--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2018-527698a904
2018-06-21 14:58:47.871533
--------------------------------------------------------------------------------
Name : libvirt
Product : Fedora 28
Version : 4.1.0
Release : 3.fc28
URL :
https://libvirt.org/
Summary : Library providing a simple virtualization API
Description :
Libvirt is a C toolkit to interact with the virtualization capabilities
of recent versions of Linux (and other OSes). The main package includes
the libvirtd server exporting the virtualization support.
--------------------------------------------------------------------------------
Update Information:
Add new CPU features for speculative store bypass (CVE-2018-3639) On Intel x86
hosts, the "ssbd" feature must be explicitly added to any virtual machines that
are not using host-passthrough/host-model CPU setup. NB this requires new
microcode too, which is not yet available in Fedora microcode_ctl RPMs. On AMD
x86 hosts, the "virt-ssbd" feature must be explicitly added to any virtual
machines that are not using host-passthrough/host-model CPU setup. There is no
microcode dependency for AMD as this is a virtualized CPUID feature. In both
cases, kernel >= 4.16.10-301 is required on the host and guest in order to
activate the fix. QEMU >= qemu-2.11.1-3.fc28 is also required on the host
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jun 18 2018 Daniel P. Berrang�� <berrange(a)redhat.com> - 4.1.0-3
- Add new CPU features for speculative store bypass (CVE-2018-3639)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1566890 - CVE-2018-3639 hw: cpu: speculative store bypass
https://bugzilla.redhat.com/show_bug.cgi?id=1566890
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2018-527698a904' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------