SynopsisThe remote Fedora host is missing a security update.
Description- Rebased to version 188.8.131.52
- CVE-2014-8131: deadlock and segfault in qemuConnectGetAllDomainStats (bz #1172571)
- CVE-2015-0236: missing ACL check for the VIR_DOMAIN_XML_SECURE flag in save images and snapshots objects (bz #1185769)
- CVE-2014-8136: local denial of service in qemu/qemu_driver.c (bz #1176179)
- Fix crash parsing nbd URIs (bz #1188644)
- Fix domain startup failing with 'strict' mode in numatune (bz #1168672)
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected libvirt package.