RHEA-2017:1188 - Product Enhancement Advisory
Product Enhancement Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
An updated rhev-hypervisor package is now available.
The rhev-hypervisor package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the
Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent.
- An out-of-bounds write flaw was found in the way NSS performed certain
Base64-decoding operations. An attacker could use this flaw to create a
specially crafted certificate which, when parsed by NSS, could cause it to crash or execute arbitrary code, using the permissions of the user running an application compiled against the NSS library. (CVE-2017-5461)
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
- Red Hat Virtualization 7 x86_64
- Red Hat Virtualization 6 x86_64
- BZ - 1445035 - rebase rhev-h 3.6.10
Red Hat Virtualization 7
Red Hat Virtualization 6