Описание
Security update for libvirt
This update for libvirt fixes the following issues:
-
Update to libvirt 1.2.18.4 stable release
- Inherit many upstream bug fixes, including CVE-2016-5008 boo#987527. For details, see http://wiki.libvirt.org/page/Maintenance_Releases
-
virsh: improve waiting for block job readines (boo#989755)
Список пакетов
openSUSE Leap 42.1
libvirt-1.2.18.4-14.2
libvirt-client-1.2.18.4-14.2
libvirt-client-32bit-1.2.18.4-14.2
libvirt-daemon-1.2.18.4-14.2
libvirt-daemon-config-network-1.2.18.4-14.2
libvirt-daemon-config-nwfilter-1.2.18.4-14.2
libvirt-daemon-driver-interface-1.2.18.4-14.2
libvirt-daemon-driver-libxl-1.2.18.4-14.2
libvirt-daemon-driver-lxc-1.2.18.4-14.2
libvirt-daemon-driver-network-1.2.18.4-14.2
libvirt-daemon-driver-nodedev-1.2.18.4-14.2
libvirt-daemon-driver-nwfilter-1.2.18.4-14.2
libvirt-daemon-driver-qemu-1.2.18.4-14.2
libvirt-daemon-driver-secret-1.2.18.4-14.2
libvirt-daemon-driver-storage-1.2.18.4-14.2
libvirt-daemon-driver-uml-1.2.18.4-14.2
libvirt-daemon-driver-vbox-1.2.18.4-14.2
libvirt-daemon-lxc-1.2.18.4-14.2
libvirt-daemon-qemu-1.2.18.4-14.2
libvirt-daemon-uml-1.2.18.4-14.2
libvirt-daemon-vbox-1.2.18.4-14.2
libvirt-daemon-xen-1.2.18.4-14.2
libvirt-devel-1.2.18.4-14.2
libvirt-devel-32bit-1.2.18.4-14.2
libvirt-doc-1.2.18.4-14.2
libvirt-lock-sanlock-1.2.18.4-14.2
libvirt-login-shell-1.2.18.4-14.2
Ссылки
- E-Mail link for openSUSE-SU-2016:1975-1
- SUSE Security Ratings
Описание
libvirt before 2.0.0 improperly disables password checking when the password on a VNC server is set to an empty string, which allows remote attackers to bypass authentication and establish a VNC session by connecting to the server.
Затронутые продукты
openSUSE Leap 42.1:libvirt-1.2.18.4-14.2
openSUSE Leap 42.1:libvirt-client-1.2.18.4-14.2
openSUSE Leap 42.1:libvirt-client-32bit-1.2.18.4-14.2
openSUSE Leap 42.1:libvirt-daemon-1.2.18.4-14.2
Ссылки
- CVE-2016-5008
- SUSE Bug 987527