8.89. libguestfs

Updated libguestfs packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE link(s) associated with each description below.
Libguestfs is a library and set of tools for accessing and modifying guest disk images.

Upgrade to an upstream version

The libguestfs package has been upgraded to upstream version 1.20.0, which provides a number of bug fixes and enhancements over the previous version. (BZ#958183)

Security Fix

It was found that guestfish, which enables shell scripting and command line access to libguestfs, insecurely created the temporary directory used to store the network socket when started in server mode. A local attacker could use this flaw to intercept and modify other user's guestfish command, allowing them to perform arbitrary guestfish actions with the privileges of a different user, or use this flaw to obtain authentication credentials.
This issue was discovered by Michael Scherer of the Red Hat Regional IT team.

Bug Fixes

Previously, when the guestmount utility failed to create a hard link, an incorrect error message was returned. Consequently, information about the true cause of error was not displayed. With this update, the error handling in guestmount has been fixed and correct messages are now displayed in the described case.
When attempting to rename a symbolic link with the guestmount utility, guestmount followed the link instead of overwriting it. With this update, a guestfs_rename API has been added, which allows guestmount to rename target files correctly.
Downloading a directory using the guestfs_download API or the guestfish download command is not allowed. However libguestfs did not return an error in such case and lost protocol synchronization instead. With this update, libguestfs now tests if the download source is a directory and returns an error message if it is.
Under certain circumstances, long-running libguestfs API calls, which generated progress messages, caused libguestfs to terminate unexpectedly due to a stack overflow. The underlying source code has been modified to handle this case and the stack overflow no longer occurs.
Prior to this update, the libguestfs inspection did not detect a Microsoft Windows guest that used a non-standard systemroot path. With this update, libguestfs has been modified to use the contents of the Windows boot.ini file to find the systemroot path. As a result, Windows guests are detected properly even if they use non-standard systemroot paths.
Previously, libguestfs did not resize a Microsoft Windows NTFS file system when the target size was not explicitly specified. With this update, libguestfs has been modified to establish this size automatically from the target storage device. As a result, NTFS file systems can now be resized even without specifying the target size.
The virt-resize fails on Windows guests that are in an inconsistent state. This update adds the description of this problem to the guestfs(3) man page.
If the iface parameter was used when adding a drive, libguestfs entered an infinite loop. With this update, libguestfs has been fixed to process iface parameters correctly, thus preventing the hang.
Calling the guestfs_filesystem_available(g,"xfs") function could be evaluated as true even if certain XFS functions were not available. This problem has been documented in the guestfs(3) man page.
Prior to this update, the hivex-commit command with a relative path parameter wrote to a location inaccessible to users. This command has been modified to require an absolute path or a NULL path that overwrites the original. An error message is now displayed if a relative path is passed to hivex-commit.
The syntax for setting Access Control Lists (ACLs) with libguestfs is now documented in the guestfs(3) man page.
When libguestfs was used to read the capabilities of a file that had no capabilities set, libguestfs returned an error. The guestfs_cap_get_file() function that is responsible for retrieving the file capabilities has been modified to return an empty string in the described case.
Under certain circumstances, using the guestfish command with both --remote and --add options can have unexpected results. This behavior has been documented in the guestfish(1) man page.
Previously, when using the guestfish --remote command, the following message was displayed:
libguestfs: error: waitpid (qemu): No child processes
With this update, this unnecessary message is no longer displayed.
Previously, when the libguestfs package was used on systems under heavy load, messages about "unstable clocks" appeared in the debugging output. With this update, libguestfs has been modified to check if the kvmclock kernel feature is enabled, thus reducing the aforementioned message output.
Prior to this update, using the guestfs_sh or sh command before mounting a disk caused the guestfish utility to terminate with a segmentation fault. With this update, guestfish has been modified to verify if a file system is mounted before executing these commands, and if not, an error message is displayed. As a result, guestfish no longer crashes in the aforementioned scenario.
Users of libguestfs are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements.