exploitDog

SUSE-SU-2017:2660-1

Опубликовано: 09 окт. 2017

Источник: suse-cvrf

Описание

Security update for libvirt

This update for libvirt fixes several issues.

This security issue was fixed:

bsc#1053600: Escape ssh commed line to prevent interpreting malicious hostname as arguments, allowing for command execution

These non-security issues were fixed:

bsc#1025340: Use xend for nodeGetFreeMemory API
bsc#1026236: Add support for tsc timers on xen

Список пакетов

SUSE Linux Enterprise Server 11 SP4

libvirt-1.2.5-23.3.1

libvirt-client-1.2.5-23.3.1

libvirt-client-32bit-1.2.5-23.3.1

libvirt-doc-1.2.5-23.3.1

libvirt-lock-sanlock-1.2.5-23.3.1

SUSE Linux Enterprise Server for SAP Applications 11 SP4

libvirt-1.2.5-23.3.1

libvirt-client-1.2.5-23.3.1

libvirt-client-32bit-1.2.5-23.3.1

libvirt-doc-1.2.5-23.3.1

libvirt-lock-sanlock-1.2.5-23.3.1

SUSE Linux Enterprise Software Development Kit 11 SP4

libvirt-devel-1.2.5-23.3.1

libvirt-devel-32bit-1.2.5-23.3.1

Ссылки

https://www.suse.com/support/update/announcement/2017/suse-su-20172660-1/
Link for SUSE-SU-2017:2660-1
https://lists.suse.com/pipermail/sle-security-updates/2017-October/003278.html
E-Mail link for SUSE-SU-2017:2660-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1025340
SUSE Bug 1025340
https://bugzilla.suse.com/1026236
SUSE Bug 1026236
https://bugzilla.suse.com/1053600
SUSE Bug 1053600