SUSE: 2020:1250-1 Important: Libvirt Daemon Crash and Multiple Fixes
suse
May 11, 2020
An update that solves one vulnerability and has 5 fixes is now available
Summary
This update for libvirt fixes the following issues: Security issue fixed: - CVE-2020-10703: Fixed a daemon crash caused by pools without target paths (bsc#1168683). Non-security issues fixed: - apparmor: avoid copying empty profile name (bsc#1149100). - logging: ensure virtlogd rollover takes priority over logrotate (bsc#1137137). - qemu: Add support for overriding max threads per process limit (bsc#1133719). - util: fix copying bitmap to larger data buffer (bsc#1138734). - virsh: support for setting precopy bandwidth in migrate (bsc#1145586). - virsh: use upstream name for migration precopy bandwidth parameter (bsc#1145586). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
#1133719 #1137137 #1138734 #1145586 #1149100
#1168683
Cross- CVE-2020-10703
Affected Products:
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-ESPOS
https://www.suse.com/security/cve/CVE-2020-10703.html
https://bugzilla.suse.com/1133719
https://bugzilla.suse.com/1137137
https://bugzilla.suse.com/1138734
https://bugzilla.suse.com/1145586
https://bugzilla.suse.com/1149100
https://bugzilla.suse.com/1168683
PREVIOUS 
NEXT Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2020:1250-1
Rating: important
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!