-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-c2e7b82022 2024-06-21 01:15:21.281009 --------------------------------------------------------------------------------
Name : libvirt Product : Fedora 39 Version : 9.7.0 Release : 4.fc39 URL : https://libvirt.org/ Summary : Library providing a simple virtualization API Description : Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux (and other OSes). The main package includes the libvirtd server exporting the virtualization support.
-------------------------------------------------------------------------------- Update Information:
Fix crash in event loop (CVE-2024-4418) Fix I/O stall when multiple threads issue RPC calls Fix leak of GSource object Fix leak of udev object reference -------------------------------------------------------------------------------- ChangeLog:
* Wed Jun 5 2024 Daniel P. Berrang�� berrange@redhat.com - 9.7.0-4 - Fix crash in event loop (CVE-2024-4418) - Fix I/O stall when multiple threads issue RPC calls - Fix leak of GSource handle - Fix leak of udev reference (rhbz #2266017) - Disable -Werror on mingw builds -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2278616 - CVE-2024-4418 libvirt: stack use-after-free in virNetClientIOEventLoop() https://bugzilla.redhat.com/show_bug.cgi?id=2278616 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-c2e7b82022' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------