This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.
The remote Scientific Linux host is missing a security update.
virt-v2v is a tool for converting and importing virtual machines to
libvirt-managed KVM (Kernel-based Virtual Machine).
Using virt-v2v to convert a guest that has a password-protected VNC
console to a KVM guest removed that password protection from the
converted guest: after conversion, a password was not required to
access the converted guest's VNC console. Now, converted guests will
require the same VNC console password as the original guest. Note that
when converting a guest to run on RHEV, virt-v2v will display a
warning that VNC passwords are not supported. (CVE-2011-1773)
Bug fixes :
- When converting a guest virtual machine (VM), whose name
contained certain characters, virt-v2v would create a
converted guest with a corrupted name. Now, virt-v2v
will not corrupt guest names.
- There were numerous usability issues when running
virt-v2v as a non-root user. This update makes it
simpler to run virt-v2v as a non-root user.
- virt-v2v failed to convert a Microsoft Windows guest
with Windows Recovery Console installed in a separate
partition. Now, virt-v2v will successfully convert a
guest with Windows Recovery Console installed in a
separate partition by ignoring that partition.
- virt-v2v failed to convert a Linux guest which did not
have the symlink '/boot/grub/menu.lst'. With this
update, virt-v2v can select a grub configuration file
from several places.
- This update removes information about the usage of
deprecated command line options in the virt-v2v man
- virt-v2v would fail to correctly change the allocation
policy, (sparse or preallocated) when converting a guest
with QCOW2 image format. The error message 'Cannot
import VM, The selected disk configuration is not
supported' was displayed. With this update, allocation
policy changes to a guest with QCOW2 storage will work
- The options '--network' and '--bridge' can not be used
in conjunction when converting a guest, but no error
message was displayed. With this update, virt-v2v will
now display an error message if the mutually exclusive
'--network' and '--bridge' command line options are both
- virt-v2v failed to convert a multi-boot guest, and did
not clean up temporary storage and mount points after
failure. With this update, virt-v2v will prompt for
which operating system to convert from a multi-boot
guest, and will correctly clean up if the process fails.
- virt-v2v failed to correctly configure modprobe aliases
when converting a VMware ESX guest with VMware Tools
installed. With this update, modprobe aliases will be
- When converting a guest with preallocated raw storage
using the libvirtxml input method, virt-v2v failed with
the erroneous error message 'size(X) < usage(Y)'. This
update removes this erroneous error.
- When converting a Linux guest, virt-v2v did not check
that the Cirrus X driver was available before
configuring it. With this update, virt-v2v will attempt
to install the Cirrus X driver if it is required.
- VirtIO systems do not support the Windows Recovery
Console on 32-bit Windows XP. The virt-v2v man page has
been updated to note this. On Windows XP Professional
x64 Edition, however, if Windows Recovery Console is
re-installed after conversion, it will work as expected.
- Placing comments in the guest fstab file by means of the
leading '#' symbol caused an 'unknown filesystem' error
after conversion of a guest. With this update comments
can now be used and error messages will not be
Users of virt-v2v should upgrade to this updated package, which fixes
these issues and upgrades virt-v2v to version 0.8.3.
See also :
Update the affected virt-v2v package.
Risk factor :
Medium / CVSS Base Score : 4.4
Family: Scientific Linux Local Security Checks
Nessus Plugin ID: 61201 ()
CVE ID: CVE-2011-1773