SUSE-SU-2020:1208-1
Vulnerability Summary
Timeline
Description
Security update for libvirt This update for libvirt fixes the following issues: Security issues fixed: - CVE-2020-10703: Fixed a daemon crash caused by pools without target paths (bsc#1168683). - CVE-2020-12430: Fixed a memory leak in qemuDomainGetStatsIOThread (bsc#1170765). Non-security issues fixed: - Support setting credit2 scheduler parameters for xen (bsc#1162160). - Add SLE 15 and SLE 12 service packs support to 'libvirtd' (bsc#1154093). - Add support boot from 'vfio-ccw'and 'mdev' devices (jsc#SLE-5826, FATE#327355, bsc#1152649). - Fix lock manager lock ordering (bsc#1145774). - Do not define known no-op features. (bsc#1151850). - Enable use of newer libxl APIs for retrieving memory statistics (bsc#1157490, bsc#1167007). - Create multipath targets for qemu PR (bsc#1161883).
Affected Systems
- suse•libvirt&distro=SUSE Linux Enterprise Module for Basesystem 15 SP1
< 5.1.0-8.16.1
- suse•libvirt&distro=SUSE Linux Enterprise Module for Server Applications 15 SP1
< 5.1.0-8.16.1
References (13)
- https://www.suse.com/support/update/announcement/2020/suse-su-20201208-1/
- https://bugzilla.suse.com/1145774
- https://bugzilla.suse.com/1151850
- https://bugzilla.suse.com/1152649
- https://bugzilla.suse.com/1154093
- https://bugzilla.suse.com/1157490
- https://bugzilla.suse.com/1161883
- https://bugzilla.suse.com/1162160
- https://bugzilla.suse.com/1167007
- https://bugzilla.suse.com/1168683
- https://bugzilla.suse.com/1170765
- https://www.suse.com/security/cve/CVE-2020-10703
- https://www.suse.com/security/cve/CVE-2020-12430