa) [Orabug: 33= 091019] - qemu: block: Extract calls of qemuBlockGetNamedNodeData into a helper fun= ction (Peter Krempa) [Orabug: 33091019] - qemu: checkpoint: Track and relabel images for bitmap merging (Peter Krem= pa) [Orabug: 33091019] - qemu: checkpoint: Introduce support for deleting checkpoints accross snap= shots (Peter Krempa) [Orabug: 33091019] - qemu: checkpoint: Extract calculation of bitmap merging for checkpoint de= letion (Peter Krempa) [Orabug: 33091019] - qemu: checkpoint: Introduce helper to find checkpoint disk definition in = parents (Peter Krempa) [Orabug: 33091019] - qemu: checkpoint: tolerate missing disks on checkpoint deletion (Peter Kr= empa) [Orabug: 33091019] - qemu: checkpoint: Use disk definition directly when creating checkpoint (= Peter Krempa) [Orabug: 33091019] - qemu: checkpoint: rename disk->chkdisk in qemuCheckpointAddActions (Peter= Krempa) [Orabug: 33091019] - qemu: checkpoint: rename disk->chkdisk in qemuCheckpointDiscardBitmaps (P= eter Krempa) [Orabug: 33091019] - qemu: checkpoint: split out checkpoint deletion bitmaps (Peter Krempa) [= Orabug: 33091019] - qemu: checkpoint: Store whether deleted checkpoint is current in a variab= le (Peter Krempa) [Orabug: 33091019] - qemu: checkpoint: Extract and export rollback of checkpoint metadata stor= ing (Peter Krempa) [Orabug: 33091019] - qemu: block: Introduce qemuBlockNamedNodeDataGetBitmapByName (Peter Kremp= a) [Orabug: 33091019] - qemu: snapshot: Propagate active bitmaps through external snapshots (Pete= r Krempa) [Orabug: 33091019] - qemu: monitor: Add 'granularity' parameter for block-dirty-bitmap-add (Pe= ter Krempa) [Orabug: 33091019] - qemu: snapshot: Fold formatting of snapshot transaction into prepare func= (Peter Krempa) [Orabug: 33091019] - qemu: Check for explicit failure of qemuBlockSnapshotAddBlockdev (Peter K= rempa) [Orabug: 33091019] - qemu: monitor: Extract internals of qemuMonitorJSONBlockGetNamedNodeData = (Peter Krempa) [Orabug: 33091019] - qemu: monitor: Extract data about dirty-bimaps in qemuMonitorBlockGetName= dNodeData (Peter Krempa) [Orabug: 33091019] - qemu: block: enable the snapshot image deletion feature (Pavel Mores) [O= rabug: 33091019] - qemu: block: propagate the delete flag to where it can actually be used (= Pavel Mores) [Orabug: 33091019] - qemu: checkpoint: fix NULL dereference at create time (Cole Robinson) [O= rabug: 33091019] - qemu: snapshot: Mark file becoming backingStore as read-only (Peter Kremp= a) [Orabug: 33091019] - util: consolidate on one free callback for hash data (Daniel P. Berrang= =E9) [Orabug: 33091019] - conf: stop using hash key when free'ing hash entries (Daniel P. Berrang= =E9) [Orabug: 33091019] - qemu: checkpoint: Use qemuMonitorTransactionBitmapMergeSourceAddBitmap (P= eter Krempa) [Orabug: 33091019] - qemu: checkpoint: Fix rollback and access to unlocked 'vm' when deleting = checkpoints (Peter Krempa) [Orabug: 33091019] - qemu: snapshot: split out preparation of a snapshot with blockdev (Peter = Krempa) [Orabug: 33091019] - qemu: monitor: Add helper for generating data for block bitmap merging (P= eter Krempa) [Orabug: 33091019] - qemu: checkpoint: Extract finalizing steps of checkpoint creation (Peter = Krempa) [Orabug: 33091019] - qemu: checkpoint: Split out checkpoint creation code (Peter Krempa) [Ora= bug: 33091019] - qemu: block: Don't query monitor in qemuBlockStorageSourceCreateDetectSiz= e (Peter Krempa) [Orabug: 33091019] - qemu: monitor: Introduce new interface to query-named-block-nodes (Peter = Krempa) [Orabug: 33091019] - util: hash: Introduce virHashHasEntry (Peter Krempa) [Orabug: 33091019] - util: hash: Add new constructor 'virHashNew' (Peter Krempa) [Orabug: 330= 91019] - util: hash: Add possibility to use simpler data free function in virHash = (Peter Krempa) [Orabug: 33091019] - conf: Introduce virDomainDiskByTarget (Peter Krempa) [Orabug: 33091019] - qemu: checkpoint: Don't update current checkpoint until we are done (Pete= r Krempa) [Orabug: 33091019] - qemu: checkpoint: Replace open-coded transaction action generators (Peter= Krempa) [Orabug: 33091019] - qemu: checkpoint: Refactor cleanup in qemuCheckpointCreateXML (Peter Krem= pa) [Orabug: 33091019] - qemu: domain: Move checkpoint related code to qemu_checkpoint.c (Peter Kr= empa) [Orabug: 33091019] - qemu: driver: Move checkpoint-related code to qemu_checkpoint.c (Peter Kr= empa) [Orabug: 33091019] - qemu: Move, rename and export qemuDomObjFromDomain (Peter Krempa) [Orabu= g: 33091019] - qemu: checkpoint: Don't forbid checkpoint when VM is marked for autodestr= oy (Peter Krempa) [Orabug: 33091019] - Prepare to hotplug vNUMA targets for non-X86_64 guests (Wim ten Have) [O= rabug: 34256070] - qemu: Add missing lock in qemuProcessHandleMonitorEOF (Peng Liang) [Orab= ug: 34210159] {CVE-2021-3975} - libvirt: Fix Auto host partitioning threads under single-socket hosts (Wi= m ten Have) [Orabug: 34153152] libvirt-python [5.7.0-34.el7] - libvirt-python.spec: Bump "Obsoletes" version number for libvirt-python (= Karl Heubaum) [Orabug: 34185868]

i386

x86_64

SRPMS

https://oss.oracle.com/ol7/SRPMS-updates/libvirt-5.7.0-34.el7.src.rpm https://oss.oracle.com/ol7/SRPMS-updates/libvirt-python-5.7.0-34.el7.src.rpm

Severity

Related CVEs: CVE-2021-3975

What Are You Looking For?

Popular Tags

Oracle7: ELSA-2022-9668: libvirt Important Security Update

Summary

i386

x86_64

SRPMS

News

Advisories

HOWTOs

Features

An Enterprise’s Guide To Strengthening Linux Cloud Security

Keeping Your Private Files Private: An Introduction to GNU Privacy Guard

Complete Guide to Ethical Hacking

Authoritative Guide on Linux Disk Encryption

Linux Database Security Tips

About Us

Powered By

What Are You Looking For?

Popular Tags

Oracle7: ELSA-2022-9668: libvirt Important Security Update

Summary

i386

x86_64

SRPMS

Get the Latest News & Insights

News

Advisories

HOWTOs

Features

An Enterprise’s Guide To Strengthening Linux Cloud Security

Keeping Your Private Files Private: An Introduction to GNU Privacy Guard

Complete Guide to Ethical Hacking

Authoritative Guide on Linux Disk Encryption

Linux Database Security Tips

About Us

Powered By