Skip to navigation

Security Advisory Moderate: libvirt security update

Advisory: RHSA-2011:0478-1
Type: Security Advisory
Severity: Moderate
Issued on: 2011-05-02
Last updated on: 2011-05-02
Affected Products: RHEL Desktop Multi OS (v. 5 client)
RHEL Virtualization (v. 5 server)
RHEL Virtualization EUS (v. 5.6.z server)
RHEL Virtualization Long Life (v. 5.6 server)
CVEs (cve.mitre.org): CVE-2011-1486

Details

Updated libvirt packages that fix one security issue are now available for
Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

The libvirt library is a C API for managing and interacting with the
virtualization capabilities of Linux and other operating systems. In
addition, libvirt provides tools for remotely managing virtualized systems.

A flaw was found in the way libvirtd handled error reporting for concurrent
connections. A remote attacker able to establish read-only connections to
libvirtd on a server could use this flaw to crash libvirtd. (CVE-2011-1486)

All libvirt users are advised to upgrade to these updated packages, which
contain backported patches to resolve this issue. After installing the
updated packages, libvirtd must be restarted ("service libvirtd restart")
for this update to take effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Updated packages

RHEL Desktop Multi OS (v. 5 client)

SRPMS:
libvirt-0.8.2-15.el5_6.4.src.rpm
File outdated by:  RHBA-2011:1411
    MD5: 6c04bbd892859c6c570382f0077ea42c
SHA-256: b9b33f8c4c75309a9ef150dc219478c4f4c4f1045d3d503b22c2b09140b88ba3
 
IA-32:
libvirt-0.8.2-15.el5_6.4.i386.rpm
File outdated by:  RHBA-2013:0575
    MD5: 13cfe763919593b4111c066fe640fbda
SHA-256: faf5c474785d2fbae2608026ec0637cc3f02aae605f13a99d4e5bc1b23e83532
libvirt-devel-0.8.2-15.el5_6.4.i386.rpm
File outdated by:  RHBA-2013:0575
    MD5: b13cee70e3ed0db6882b5273126b9084
SHA-256: 9ebdfbf3a26894e87dd8d28e522494c60b28a3ad488fa2c3f07bd333f48052f3
libvirt-python-0.8.2-15.el5_6.4.i386.rpm
File outdated by:  RHBA-2013:0575
    MD5: 22b1998d4191870d67e45c0ad8cefc09
SHA-256: 3c46b250fc42d0fa9b47f88cbde60873bc59bfb02a402313cd2bee5b1c5e48a5
 
x86_64:
libvirt-0.8.2-15.el5_6.4.i386.rpm
File outdated by:  RHBA-2013:0575
    MD5: 13cfe763919593b4111c066fe640fbda
SHA-256: faf5c474785d2fbae2608026ec0637cc3f02aae605f13a99d4e5bc1b23e83532
libvirt-0.8.2-15.el5_6.4.x86_64.rpm
File outdated by:  RHBA-2013:0575
    MD5: a327a4066abeb513c5b45efd797638b1
SHA-256: bde486205d83da8da3a32e7b44d8d234a94a1aa4c2665eea94174702f077fad3
libvirt-devel-0.8.2-15.el5_6.4.i386.rpm
File outdated by:  RHBA-2013:0575
    MD5: b13cee70e3ed0db6882b5273126b9084
SHA-256: 9ebdfbf3a26894e87dd8d28e522494c60b28a3ad488fa2c3f07bd333f48052f3
libvirt-devel-0.8.2-15.el5_6.4.x86_64.rpm
File outdated by:  RHBA-2013:0575
    MD5: 164eaf1c70cd2cd79919866e3b623158
SHA-256: 5dfdf964891ae3149c293317b6c08b255ed80b80001a71d4bb6ef9e79ca46131
libvirt-python-0.8.2-15.el5_6.4.x86_64.rpm
File outdated by:  RHBA-2013:0575
    MD5: 09f3a97e1a8fcf5fc13143dbac7f784f
SHA-256: 97f1f37002379842e96791b0cb42c39f451dd83a1da16015a59c5a0b0e34d429
 
RHEL Virtualization (v. 5 server)

SRPMS:
libvirt-0.8.2-15.el5_6.4.src.rpm
File outdated by:  RHBA-2011:1411
    MD5: 6c04bbd892859c6c570382f0077ea42c
SHA-256: b9b33f8c4c75309a9ef150dc219478c4f4c4f1045d3d503b22c2b09140b88ba3
 
IA-32:
libvirt-0.8.2-15.el5_6.4.i386.rpm
File outdated by:  RHBA-2013:0575
    MD5: 13cfe763919593b4111c066fe640fbda
SHA-256: faf5c474785d2fbae2608026ec0637cc3f02aae605f13a99d4e5bc1b23e83532
libvirt-devel-0.8.2-15.el5_6.4.i386.rpm
File outdated by:  RHBA-2013:0575
    MD5: b13cee70e3ed0db6882b5273126b9084
SHA-256: 9ebdfbf3a26894e87dd8d28e522494c60b28a3ad488fa2c3f07bd333f48052f3
libvirt-python-0.8.2-15.el5_6.4.i386.rpm
File outdated by:  RHBA-2013:0575
    MD5: 22b1998d4191870d67e45c0ad8cefc09
SHA-256: 3c46b250fc42d0fa9b47f88cbde60873bc59bfb02a402313cd2bee5b1c5e48a5
 
IA-64:
libvirt-0.8.2-15.el5_6.4.ia64.rpm
File outdated by:  RHBA-2013:0575
    MD5: fe93a331ab872e958e441d1d2c573e54
SHA-256: 1a30ee9c1152083ff318d2997b1a2b3d74da974d482493e11d08f9716b82b217
libvirt-devel-0.8.2-15.el5_6.4.ia64.rpm
File outdated by:  RHBA-2013:0575
    MD5: abdaa9c8c5ccf7e2598d69e4884fafb7
SHA-256: 5ed3f943ad6794d049519f2d27b8bcdcb70d1286393992605ea4cf65f3ea701f
libvirt-python-0.8.2-15.el5_6.4.ia64.rpm
File outdated by:  RHBA-2013:0575
    MD5: 81e4b275324678af63e8ebee5b6efca8
SHA-256: 4c52282fb8b85b781d97513eff5617b3715f3ef86b0ebc566abb2f18d8681026
 
x86_64:
libvirt-0.8.2-15.el5_6.4.i386.rpm
File outdated by:  RHBA-2013:0575
    MD5: 13cfe763919593b4111c066fe640fbda
SHA-256: faf5c474785d2fbae2608026ec0637cc3f02aae605f13a99d4e5bc1b23e83532
libvirt-0.8.2-15.el5_6.4.x86_64.rpm
File outdated by:  RHBA-2013:0575
    MD5: a327a4066abeb513c5b45efd797638b1
SHA-256: bde486205d83da8da3a32e7b44d8d234a94a1aa4c2665eea94174702f077fad3
libvirt-devel-0.8.2-15.el5_6.4.i386.rpm
File outdated by:  RHBA-2013:0575
    MD5: b13cee70e3ed0db6882b5273126b9084
SHA-256: 9ebdfbf3a26894e87dd8d28e522494c60b28a3ad488fa2c3f07bd333f48052f3
libvirt-devel-0.8.2-15.el5_6.4.x86_64.rpm
File outdated by:  RHBA-2013:0575
    MD5: 164eaf1c70cd2cd79919866e3b623158
SHA-256: 5dfdf964891ae3149c293317b6c08b255ed80b80001a71d4bb6ef9e79ca46131
libvirt-python-0.8.2-15.el5_6.4.x86_64.rpm
File outdated by:  RHBA-2013:0575
    MD5: 09f3a97e1a8fcf5fc13143dbac7f784f
SHA-256: 97f1f37002379842e96791b0cb42c39f451dd83a1da16015a59c5a0b0e34d429
 
RHEL Virtualization EUS (v. 5.6.z server)

SRPMS:
libvirt-0.8.2-15.el5_6.4.src.rpm
File outdated by:  RHBA-2011:1411
    MD5: 6c04bbd892859c6c570382f0077ea42c
SHA-256: b9b33f8c4c75309a9ef150dc219478c4f4c4f1045d3d503b22c2b09140b88ba3
 
IA-32:
libvirt-0.8.2-15.el5_6.4.i386.rpm
File outdated by:  RHBA-2011:1411
    MD5: 13cfe763919593b4111c066fe640fbda
SHA-256: faf5c474785d2fbae2608026ec0637cc3f02aae605f13a99d4e5bc1b23e83532
libvirt-devel-0.8.2-15.el5_6.4.i386.rpm
File outdated by:  RHBA-2011:1411
    MD5: b13cee70e3ed0db6882b5273126b9084
SHA-256: 9ebdfbf3a26894e87dd8d28e522494c60b28a3ad488fa2c3f07bd333f48052f3
libvirt-python-0.8.2-15.el5_6.4.i386.rpm
File outdated by:  RHBA-2011:1411
    MD5: 22b1998d4191870d67e45c0ad8cefc09
SHA-256: 3c46b250fc42d0fa9b47f88cbde60873bc59bfb02a402313cd2bee5b1c5e48a5
 
IA-64:
libvirt-0.8.2-15.el5_6.4.ia64.rpm
File outdated by:  RHBA-2011:1411
    MD5: fe93a331ab872e958e441d1d2c573e54
SHA-256: 1a30ee9c1152083ff318d2997b1a2b3d74da974d482493e11d08f9716b82b217
libvirt-devel-0.8.2-15.el5_6.4.ia64.rpm
File outdated by:  RHBA-2011:1411
    MD5: abdaa9c8c5ccf7e2598d69e4884fafb7
SHA-256: 5ed3f943ad6794d049519f2d27b8bcdcb70d1286393992605ea4cf65f3ea701f
libvirt-python-0.8.2-15.el5_6.4.ia64.rpm
File outdated by:  RHBA-2011:1411
    MD5: 81e4b275324678af63e8ebee5b6efca8
SHA-256: 4c52282fb8b85b781d97513eff5617b3715f3ef86b0ebc566abb2f18d8681026
 
x86_64:
libvirt-0.8.2-15.el5_6.4.i386.rpm
File outdated by:  RHBA-2011:1411
    MD5: 13cfe763919593b4111c066fe640fbda
SHA-256: faf5c474785d2fbae2608026ec0637cc3f02aae605f13a99d4e5bc1b23e83532
libvirt-0.8.2-15.el5_6.4.x86_64.rpm
File outdated by:  RHBA-2011:1411
    MD5: a327a4066abeb513c5b45efd797638b1
SHA-256: bde486205d83da8da3a32e7b44d8d234a94a1aa4c2665eea94174702f077fad3
libvirt-devel-0.8.2-15.el5_6.4.i386.rpm
File outdated by:  RHBA-2011:1411
    MD5: b13cee70e3ed0db6882b5273126b9084
SHA-256: 9ebdfbf3a26894e87dd8d28e522494c60b28a3ad488fa2c3f07bd333f48052f3
libvirt-devel-0.8.2-15.el5_6.4.x86_64.rpm
File outdated by:  RHBA-2011:1411
    MD5: 164eaf1c70cd2cd79919866e3b623158
SHA-256: 5dfdf964891ae3149c293317b6c08b255ed80b80001a71d4bb6ef9e79ca46131
libvirt-python-0.8.2-15.el5_6.4.x86_64.rpm
File outdated by:  RHBA-2011:1411
    MD5: 09f3a97e1a8fcf5fc13143dbac7f784f
SHA-256: 97f1f37002379842e96791b0cb42c39f451dd83a1da16015a59c5a0b0e34d429
 
RHEL Virtualization Long Life (v. 5.6 server)

SRPMS:
libvirt-0.8.2-15.el5_6.4.src.rpm
File outdated by:  RHBA-2011:1411
    MD5: 6c04bbd892859c6c570382f0077ea42c
SHA-256: b9b33f8c4c75309a9ef150dc219478c4f4c4f1045d3d503b22c2b09140b88ba3
 
IA-32:
libvirt-0.8.2-15.el5_6.4.i386.rpm
File outdated by:  RHBA-2011:1411
    MD5: 13cfe763919593b4111c066fe640fbda
SHA-256: faf5c474785d2fbae2608026ec0637cc3f02aae605f13a99d4e5bc1b23e83532
libvirt-devel-0.8.2-15.el5_6.4.i386.rpm
File outdated by:  RHBA-2011:1411
    MD5: b13cee70e3ed0db6882b5273126b9084
SHA-256: 9ebdfbf3a26894e87dd8d28e522494c60b28a3ad488fa2c3f07bd333f48052f3
libvirt-python-0.8.2-15.el5_6.4.i386.rpm
File outdated by:  RHBA-2011:1411
    MD5: 22b1998d4191870d67e45c0ad8cefc09
SHA-256: 3c46b250fc42d0fa9b47f88cbde60873bc59bfb02a402313cd2bee5b1c5e48a5
 
IA-64:
libvirt-0.8.2-15.el5_6.4.ia64.rpm
File outdated by:  RHBA-2011:1411
    MD5: fe93a331ab872e958e441d1d2c573e54
SHA-256: 1a30ee9c1152083ff318d2997b1a2b3d74da974d482493e11d08f9716b82b217
libvirt-devel-0.8.2-15.el5_6.4.ia64.rpm
File outdated by:  RHBA-2011:1411
    MD5: abdaa9c8c5ccf7e2598d69e4884fafb7
SHA-256: 5ed3f943ad6794d049519f2d27b8bcdcb70d1286393992605ea4cf65f3ea701f
libvirt-python-0.8.2-15.el5_6.4.ia64.rpm
File outdated by:  RHBA-2011:1411
    MD5: 81e4b275324678af63e8ebee5b6efca8
SHA-256: 4c52282fb8b85b781d97513eff5617b3715f3ef86b0ebc566abb2f18d8681026
 
x86_64:
libvirt-0.8.2-15.el5_6.4.i386.rpm
File outdated by:  RHBA-2011:1411
    MD5: 13cfe763919593b4111c066fe640fbda
SHA-256: faf5c474785d2fbae2608026ec0637cc3f02aae605f13a99d4e5bc1b23e83532
libvirt-0.8.2-15.el5_6.4.x86_64.rpm
File outdated by:  RHBA-2011:1411
    MD5: a327a4066abeb513c5b45efd797638b1
SHA-256: bde486205d83da8da3a32e7b44d8d234a94a1aa4c2665eea94174702f077fad3
libvirt-devel-0.8.2-15.el5_6.4.i386.rpm
File outdated by:  RHBA-2011:1411
    MD5: b13cee70e3ed0db6882b5273126b9084
SHA-256: 9ebdfbf3a26894e87dd8d28e522494c60b28a3ad488fa2c3f07bd333f48052f3
libvirt-devel-0.8.2-15.el5_6.4.x86_64.rpm
File outdated by:  RHBA-2011:1411
    MD5: 164eaf1c70cd2cd79919866e3b623158
SHA-256: 5dfdf964891ae3149c293317b6c08b255ed80b80001a71d4bb6ef9e79ca46131
libvirt-python-0.8.2-15.el5_6.4.x86_64.rpm
File outdated by:  RHBA-2011:1411
    MD5: 09f3a97e1a8fcf5fc13143dbac7f784f
SHA-256: 97f1f37002379842e96791b0cb42c39f451dd83a1da16015a59c5a0b0e34d429
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

693391 - CVE-2011-1486 libvirt: error reporting in libvirtd is not thread safe


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/