--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2019-6e146a714c
2019-05-21 01:13:12.142107
--------------------------------------------------------------------------------
Name : libvirt
Product : Fedora 28
Version : 4.1.0
Release : 6.fc28
URL :
https://libvirt.org/
Summary : Library providing a simple virtualization API
Description :
Libvirt is a C toolkit to interact with the virtualization capabilities
of recent versions of Linux (and other OSes). The main package includes
the libvirtd server exporting the virtualization support.
--------------------------------------------------------------------------------
Update Information:
Define md-clear CPUID bit. Assuming an updated host kernel and microcode, the
md-clear bit will be automatically exposed to guests using the QEMU "-cpu host"
arg, or libvirt "host-model" or "host-passthrough" configurations.
Guests using
a named CPU model it must be manually updated to add this extra CPU feature.
Resolves CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 14 2019 Daniel P. Berrang�� <berrange(a)redhat.com> - 4.1.0-6
- Define md-clear CPUID bit
- Resolves: rhbz #1709977 (CVE-2018-12126), rhbz #1709979 (CVE-2018-12127),
rhbz #1709997 (CVE-2018-12130), rhbz #1709984 (CVE-2019-11091)
* Thu Aug 23 2018 Cole Robinson <crobinso(a)redhat.com> - 4.1.0-5
- Fix *LookupBy* APIs hash races (bz #1621471)
- ESX: crash when user sets autostart flags to a domain (bz #1611921)
* Tue Jul 3 2018 Cole Robinson <crobinso(a)redhat.com> - 4.1.0-4
- Fix virtlockd-admin.socket syntax (bz #1586239)
- nwfilter: increase pcap buffer size to be compatible with TPACKET_V3 (bz
* Mon Jun 18 2018 Daniel P. Berrang�� <berrange(a)redhat.com> - 4.1.0-3
- Add new CPU features for speculative store bypass (CVE-2018-3639)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1667782 - CVE-2018-12127 hardware: Micro-architectural Load Port Data
Sampling - Information Leak (MLPDS)
https://bugzilla.redhat.com/show_bug.cgi?id=1667782
[ 2 ] Bug #1646781 - CVE-2018-12126 hardware: Microarchitectural Store Buffer Data
Sampling (MSBDS)
https://bugzilla.redhat.com/show_bug.cgi?id=1646781
[ 3 ] Bug #1705312 - CVE-2019-11091 hardware: Microarchitectural Data Sampling
Uncacheable Memory (MDSUM)
https://bugzilla.redhat.com/show_bug.cgi?id=1705312
[ 4 ] Bug #1646784 - CVE-2018-12130 hardware: Microarchitectural Fill Buffer Data
Sampling (MFBDS)
https://bugzilla.redhat.com/show_bug.cgi?id=1646784
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2019-6e146a714c' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------