openSUSE Security Update : libvirt (openSUSE-2012-78)

This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

- Fix authorization workflow with PolicyKit. polkit.patch
bnc#735403

- Fix qemu default migration speed. It should not be
33554432Mb! 61f2b6ba-no-unlimited-mig2file-speed.patch
d8916dc8-def-qemu-migspeed.patch

- CVE-2011-4600: unintended firewall port exposure after
restarting libvirtd when defining a bridged forward-mode
network ae1232b2-CVE-2011-4600.patch bnc#736082

- Fix default console type setting
209c2880-multiple-consoles-7.patch

- Fix 'virsh console' with Xen HVM
xen-hvm-virsh-console.patch bnc#731974

- Prevent libvirtd crash on 'virsh qemu-attach' when
security_driver is 'none' in /etc/libvirt/qemu.conf
28423019-qemu-attach-crash.patch bnc#735023

- Allow qemu driver (and hence libvirtd) to load when qemu
user:group does not exist. The kvm or qemu package,
which may not exist on a xen host, creates qemu
user:group. relax-qemu-usergroup-check.patch bnc#711096

- Accommodate Xen domctl version 8 xen-domctl-ver8.patch

- Handle empty strings in s-expression returned by xend
a495365d-sexpr-empty-str.patch bnc#731344

- Allow libvirtd to access libvirt_{io,part}helper when
confined by apparmor Update
install-apparmor-profiles.patch bnc#730435

- Fixed to return success when there are no errors while
parsing bonding interface miimon xml node parameters.
bonding-miimon-xml-parsing.patch

Solution :

Update the affected libvirt packages.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)

Family: SuSE Local Security Checks

Nessus Plugin ID: 74812 ()

Bugtraq ID:

CVE ID: CVE-2011-4600

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now