Skip to navigation

Security Advisory Low: libguestfs security, bug fix, and enhancement update

Advisory: RHSA-2012:0774-4
Type: Security Advisory
Severity: Low
Issued on: 2012-06-20
Last updated on: 2012-06-20
Affected Products: Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2012-2690

Details

Updated libguestfs packages that fix one security issue, several bugs, and
add various enhancements are now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having low
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

libguestfs is a library for accessing and modifying guest disk images.

It was found that editing files with virt-edit left said files in a
world-readable state (and did not preserve the file owner or
Security-Enhanced Linux context). If an administrator on the host used
virt-edit to edit a file inside a guest, the file would be left with
world-readable permissions. This could lead to unprivileged guest users
accessing files they would otherwise be unable to. (CVE-2012-2690)

These updated libguestfs packages include numerous bug fixes and
enhancements. Space precludes documenting all of these changes in this
advisory. Users are directed to the Red Hat Enterprise Linux 6.3 Technical
Notes for information on the most significant of these changes.

Users of libguestfs are advised to upgrade to these updated packages, which
fix these issues and add these enhancements.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Updated packages

Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
libguestfs-1.16.19-1.el6.src.rpm
File outdated by:  RHSA-2013:1536
    MD5: aaa8f3d528fdb7b9fd57edb9cf0c9cce
SHA-256: fbeb07e850b0913708c09b002877581d82abdd7716081aac30c09945c6e0e5ff
 
x86_64:
libguestfs-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: 7a985764dddedc308ee43e2cd409ad36
SHA-256: 0613952dff8424f3bc3c87b6c8bb371f8ed8608cd687396f1bde0826b3f4010c
libguestfs-debuginfo-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: 8a6b51f69b528bb36c4200e34e3a5e68
SHA-256: 1d6c9dd939151145dfcb1c8674c6f15b9d23d0211399922980c02b082ab99d44
libguestfs-devel-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: 192fb267ea53fd435c3a8bdc247cb505
SHA-256: dbdeb0f2a6dc18d60524b1c308b358b3eb88ff8f3a55ab04fa4b32276ed204cf
libguestfs-java-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: e38afc9dfbbfc530be533cf7376b9b34
SHA-256: bde37b805090b50773e773b76209fe7a62b0a8ab07c21265e2cfc4bf28c1961e
libguestfs-java-devel-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: f932b5b6252aae343dd4e48b96fc2179
SHA-256: 9e1012f39d57a227f991be7b4ee0e90069cec63da8aa1a0cff2e88312ff20db3
libguestfs-javadoc-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: 4aa1de5f77f517641500eca3f6794fba
SHA-256: 9848df979078dbd2dcad043499a0f49d197e1ceb69e9e44ce4120e1ccefd3f37
libguestfs-tools-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: 8b9442ff8a6aa9af4f8792c3fea71a55
SHA-256: e2c4d325d4636113f0780b70ebac9baeecd2c1fe170c2bc0c113b2b3e0635364
libguestfs-tools-c-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: 83545a8ff7ed74f9ac1028b7b6d22132
SHA-256: e06ecb2e652af80cf2060e1412e41286857fcb939676d28c3be4b15b252144c9
ocaml-libguestfs-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: 12e76c8a2897ba7f39e3cf9633c6bd6b
SHA-256: b0296e5ea7d6f70aa21ebc8922bd891853d0351eaa8ad2d82be0a3e0b730186f
ocaml-libguestfs-devel-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: 88107e1500ef06794743ba2f0376a0dd
SHA-256: 0e7eb35e84d15d42416b1ec9edf999cac874534702f4cb5240b1c4e92e78f38e
perl-Sys-Guestfs-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: aade0394a3d12fccd55d3d7958c0343d
SHA-256: 2e40d28451a1b29946313e9e0eda21d3c2585614f506f5d875226332eaf9a76a
python-libguestfs-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: d94144eb18899b835a43590e466f9bd2
SHA-256: f4119a667ece797766ec8dd98d8d791ef96110e53484f018527efdf54e484b9e
ruby-libguestfs-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: e8f4e354fdc695929ca18971448de252
SHA-256: cc7d8062b463a1b45cfcbc2fcc752dfc90de7b02b8a238ec5d5d7d222bcac026
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
libguestfs-1.16.19-1.el6.src.rpm
File outdated by:  RHSA-2013:1536
    MD5: aaa8f3d528fdb7b9fd57edb9cf0c9cce
SHA-256: fbeb07e850b0913708c09b002877581d82abdd7716081aac30c09945c6e0e5ff
 
x86_64:
libguestfs-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: 7a985764dddedc308ee43e2cd409ad36
SHA-256: 0613952dff8424f3bc3c87b6c8bb371f8ed8608cd687396f1bde0826b3f4010c
libguestfs-debuginfo-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: 8a6b51f69b528bb36c4200e34e3a5e68
SHA-256: 1d6c9dd939151145dfcb1c8674c6f15b9d23d0211399922980c02b082ab99d44
libguestfs-devel-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: 192fb267ea53fd435c3a8bdc247cb505
SHA-256: dbdeb0f2a6dc18d60524b1c308b358b3eb88ff8f3a55ab04fa4b32276ed204cf
libguestfs-java-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: e38afc9dfbbfc530be533cf7376b9b34
SHA-256: bde37b805090b50773e773b76209fe7a62b0a8ab07c21265e2cfc4bf28c1961e
libguestfs-java-devel-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: f932b5b6252aae343dd4e48b96fc2179
SHA-256: 9e1012f39d57a227f991be7b4ee0e90069cec63da8aa1a0cff2e88312ff20db3
libguestfs-javadoc-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: 4aa1de5f77f517641500eca3f6794fba
SHA-256: 9848df979078dbd2dcad043499a0f49d197e1ceb69e9e44ce4120e1ccefd3f37
libguestfs-tools-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: 8b9442ff8a6aa9af4f8792c3fea71a55
SHA-256: e2c4d325d4636113f0780b70ebac9baeecd2c1fe170c2bc0c113b2b3e0635364
libguestfs-tools-c-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: 83545a8ff7ed74f9ac1028b7b6d22132
SHA-256: e06ecb2e652af80cf2060e1412e41286857fcb939676d28c3be4b15b252144c9
ocaml-libguestfs-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: 12e76c8a2897ba7f39e3cf9633c6bd6b
SHA-256: b0296e5ea7d6f70aa21ebc8922bd891853d0351eaa8ad2d82be0a3e0b730186f
ocaml-libguestfs-devel-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: 88107e1500ef06794743ba2f0376a0dd
SHA-256: 0e7eb35e84d15d42416b1ec9edf999cac874534702f4cb5240b1c4e92e78f38e
perl-Sys-Guestfs-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: aade0394a3d12fccd55d3d7958c0343d
SHA-256: 2e40d28451a1b29946313e9e0eda21d3c2585614f506f5d875226332eaf9a76a
python-libguestfs-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: d94144eb18899b835a43590e466f9bd2
SHA-256: f4119a667ece797766ec8dd98d8d791ef96110e53484f018527efdf54e484b9e
ruby-libguestfs-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: e8f4e354fdc695929ca18971448de252
SHA-256: cc7d8062b463a1b45cfcbc2fcc752dfc90de7b02b8a238ec5d5d7d222bcac026
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
libguestfs-1.16.19-1.el6.src.rpm
File outdated by:  RHSA-2013:1536
    MD5: aaa8f3d528fdb7b9fd57edb9cf0c9cce
SHA-256: fbeb07e850b0913708c09b002877581d82abdd7716081aac30c09945c6e0e5ff
 
x86_64:
libguestfs-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: 7a985764dddedc308ee43e2cd409ad36
SHA-256: 0613952dff8424f3bc3c87b6c8bb371f8ed8608cd687396f1bde0826b3f4010c
libguestfs-debuginfo-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: 8a6b51f69b528bb36c4200e34e3a5e68
SHA-256: 1d6c9dd939151145dfcb1c8674c6f15b9d23d0211399922980c02b082ab99d44
libguestfs-devel-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: 192fb267ea53fd435c3a8bdc247cb505
SHA-256: dbdeb0f2a6dc18d60524b1c308b358b3eb88ff8f3a55ab04fa4b32276ed204cf
libguestfs-java-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: e38afc9dfbbfc530be533cf7376b9b34
SHA-256: bde37b805090b50773e773b76209fe7a62b0a8ab07c21265e2cfc4bf28c1961e
libguestfs-java-devel-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: f932b5b6252aae343dd4e48b96fc2179
SHA-256: 9e1012f39d57a227f991be7b4ee0e90069cec63da8aa1a0cff2e88312ff20db3
libguestfs-javadoc-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: 4aa1de5f77f517641500eca3f6794fba
SHA-256: 9848df979078dbd2dcad043499a0f49d197e1ceb69e9e44ce4120e1ccefd3f37
libguestfs-tools-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: 8b9442ff8a6aa9af4f8792c3fea71a55
SHA-256: e2c4d325d4636113f0780b70ebac9baeecd2c1fe170c2bc0c113b2b3e0635364
libguestfs-tools-c-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: 83545a8ff7ed74f9ac1028b7b6d22132
SHA-256: e06ecb2e652af80cf2060e1412e41286857fcb939676d28c3be4b15b252144c9
ocaml-libguestfs-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: 12e76c8a2897ba7f39e3cf9633c6bd6b
SHA-256: b0296e5ea7d6f70aa21ebc8922bd891853d0351eaa8ad2d82be0a3e0b730186f
ocaml-libguestfs-devel-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: 88107e1500ef06794743ba2f0376a0dd
SHA-256: 0e7eb35e84d15d42416b1ec9edf999cac874534702f4cb5240b1c4e92e78f38e
perl-Sys-Guestfs-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: aade0394a3d12fccd55d3d7958c0343d
SHA-256: 2e40d28451a1b29946313e9e0eda21d3c2585614f506f5d875226332eaf9a76a
python-libguestfs-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: d94144eb18899b835a43590e466f9bd2
SHA-256: f4119a667ece797766ec8dd98d8d791ef96110e53484f018527efdf54e484b9e
ruby-libguestfs-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: e8f4e354fdc695929ca18971448de252
SHA-256: cc7d8062b463a1b45cfcbc2fcc752dfc90de7b02b8a238ec5d5d7d222bcac026
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
libguestfs-1.16.19-1.el6.src.rpm
File outdated by:  RHSA-2013:1536
    MD5: aaa8f3d528fdb7b9fd57edb9cf0c9cce
SHA-256: fbeb07e850b0913708c09b002877581d82abdd7716081aac30c09945c6e0e5ff
 
x86_64:
libguestfs-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: 7a985764dddedc308ee43e2cd409ad36
SHA-256: 0613952dff8424f3bc3c87b6c8bb371f8ed8608cd687396f1bde0826b3f4010c
libguestfs-debuginfo-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: 8a6b51f69b528bb36c4200e34e3a5e68
SHA-256: 1d6c9dd939151145dfcb1c8674c6f15b9d23d0211399922980c02b082ab99d44
libguestfs-devel-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: 192fb267ea53fd435c3a8bdc247cb505
SHA-256: dbdeb0f2a6dc18d60524b1c308b358b3eb88ff8f3a55ab04fa4b32276ed204cf
libguestfs-java-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: e38afc9dfbbfc530be533cf7376b9b34
SHA-256: bde37b805090b50773e773b76209fe7a62b0a8ab07c21265e2cfc4bf28c1961e
libguestfs-java-devel-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: f932b5b6252aae343dd4e48b96fc2179
SHA-256: 9e1012f39d57a227f991be7b4ee0e90069cec63da8aa1a0cff2e88312ff20db3
libguestfs-javadoc-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: 4aa1de5f77f517641500eca3f6794fba
SHA-256: 9848df979078dbd2dcad043499a0f49d197e1ceb69e9e44ce4120e1ccefd3f37
libguestfs-tools-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: 8b9442ff8a6aa9af4f8792c3fea71a55
SHA-256: e2c4d325d4636113f0780b70ebac9baeecd2c1fe170c2bc0c113b2b3e0635364
libguestfs-tools-c-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: 83545a8ff7ed74f9ac1028b7b6d22132
SHA-256: e06ecb2e652af80cf2060e1412e41286857fcb939676d28c3be4b15b252144c9
ocaml-libguestfs-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: 12e76c8a2897ba7f39e3cf9633c6bd6b
SHA-256: b0296e5ea7d6f70aa21ebc8922bd891853d0351eaa8ad2d82be0a3e0b730186f
ocaml-libguestfs-devel-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: 88107e1500ef06794743ba2f0376a0dd
SHA-256: 0e7eb35e84d15d42416b1ec9edf999cac874534702f4cb5240b1c4e92e78f38e
perl-Sys-Guestfs-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: aade0394a3d12fccd55d3d7958c0343d
SHA-256: 2e40d28451a1b29946313e9e0eda21d3c2585614f506f5d875226332eaf9a76a
python-libguestfs-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: d94144eb18899b835a43590e466f9bd2
SHA-256: f4119a667ece797766ec8dd98d8d791ef96110e53484f018527efdf54e484b9e
ruby-libguestfs-1.16.19-1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1536
    MD5: e8f4e354fdc695929ca18971448de252
SHA-256: cc7d8062b463a1b45cfcbc2fcc752dfc90de7b02b8a238ec5d5d7d222bcac026
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

647174 - RHEL6: virt-clone should remove old udev rules when changing MAC address
679737 - libguestfs: improve error message when zerofree is not available in the appliance
719879 - Rebase libguestfs in RHEL 6.3
729076 - libguestfs confuses Hp_recovery partition with Windows root filesystem
731742 - libguestfs should escape special/non-printing characters in debug output
741183 - [RFE] Write a tool to align the partition(s) in a Windows XP image to a multiple of 8 sectors
760221 - RFE: Support inspection of cciss devices
769359 - virt-resize on RHEL 6 kernel fails to re-read the partition table
785305 - ocaml (bytecode) bindings segfault in 'add_drive_opts'
785668 - aug-defnode: daemon crash
789960 - guestfsd crash when try to mount non-exist disk
790958 - multiprovider build error: RuntimeError: link: /tmp/.guestfs-0/kernel /tmp/.guestfs-0/kernel.10139: File exists
795322 - add_ro should return error if not running in a config state
796520 - [RFE] Prevent user from running some appliance configure commands after appliance boot up
797760 - virt-resize on Windows XP in sysprep state causes "UNMOUNTABLE_BOOT_VOLUME" BSOD
798197 - virt-resize confuses format and output_format variables; using --output-format sets the input format
798980 - Libguestfs live support should be disabled in RHEL 6 packages
799695 - guestfs.h fails to compile with c++ compiler
799798 - set_autosync: this function can only be called in the config state at /usr/share/perl5/vendor_perl/Sys/VirtConvert/GuestfsHandle.pm line 107
801273 - Document for set-pgroup need to be updated
801788 - libguestfs holds open file descriptors when handle is launched
803699 - libguestfs inspection fails on Windows XP: libguestfs: error: hivex: could not locate HKLM\SYSTEM\MountedDevices
807557 - virt-sysprep: wrong params are passed to virt-inspector
807905 - mkfs blocksize option breaks when creating btrfs
809401 - inspection doesn't recognize Fedora 17+ (because of grub2 and UsrMove)
811112 - [RFE][virt-sysprep] hostname can not be changed on rhel system
811117 - [RFE][virt-sysprep] net-hwaddr not removed from "ifcfg-*" files on rhel
811673 - guestfs_last_error not set when qemu fails early during launch
812092 - libguestfs cannot open disk images which are symlinks to files that contain ':' (colon) character
813329 - virt-p2v can not convert physical host on MD device
831117 - CVE-2012-2690 libguestfs: virt-edit creates a new file, when it is used leading to loss of file attributes (permissions, owner, SELinux context etc.)


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/