UbuntuUpdates.org

Package "libvirt-daemon-system"

Name: libvirt-daemon-system

Description:

Libvirt daemon configuration files

Latest version: 4.0.0-1ubuntu8.10
Release: bionic (18.04)
Level: security
Repository: main
Head package: libvirt
Homepage: http://libvirt.org

Links

Save this URL for the latest version of "libvirt-daemon-system": https://www.ubuntuupdates.org/libvirt-daemon-system


Download "libvirt-daemon-system"


Other versions of "libvirt-daemon-system" in Bionic

Repository Area Version
base main 4.0.0-1ubuntu8
updates main 4.0.0-1ubuntu8.10

Changelog

Version: 4.0.0-1ubuntu8.10 2019-05-15 19:07:15 UTC

  libvirt (4.0.0-1ubuntu8.10) bionic-security; urgency=medium

  * SECURITY UPDATE: Add support for md-clear functionality
    - debian/patches/md-clear.patch: Define md-clear CPUID bit in
      src/cpu/cpu_map.xml.
    - CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091

 -- Marc Deslauriers <email address hidden> Tue, 14 May 2019 15:11:45 -0400

Source diff to previous version
CVE-2018-12126 MSBDS Microarchitectural Store Buffer Data Sampling
CVE-2018-12127 MLPDS Microarchitectural Load Port Data Sampling
CVE-2018-12130 MFBDS Microarchitectural Fill Buffer Data Sampling
CVE-2019-11091 MDSUM Microarchitectural Data Sampling Uncacheable Memory

Version: 4.0.0-1ubuntu8.8 2019-03-14 19:06:56 UTC

  libvirt (4.0.0-1ubuntu8.8) bionic-security; urgency=medium

  * SECURITY UPDATE: NULL pointer dereference in qemuAgentGetInterfaces
    - debian/patches/CVE-2019-3840.patch: require a reply in
      src/qemu/qemu_agent.c.
    - CVE-2019-3840

 -- Marc Deslauriers <email address hidden> Wed, 13 Mar 2019 08:09:33 -0400

Source diff to previous version
CVE-2019-3840 NULL pointer dereference after running qemuAgentCommand in qemuAgentGetInterfaces function

Version: 4.0.0-1ubuntu8.2 2018-06-12 13:06:42 UTC

  libvirt (4.0.0-1ubuntu8.2) bionic-security; urgency=medium

  * SECURITY UPDATE: QEMU monitor DoS
    - debian/patches/CVE-2018-1064.patch: add size limit to
      src/qemu/qemu_agent.c.
    - CVE-2018-1064
  * SECURITY UPDATE: Speculative Store Bypass
    - debian/patches/CVE-2018-3639-1.patch: define the 'ssbd' CPUID feature
      bit in src/cpu/cpu_map.xml.
    - debian/patches/CVE-2018-3639-2.patch: define the 'virt-ssbd' CPUID
      feature bit in src/cpu/cpu_map.xml.
    - CVE-2018-3639

 -- Marc Deslauriers <email address hidden> Wed, 23 May 2018 13:23:01 -0400

CVE-2018-1064 libvirt version before 4.2.0-rc1 is vulnerable to a resource exhaustion as a result of an incomplete fix for CVE-2018-5748 that affects QEMU monitor
CVE-2018-3639 Speculative Store Bypass



About   -   Send Feedback to @ubuntu_updates