SUSE: 2020:1289-1 Critical Update: Resolution for Libvirt Daemon Crash
suse
May 15, 2020
An update that solves one vulnerability and has 6 fixes is now available
Summary
This update for libvirt fixes the following issues: Security issue fixed: - CVE-2020-10703: Fixed a daemon crash caused by pools without target paths (bsc#1168683). Non-security issues fixed: - apparmor: avoid copying empty profile name (bsc#1149100). - logging: ensure virtlogd rollover takes priority over logrotate (bsc#1137137). - qemu: Add support for overriding max threads per process limit (bsc#1133719). - util: fix copying bitmap to larger data buffer (bsc#1138734). - virsh: support for setting precopy bandwidth in migrate (bsc#1145586). - virsh: use upstream name for migration precopy bandwidth parameter (bsc#1145586). - virt-create-rootfs: add SLE 15 and SLE 12 service packs support (bsc#1154093). Patch Instructions:
Topics Covered
References
#1133719 #1137137 #1138734 #1145586 #1149100
#1154093 #1168683
Cross- CVE-2020-10703
Affected Products:
SUSE Linux Enterprise Software Development Kit 12-SP4
SUSE Linux Enterprise Server 12-SP4
https://www.suse.com/security/cve/CVE-2020-10703.html
https://bugzilla.suse.com/1133719
https://bugzilla.suse.com/1137137
https://bugzilla.suse.com/1138734
https://bugzilla.suse.com/1145586
https://bugzilla.suse.com/1149100
https://bugzilla.suse.com/1154093
https://bugzilla.suse.com/1168683
PREVIOUS 
NEXT Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2020:1289-1
Rating: important
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!