Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
红帽产品勘误 RHSA-2018:1524 - Security Advisory
发布:
2018-05-15
已更新:
2018-05-15

RHSA-2018:1524 - Security Advisory

  • 概述
  • 更新的软件包

概述

Important: redhat-virtualization-host bug fix and enhancement update

类型/严重性

Security Advisory: Important

Red Hat Insights 补丁分析

识别并修复受此公告影响的系统。

查看受影响的系统

标题

Updated redhat-virtualization-host packages that fix several bugs and add various enhancements are now available.

描述

The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.

Includes GlusterFS fixes for CVE-2018-1088, dhcp fixes for CVE-2018-1111, kernel fixes for CVE-2018-1087, and kernel fixes for CVE-2018-8897.

A list of bugs fixed in this update is available in the Technical Notes book: https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.2/html/technical_notes/

解决方案

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/2974891

受影响的产品

  • Red Hat Virtualization 4 for RHEL 7 x86_64
  • Red Hat Virtualization Host 4 for RHEL 7 x86_64

修复

  • BZ - 1357247 - rhvh 4: reboot after install shows "4m[terminated]" and takes long to reboot
  • BZ - 1374007 - [RFE] RHV-H does not default to LVM Thin Provisioning
  • BZ - 1420068 - [RFE] RHV-H should meet NIST 800-53 partitioning requirements by default
  • BZ - 1422676 - [Test Only] Test Ansible playbook for registration
  • BZ - 1429485 - [RFE] Imgbased layers should be named with '%{name}-%{version}-%{release}' instead of %{name}-%{version}
  • BZ - 1433394 - kdump could fill up /var filesystem while writing to /var/crash
  • BZ - 1443965 - Libvirt is disabled on RHVH host
  • BZ - 1454536 - HostedEngine setup fails if RHV-H timezone < UTC set during installation
  • BZ - 1474268 - RHVH host displays "upgrade available" information on the engine after registering until an update is released
  • BZ - 1489567 - Host Software tab does not show exact RHVH version anymore
  • BZ - 1501161 - The version displays as "4.1" for subscribed product with RHVH 4.2
  • BZ - 1502920 - File missing after upgrade of RHVH node from version RHVH-4.1-20170925.0 to latest.
  • BZ - 1503148 - [RFE] translate between basic ntp configurations and chrony configurations
  • BZ - 1516123 - tuned-adm timeout while adding the host in manager and the deployment will fail/take time to complete
  • BZ - 1534855 - RHVH brand is missing on cockpit login screen.
  • BZ - 1535791 - Upgrading node brings back previous hosted-engine configuration
  • BZ - 1542833 - oVirt Node upgrade fails if SELINUX is disabled
  • BZ - 1547864 - There is error report when upgrade to rhvh-4.1-20180218.0 / rhvh-4.2-20180218.0
  • BZ - 1549630 - NGN upgrade should fail if it finds a badly placed local storage domain
  • BZ - 1554186 - RHVH 4.2.2 version info is incorrect
  • BZ - 1555243 - Consume updated cockpit-storaged packages
  • BZ - 1555254 - "systemctl status lldpad.service" failed
  • BZ - 1558721 - CVE-2018-1088 glusterfs: Privilege escalation via gluster_shared_storage when snapshot scheduling is enabled
  • BZ - 1561258 - grub2-mkconfig on node produce incorrect grub2.cfg if a local VG is present
  • BZ - 1563530 - Include wrong kernel in redhat-virtualization-host-4.1-20180403.1
  • BZ - 1565497 - Imgbase check FAILED in redhat-virtualization-host-4.2-20180409.1
  • BZ - 1566837 - CVE-2018-1087 Kernel: KVM: error in exception handling leads to wrong debug stack value
  • BZ - 1567074 - CVE-2018-8897 Kernel: error in exception handling leads to DoS
  • BZ - 1567974 - CVE-2018-1111 dhcp: Command injection vulnerability in the DHCP client NetworkManager integration script
  • BZ - 1571134 - RHVH 4.2.3 version info is incorrect

CVE

  • CVE-2018-1087
  • CVE-2018-1088
  • CVE-2018-1111
  • CVE-2018-8897

参考

  • https://access.redhat.com/security/updates/classification/#important
注:: 可能有这些软件包的更新版本。 点击软件包名称查看详情。

Red Hat Virtualization 4 for RHEL 7

SRPM
imgbased-1.0.16-0.1.el7ev.src.rpm SHA-256: 3dfffe90fb00be801ad293439e970f7bca003cf396631ce29d5603c9db10c739
ovirt-node-ng-4.2.0-0.20170814.0.el7.src.rpm SHA-256: 2b4f75e851c09a74da1f27352e9fa9fb329ef67e43ee181210e5249ed1c65056
redhat-release-virtualization-host-4.2-3.0.el7.src.rpm SHA-256: fd24df0cfdaf8846cc49425e2137eb8fc9be8991a903e598c573d758924aca6c
x86_64
imgbased-1.0.16-0.1.el7ev.noarch.rpm SHA-256: 3cf29aa8d80bcbc597ca4a39b65461c3c823a5dd283a511aadbfcded1acd05ac
ovirt-node-ng-nodectl-4.2.0-0.20170814.0.el7.noarch.rpm SHA-256: 55862a4ee6b50456146d9ba98e8f8054531883b2f0b1b3bd8d9bc034af2fe0f6
python-imgbased-1.0.16-0.1.el7ev.noarch.rpm SHA-256: 5d7d1d106c5140c460fb34c57d735c09f32dd2ae8e303864a0d79a62a4ee896f
redhat-release-virtualization-host-4.2-3.0.el7.x86_64.rpm SHA-256: 2ddf63c76d9fd695a19b27916e2a7efe6b96d88816ab0746fd48c035f95d7e97
redhat-virtualization-host-image-update-placeholder-4.2-3.0.el7.noarch.rpm SHA-256: 8f52f0632c90413cbbbccbe3c3fbf2dea46a12363d77500379b38ee234e24a7b

Red Hat Virtualization Host 4 for RHEL 7

SRPM
redhat-virtualization-host-4.2-20180508.0.el7_5.src.rpm SHA-256: 57ae832cd18d4254f3eb6f5af202dfa9f1607d985b7e980051c7b87a7e1ce9a5
x86_64
redhat-virtualization-host-image-update-4.2-20180508.0.el7_5.noarch.rpm SHA-256: 6053599d4843dd1f299d0f90240837bf031af2306b8eb1cbfbb7b60faa558e35

Red Hat 安全团队联络方式为 secalert@redhat.com。 更多联络细节请参考 https://access.redhat.com/security/team/contact/。

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat, Inc.

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility