--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2019-f910d35647
2019-05-17 01:03:28.819440
--------------------------------------------------------------------------------
Name : libvirt
Product : Fedora 30
Version : 5.1.0
Release : 5.fc30
URL :
https://libvirt.org/
Summary : Library providing a simple virtualization API
Description :
Libvirt is a C toolkit to interact with the virtualization capabilities
of recent versions of Linux (and other OSes). The main package includes
the libvirtd server exporting the virtualization support.
--------------------------------------------------------------------------------
Update Information:
Define md-clear CPUID bit. Assuming an updated host kernel and microcode, the
md-clear bit will be automatically exposed to guests using the QEMU "-cpu host"
arg, or libvirt "host-model" or "host-passthrough" configurations.
Guests using
a named CPU model it must be manually updated to add this extra CPU feature.
Resolves CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 14 2019 Daniel P. Berrang�� <berrange(a)redhat.com> - 5.1.0-5
- Define md-clear CPUID bit
- Resolves: rhbz #1709977 (CVE-2018-12126), rhbz #1709979 (CVE-2018-12127),
rhbz #1709997 (CVE-2018-12130), rhbz #1709984 (CVE-2019-11091)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1667782 - CVE-2018-12127 hardware: Micro-architectural Load Port Data
Sampling - Information Leak (MLPDS)
https://bugzilla.redhat.com/show_bug.cgi?id=1667782
[ 2 ] Bug #1646781 - CVE-2018-12126 hardware: Microarchitectural Store Buffer Data
Sampling (MSBDS)
https://bugzilla.redhat.com/show_bug.cgi?id=1646781
[ 3 ] Bug #1705312 - CVE-2019-11091 hardware: Microarchitectural Data Sampling
Uncacheable Memory (MDSUM)
https://bugzilla.redhat.com/show_bug.cgi?id=1705312
[ 4 ] Bug #1646784 - CVE-2018-12130 hardware: Microarchitectural Fill Buffer Data
Sampling (MFBDS)
https://bugzilla.redhat.com/show_bug.cgi?id=1646784
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2019-f910d35647' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------