El-errata: ELSA-2020-5961 Important: Oracle Linux 7 libvirt security update (aarch64)
Oracle Linux Security Advisory ELSA-2020-5961
http://linux.oracle.com/errata/ELSA-2020-5961.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
aarch64:
libvirt-5.7.0-21.el7.aarch64.rpm
libvirt-bash-completion-5.7.0-21.el7.aarch64.rpm
libvirt-client-5.7.0-21.el7.aarch64.rpm
libvirt-daemon-5.7.0-21.el7.aarch64.rpm
libvirt-daemon-config-network-5.7.0-21.el7.aarch64.rpm
libvirt-daemon-config-nwfilter-5.7.0-21.el7.aarch64.rpm
libvirt-daemon-driver-interface-5.7.0-21.el7.aarch64.rpm
libvirt-daemon-driver-lxc-5.7.0-21.el7.aarch64.rpm
libvirt-daemon-driver-network-5.7.0-21.el7.aarch64.rpm
libvirt-daemon-driver-nodedev-5.7.0-21.el7.aarch64.rpm
libvirt-daemon-driver-nwfilter-5.7.0-21.el7.aarch64.rpm
libvirt-daemon-driver-qemu-5.7.0-21.el7.aarch64.rpm
libvirt-daemon-driver-secret-5.7.0-21.el7.aarch64.rpm
libvirt-daemon-driver-storage-5.7.0-21.el7.aarch64.rpm
libvirt-daemon-driver-storage-core-5.7.0-21.el7.aarch64.rpm
libvirt-daemon-driver-storage-disk-5.7.0-21.el7.aarch64.rpm
libvirt-daemon-driver-storage-gluster-5.7.0-21.el7.aarch64.rpm
libvirt-daemon-driver-storage-iscsi-5.7.0-21.el7.aarch64.rpm
libvirt-daemon-driver-storage-logical-5.7.0-21.el7.aarch64.rpm
libvirt-daemon-driver-storage-mpath-5.7.0-21.el7.aarch64.rpm
libvirt-daemon-driver-storage-rbd-5.7.0-21.el7.aarch64.rpm
libvirt-daemon-driver-storage-scsi-5.7.0-21.el7.aarch64.rpm
libvirt-daemon-kvm-5.7.0-21.el7.aarch64.rpm
libvirt-daemon-qemu-5.7.0-21.el7.aarch64.rpm
libvirt-devel-5.7.0-21.el7.aarch64.rpm
libvirt-docs-5.7.0-21.el7.aarch64.rpm
libvirt-libs-5.7.0-21.el7.aarch64.rpm
libvirt-admin-5.7.0-21.el7.aarch64.rpm
libvirt-daemon-lxc-5.7.0-21.el7.aarch64.rpm
libvirt-lock-sanlock-5.7.0-21.el7.aarch64.rpm
libvirt-login-shell-5.7.0-21.el7.aarch64.rpm
libvirt-nss-5.7.0-21.el7.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/libvirt-5.7.0-21.el7.src.rpm
Description of changes:
[5.7.0-21.el7]
- exadata: Fix the validation when defining domain groups (Wim ten Have)
[Orabug: 32085856]
- Revert "qemu: don't take agent and monitor job for shutdown" (Menno
Lageman) [Orabug: 32080283]
- Revert "qemu: don't hold a monitor and agent job for reboot" (Menno
Lageman) [Orabug: 32080283]
- Revert "qemu: don't hold monitor and agent job when setting time"
(Menno Lageman) [Orabug: 32080283]
- Revert "qemu: remove use of qemuDomainObjBeginJobWithAgent()" (Menno
Lageman) [Orabug: 32080283]
- qemu: improve error message when guest vcpu count exceeds domain group
limit (Menno Lageman) [Orabug: 31985111]
- qemu: Autonomous hugepage acquisition for 2-MiB and 1-GiB guest
memoryBacking. (Wim ten Have) - qemu: Fix a qemuMemReleaseHostHugepages
state error (Wim ten Have) [Orabug: 32069203]
- qemu: avoid guest CPU process handling if exadataConfig is disabled
(Wim ten Have) [Orabug: 32053696]
- domain_conf: Relax SCSI addr used check (Michal Prívozník) [Orabug:
31386162]
- domain_conf: Make virDomainDeviceFindSCSIController accept
virDomainDeviceDriveAddress struct (Michal Prívozník) [Orabug: 31386162]
[5.7.0-20.el7]
- qemu: remove use of qemuDomainObjBeginJobWithAgent() (Jonathon
Jongsma) [Orabug: 31990187] {CVE-2019-20485}
- qemu: don't hold monitor and agent job when setting time (Jonathon
Jongsma) [Orabug: 31990187] {CVE-2019-20485}
- qemu: don't hold a monitor and agent job for reboot (Jonathon Jongsma)
[Orabug: 31990187] {CVE-2019-20485}
- qemu: don't take agent and monitor job for shutdown (Jonathon Jongsma)
[Orabug: 31990187] {CVE-2019-20485}
- qemu: agent: set ifname to NULL after freeing (Ján Tomko) [Orabug:
31964426] {CVE-2020-25637}
- rpc: require write acl for guest agent in virDomainInterfaceAddresses
(Ján Tomko) [Orabug: 31964426] {CVE-2020-25637}
- rpc: add support for filtering @acls by uint params (Ján Tomko)
[Orabug: 31964426] {CVE-2020-25637}
- rpc: gendispatch: handle empty flags (Ján Tomko) [Orabug: 31964426]
{CVE-2020-25637}
- qemu: blockcopy: Fix conditions when virStorageSource should be
initialized (Peter Krempa) [Orabug: 31517934]
- qemu: blockcopy: Report error on image format detection failure (Peter
Krempa) [Orabug: 31517934]
A libvirt security update (aarch64) has been released for Oracle Linux 7.