Red Hat Product Errata RHSA-2011:0479 - Security Advisory

Issued:: 2011-05-02
Updated:: 2011-05-02

RHSA-2011:0479 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: libvirt security and bug fix update

Type/Severity

Security Advisory: Moderate

Topic

Updated libvirt packages that fix one security issue and one bug are now
available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

Description

The libvirt library is a C API for managing and interacting with the
virtualization capabilities of Linux and other operating systems. In
addition, libvirt provides tools for remotely managing virtualized systems.

A flaw was found in the way libvirtd handled error reporting for concurrent
connections. A remote attacker able to establish read-only connections to
libvirtd on a server could use this flaw to crash libvirtd. (CVE-2011-1486)

This update also fixes the following bug:

Previously, running qemu under a different UID prevented it from
accessing files with mode 0660 permissions that were owned by a different
user, but by a group that qemu was a member of. (BZ#668692)

All libvirt users are advised to upgrade to these updated packages, which
contain backported patches to resolve these issues. After installing the
updated packages, libvirtd must be restarted ("service libvirtd restart")
for this update to take effect.

Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Affected Products

Red Hat Enterprise Linux Server 6 x86_64
Red Hat Enterprise Linux Server 6 i386
Red Hat Enterprise Linux Workstation 6 x86_64
Red Hat Enterprise Linux Workstation 6 i386
Red Hat Enterprise Linux Desktop 6 x86_64
Red Hat Enterprise Linux Desktop 6 i386
Red Hat Enterprise Linux for IBM z Systems 6 s390x
Red Hat Enterprise Linux for Power, big endian 6 ppc64
Red Hat Enterprise Linux for Scientific Computing 6 x86_64
Red Hat Enterprise Linux Server from RHUI 6 x86_64
Red Hat Enterprise Linux Server from RHUI 6 i386

Fixes

BZ - 668692 - qemu process is spawned with no supplementary groups
BZ - 693391 - CVE-2011-1486 libvirt: error reporting in libvirtd is not thread safe

CVEs

CVE-2011-1486

References

https://access.redhat.com/security/updates/classification/#moderate

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 6

SRPM
libvirt-0.8.1-27.el6_0.6.src.rpm	SHA-256: fbe878db0f5d157669574492083b9fced1121a74c90172269765ef67db223e8f
x86_64
libvirt-0.8.1-27.el6_0.6.x86_64.rpm	SHA-256: 95b60bf08290a828d5a77e0ee22c60e318365e6303863481c9f868d8c3ac9123
libvirt-client-0.8.1-27.el6_0.6.i686.rpm	SHA-256: b0f853679fce5f5392664348e25d46dfe55fb8494ffb99dccf4970d5d91d6f92
libvirt-client-0.8.1-27.el6_0.6.x86_64.rpm	SHA-256: ac9380d242157500f6a410a7921e66566be1571e7c3432224ca1254f9141cddf
libvirt-debuginfo-0.8.1-27.el6_0.6.i686.rpm	SHA-256: cda2bd55f3f1419bbe7fa5cc6238a2f2f89d0e0216f3e6fe3fcf4ef601cc42e1
libvirt-debuginfo-0.8.1-27.el6_0.6.x86_64.rpm	SHA-256: d05a0291ea02eb4ec462a57160145b03ac6419822598b4b2eb64a6306e682c99
libvirt-devel-0.8.1-27.el6_0.6.i686.rpm	SHA-256: 5df4f9e982bf014edfadd686f90ff84f181385a886a93ec9f9c915beaf354f32
libvirt-devel-0.8.1-27.el6_0.6.x86_64.rpm	SHA-256: c1a869c68831e1acd97a1fb28bbd8097a35f9face41c59d0b2001f90bb085ff1
libvirt-python-0.8.1-27.el6_0.6.x86_64.rpm	SHA-256: 6141047049e8a3f8a2f43a38066ba402e749a96ddc4d3a388c82505c3671a15b
i386
libvirt-0.8.1-27.el6_0.6.i686.rpm	SHA-256: 4d0e889db9c4b265050a7fa1b0fc76b382534900346deffda816a2d9ea821888
libvirt-client-0.8.1-27.el6_0.6.i686.rpm	SHA-256: b0f853679fce5f5392664348e25d46dfe55fb8494ffb99dccf4970d5d91d6f92
libvirt-debuginfo-0.8.1-27.el6_0.6.i686.rpm	SHA-256: cda2bd55f3f1419bbe7fa5cc6238a2f2f89d0e0216f3e6fe3fcf4ef601cc42e1
libvirt-devel-0.8.1-27.el6_0.6.i686.rpm	SHA-256: 5df4f9e982bf014edfadd686f90ff84f181385a886a93ec9f9c915beaf354f32
libvirt-python-0.8.1-27.el6_0.6.i686.rpm	SHA-256: 110edfc1b8d239e3bc6d1ac10bf374456057df7d4cadbd380ef2f1a7ebc7a608

Red Hat Enterprise Linux Workstation 6

SRPM
libvirt-0.8.1-27.el6_0.6.src.rpm	SHA-256: fbe878db0f5d157669574492083b9fced1121a74c90172269765ef67db223e8f
x86_64
libvirt-0.8.1-27.el6_0.6.x86_64.rpm	SHA-256: 95b60bf08290a828d5a77e0ee22c60e318365e6303863481c9f868d8c3ac9123
libvirt-client-0.8.1-27.el6_0.6.i686.rpm	SHA-256: b0f853679fce5f5392664348e25d46dfe55fb8494ffb99dccf4970d5d91d6f92
libvirt-client-0.8.1-27.el6_0.6.x86_64.rpm	SHA-256: ac9380d242157500f6a410a7921e66566be1571e7c3432224ca1254f9141cddf
libvirt-debuginfo-0.8.1-27.el6_0.6.i686.rpm	SHA-256: cda2bd55f3f1419bbe7fa5cc6238a2f2f89d0e0216f3e6fe3fcf4ef601cc42e1
libvirt-debuginfo-0.8.1-27.el6_0.6.x86_64.rpm	SHA-256: d05a0291ea02eb4ec462a57160145b03ac6419822598b4b2eb64a6306e682c99
libvirt-devel-0.8.1-27.el6_0.6.i686.rpm	SHA-256: 5df4f9e982bf014edfadd686f90ff84f181385a886a93ec9f9c915beaf354f32
libvirt-devel-0.8.1-27.el6_0.6.x86_64.rpm	SHA-256: c1a869c68831e1acd97a1fb28bbd8097a35f9face41c59d0b2001f90bb085ff1
libvirt-python-0.8.1-27.el6_0.6.x86_64.rpm	SHA-256: 6141047049e8a3f8a2f43a38066ba402e749a96ddc4d3a388c82505c3671a15b
i386
libvirt-0.8.1-27.el6_0.6.i686.rpm	SHA-256: 4d0e889db9c4b265050a7fa1b0fc76b382534900346deffda816a2d9ea821888
libvirt-client-0.8.1-27.el6_0.6.i686.rpm	SHA-256: b0f853679fce5f5392664348e25d46dfe55fb8494ffb99dccf4970d5d91d6f92
libvirt-debuginfo-0.8.1-27.el6_0.6.i686.rpm	SHA-256: cda2bd55f3f1419bbe7fa5cc6238a2f2f89d0e0216f3e6fe3fcf4ef601cc42e1
libvirt-devel-0.8.1-27.el6_0.6.i686.rpm	SHA-256: 5df4f9e982bf014edfadd686f90ff84f181385a886a93ec9f9c915beaf354f32
libvirt-python-0.8.1-27.el6_0.6.i686.rpm	SHA-256: 110edfc1b8d239e3bc6d1ac10bf374456057df7d4cadbd380ef2f1a7ebc7a608

Red Hat Enterprise Linux Desktop 6

SRPM
libvirt-0.8.1-27.el6_0.6.src.rpm	SHA-256: fbe878db0f5d157669574492083b9fced1121a74c90172269765ef67db223e8f
x86_64
libvirt-0.8.1-27.el6_0.6.x86_64.rpm	SHA-256: 95b60bf08290a828d5a77e0ee22c60e318365e6303863481c9f868d8c3ac9123
libvirt-client-0.8.1-27.el6_0.6.i686.rpm	SHA-256: b0f853679fce5f5392664348e25d46dfe55fb8494ffb99dccf4970d5d91d6f92
libvirt-client-0.8.1-27.el6_0.6.x86_64.rpm	SHA-256: ac9380d242157500f6a410a7921e66566be1571e7c3432224ca1254f9141cddf
libvirt-debuginfo-0.8.1-27.el6_0.6.i686.rpm	SHA-256: cda2bd55f3f1419bbe7fa5cc6238a2f2f89d0e0216f3e6fe3fcf4ef601cc42e1
libvirt-debuginfo-0.8.1-27.el6_0.6.i686.rpm	SHA-256: cda2bd55f3f1419bbe7fa5cc6238a2f2f89d0e0216f3e6fe3fcf4ef601cc42e1
libvirt-debuginfo-0.8.1-27.el6_0.6.x86_64.rpm	SHA-256: d05a0291ea02eb4ec462a57160145b03ac6419822598b4b2eb64a6306e682c99
libvirt-debuginfo-0.8.1-27.el6_0.6.x86_64.rpm	SHA-256: d05a0291ea02eb4ec462a57160145b03ac6419822598b4b2eb64a6306e682c99
libvirt-devel-0.8.1-27.el6_0.6.i686.rpm	SHA-256: 5df4f9e982bf014edfadd686f90ff84f181385a886a93ec9f9c915beaf354f32
libvirt-devel-0.8.1-27.el6_0.6.x86_64.rpm	SHA-256: c1a869c68831e1acd97a1fb28bbd8097a35f9face41c59d0b2001f90bb085ff1
libvirt-python-0.8.1-27.el6_0.6.x86_64.rpm	SHA-256: 6141047049e8a3f8a2f43a38066ba402e749a96ddc4d3a388c82505c3671a15b
i386
libvirt-0.8.1-27.el6_0.6.i686.rpm	SHA-256: 4d0e889db9c4b265050a7fa1b0fc76b382534900346deffda816a2d9ea821888
libvirt-client-0.8.1-27.el6_0.6.i686.rpm	SHA-256: b0f853679fce5f5392664348e25d46dfe55fb8494ffb99dccf4970d5d91d6f92
libvirt-debuginfo-0.8.1-27.el6_0.6.i686.rpm	SHA-256: cda2bd55f3f1419bbe7fa5cc6238a2f2f89d0e0216f3e6fe3fcf4ef601cc42e1
libvirt-debuginfo-0.8.1-27.el6_0.6.i686.rpm	SHA-256: cda2bd55f3f1419bbe7fa5cc6238a2f2f89d0e0216f3e6fe3fcf4ef601cc42e1
libvirt-devel-0.8.1-27.el6_0.6.i686.rpm	SHA-256: 5df4f9e982bf014edfadd686f90ff84f181385a886a93ec9f9c915beaf354f32
libvirt-python-0.8.1-27.el6_0.6.i686.rpm	SHA-256: 110edfc1b8d239e3bc6d1ac10bf374456057df7d4cadbd380ef2f1a7ebc7a608

Red Hat Enterprise Linux for IBM z Systems 6

SRPM
libvirt-0.8.1-27.el6_0.6.src.rpm	SHA-256: fbe878db0f5d157669574492083b9fced1121a74c90172269765ef67db223e8f
s390x
libvirt-0.8.1-27.el6_0.6.s390x.rpm	SHA-256: c507c1e188ca451459f5b0b721caddaca0411c258357f3b99fbf8e56c1e2592a
libvirt-client-0.8.1-27.el6_0.6.s390.rpm	SHA-256: 482022d25f7b0cdbb65d7840ff9a40f1281347e0ace59a692aaf59367baa5f4d
libvirt-client-0.8.1-27.el6_0.6.s390x.rpm	SHA-256: a0be754ee773f44a475be382e29b0c86d725ab86b1e1dd55ed824037a0bbb41d
libvirt-debuginfo-0.8.1-27.el6_0.6.s390.rpm	SHA-256: f91f4a551b7c5a2ee43e0534afb2695cc93490a9d167a5580d2a90db0fdf59fe
libvirt-debuginfo-0.8.1-27.el6_0.6.s390x.rpm	SHA-256: 6053083f489394e6464d047d5f476e127afde31270905a0eaf6cbe204ae48bca
libvirt-devel-0.8.1-27.el6_0.6.s390.rpm	SHA-256: b2e573011670b29bf8badef6d09a78644873e272e849052a72fb2c1ae6ef7c8b
libvirt-devel-0.8.1-27.el6_0.6.s390x.rpm	SHA-256: ad488a36e7ee6391ed5ec4df2dc05f4543584a4813e92beb0834b93b8736e50f
libvirt-python-0.8.1-27.el6_0.6.s390x.rpm	SHA-256: dfd37a7aba7748cbfeffd32d8b90a07fa9a32ec329c424414b96f9166f6680ba

Red Hat Enterprise Linux for Power, big endian 6

SRPM
libvirt-0.8.1-27.el6_0.6.src.rpm	SHA-256: fbe878db0f5d157669574492083b9fced1121a74c90172269765ef67db223e8f
ppc64
libvirt-0.8.1-27.el6_0.6.ppc64.rpm	SHA-256: 7357474be659d13fba79258efe8c83459c042419d709b50417000bcad9341b56
libvirt-client-0.8.1-27.el6_0.6.ppc.rpm	SHA-256: a03464cf2c3eeb6b892f80ddc1f5eb165a4ca90b9c1b8645de3a61e7df39a379
libvirt-client-0.8.1-27.el6_0.6.ppc64.rpm	SHA-256: 17f42bbefdc20c6105c6365c4368cdc9e1f2c7545afdaedf75acfe2aefb025fb
libvirt-debuginfo-0.8.1-27.el6_0.6.ppc.rpm	SHA-256: 94d1bbbc2e80d15c0c5315a5431016b1dc80ece29d74724f4a7ba43c5a595074
libvirt-debuginfo-0.8.1-27.el6_0.6.ppc64.rpm	SHA-256: 39631ea2970dcd0db3bb9562e67e988d843f2c4c6defd807e3371e1cb4ef74c8
libvirt-devel-0.8.1-27.el6_0.6.ppc.rpm	SHA-256: d747c1cea194898eaa9cf87d428b9788c0acd5840738a3ed2cdf744b7df328cf
libvirt-devel-0.8.1-27.el6_0.6.ppc64.rpm	SHA-256: c75bc552c841db20ccac3e6311b891abf19011e686c2298df4fb3551b0743c8f
libvirt-python-0.8.1-27.el6_0.6.ppc64.rpm	SHA-256: d68e25ef0a4aaa12d6d380e9b32ae35a54c3e1873f327365044114340966821f

Red Hat Enterprise Linux for Scientific Computing 6

SRPM
libvirt-0.8.1-27.el6_0.6.src.rpm	SHA-256: fbe878db0f5d157669574492083b9fced1121a74c90172269765ef67db223e8f
x86_64
libvirt-0.8.1-27.el6_0.6.x86_64.rpm	SHA-256: 95b60bf08290a828d5a77e0ee22c60e318365e6303863481c9f868d8c3ac9123
libvirt-client-0.8.1-27.el6_0.6.i686.rpm	SHA-256: b0f853679fce5f5392664348e25d46dfe55fb8494ffb99dccf4970d5d91d6f92
libvirt-client-0.8.1-27.el6_0.6.x86_64.rpm	SHA-256: ac9380d242157500f6a410a7921e66566be1571e7c3432224ca1254f9141cddf
libvirt-debuginfo-0.8.1-27.el6_0.6.i686.rpm	SHA-256: cda2bd55f3f1419bbe7fa5cc6238a2f2f89d0e0216f3e6fe3fcf4ef601cc42e1
libvirt-debuginfo-0.8.1-27.el6_0.6.i686.rpm	SHA-256: cda2bd55f3f1419bbe7fa5cc6238a2f2f89d0e0216f3e6fe3fcf4ef601cc42e1
libvirt-debuginfo-0.8.1-27.el6_0.6.x86_64.rpm	SHA-256: d05a0291ea02eb4ec462a57160145b03ac6419822598b4b2eb64a6306e682c99
libvirt-debuginfo-0.8.1-27.el6_0.6.x86_64.rpm	SHA-256: d05a0291ea02eb4ec462a57160145b03ac6419822598b4b2eb64a6306e682c99
libvirt-devel-0.8.1-27.el6_0.6.i686.rpm	SHA-256: 5df4f9e982bf014edfadd686f90ff84f181385a886a93ec9f9c915beaf354f32
libvirt-devel-0.8.1-27.el6_0.6.x86_64.rpm	SHA-256: c1a869c68831e1acd97a1fb28bbd8097a35f9face41c59d0b2001f90bb085ff1
libvirt-python-0.8.1-27.el6_0.6.x86_64.rpm	SHA-256: 6141047049e8a3f8a2f43a38066ba402e749a96ddc4d3a388c82505c3671a15b

Red Hat Enterprise Linux Server from RHUI 6

SRPM
libvirt-0.8.1-27.el6_0.6.src.rpm	SHA-256: fbe878db0f5d157669574492083b9fced1121a74c90172269765ef67db223e8f
x86_64
libvirt-0.8.1-27.el6_0.6.x86_64.rpm	SHA-256: 95b60bf08290a828d5a77e0ee22c60e318365e6303863481c9f868d8c3ac9123
libvirt-client-0.8.1-27.el6_0.6.i686.rpm	SHA-256: b0f853679fce5f5392664348e25d46dfe55fb8494ffb99dccf4970d5d91d6f92
libvirt-client-0.8.1-27.el6_0.6.x86_64.rpm	SHA-256: ac9380d242157500f6a410a7921e66566be1571e7c3432224ca1254f9141cddf
libvirt-debuginfo-0.8.1-27.el6_0.6.i686.rpm	SHA-256: cda2bd55f3f1419bbe7fa5cc6238a2f2f89d0e0216f3e6fe3fcf4ef601cc42e1
libvirt-debuginfo-0.8.1-27.el6_0.6.x86_64.rpm	SHA-256: d05a0291ea02eb4ec462a57160145b03ac6419822598b4b2eb64a6306e682c99
libvirt-devel-0.8.1-27.el6_0.6.i686.rpm	SHA-256: 5df4f9e982bf014edfadd686f90ff84f181385a886a93ec9f9c915beaf354f32
libvirt-devel-0.8.1-27.el6_0.6.x86_64.rpm	SHA-256: c1a869c68831e1acd97a1fb28bbd8097a35f9face41c59d0b2001f90bb085ff1
libvirt-python-0.8.1-27.el6_0.6.x86_64.rpm	SHA-256: 6141047049e8a3f8a2f43a38066ba402e749a96ddc4d3a388c82505c3671a15b
i386
libvirt-0.8.1-27.el6_0.6.i686.rpm	SHA-256: 4d0e889db9c4b265050a7fa1b0fc76b382534900346deffda816a2d9ea821888
libvirt-client-0.8.1-27.el6_0.6.i686.rpm	SHA-256: b0f853679fce5f5392664348e25d46dfe55fb8494ffb99dccf4970d5d91d6f92
libvirt-debuginfo-0.8.1-27.el6_0.6.i686.rpm	SHA-256: cda2bd55f3f1419bbe7fa5cc6238a2f2f89d0e0216f3e6fe3fcf4ef601cc42e1
libvirt-devel-0.8.1-27.el6_0.6.i686.rpm	SHA-256: 5df4f9e982bf014edfadd686f90ff84f181385a886a93ec9f9c915beaf354f32
libvirt-python-0.8.1-27.el6_0.6.i686.rpm	SHA-256: 110edfc1b8d239e3bc6d1ac10bf374456057df7d4cadbd380ef2f1a7ebc7a608

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

JBoss Development and Management

JBoss Integration and Automation

Mobile

Services

Tools

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories