RHBA-2014:0863 - Bug Fix Advisory

Topic

Updated rhevm packages that fix various bugs are now available.

Description

The Red Hat Enterprise Virtualization Manager is a centralized management
platform that allows system administrators to view and manage virtual machines.
The Manager provides a comprehensive range of features including search
capabilities, resource management, live migrations, and virtual infrastructure
provisioning.

The Manager is a JBoss Application Server application that provides several
interfaces through which the virtual environment can be accessed and interacted
with, including an Administration Portal, a User Portal, and a Representational
State Transfer (REST) Application Programming Interface (API).

Changes to the ovirt-engine-backend component:

• Previously, when maintenance mode was requested on a host with running virtual

machines, there was a 10 minute delay on starting live migration of the running
VMs. This happened because two 'MaintenanceNumberOfVdssCommand's were issued
and, after the second one, migrations failed due to can-do-action (VM already
being migrated); Migrations would then run as requested. Now, migrate commands
are non-transactive, and multiple VMs can be migrated from different hosts to
the same host while one of the migrations is in its execute phase. (BZ#1110146)

• A regression that caused virtual machines to remain locked after migration

fails has been fixed. (BZ#1033932)

Changes to the ovirt-engine-setup component:

• On upgrade from 3.2 to 3.3, the new 'ovirt-engine-notifier' is started and

enabled on reboot if the old 'engine-notifierd' was up before setup.
(BZ#1103044)

• Previously, automatically setting up a PostgreSQL database with engine-setup

generated weak passwords for the PostgreSQL users. Since the PostgreSQL database
is accessible remotely with a default Red Hat Enterprise Virtualization Manager
installation, this was a security issue. Now a patch has been added that creates
stronger random passwords and the length has been extended to 22 characters.
(BZ#1111277)

Changes to the ovirt-engine-userportal component:

• Previously, the Spice ActiveX plug-in for Internet Explorer 11 was not able to

be upgraded, even though a newer version of SpiceX.cab was available. As a
result, an old version of the installed ActiveX plugin was used. Now, upgrade is
possible and this is no longer an issue. (BZ#1085772)

All Red Hat Enterprise Virtualization Manager users are advised to upgrade to
these updated packages, which resolve these issues.

Solution

Before applying this update, make sure all previously-released errata relevant
to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/site/articles/11258

Affected Products

• Red Hat Virtualization 3.3 x86_64

Fixes

• BZ - 1033932 - VM stays locked, in being migrated state, even after migration failed.
• BZ - 1085772 - Upgrade of Spice ActiveX plugin on IE11.
• BZ - 1103044 - notifier daemon is not keeping startup settings after upgrade to 3.3
• BZ - 1110140 - Reduce blocking operations as part of hosts & VMs monitoring cycles
• BZ - 1111277 - rhevm-engine-setup: weak default passwords for PostgreSQL database users

CVEs

(none)

References

(none)