[SECURITY] Fedora 16 Update: libvirt-0.9.6-4.fc16

updates at fedoraproject.org updates at fedoraproject.org
Thu Jan 5 21:00:08 UTC 2012

Fedora Update Notification
2011-12-22 21:43:19

Name        : libvirt
Product     : Fedora 16
Version     : 0.9.6
Release     : 4.fc16
URL         : http://libvirt.org/
Summary     : Library providing a simple virtualization API
Description :
Libvirt is a C toolkit to interact with the virtualization capabilities
of recent versions of Linux (and other OSes). The main package includes
the libvirtd server exporting the virtualization support.

Update Information:

This release of libvirt fixes a minor security problem with extraneous iptables rules being added when an externally managed network (new feature in 0.9.4) exists, along with several bugfixes. Another important change in this release is code to automatically convert guest definitions containing the deprecated "fedora-13" machine type over to "pc-0.14" - support for the "fedora-13" machine type will be removed from qemu in Fedora 17, so all guests will need to be reconfigured before that time; the code in this update handles the reconfiguration automatically.

* Mon Dec 19 2011 Laine Stump <laine at redhat.com> - 0.9.6-4
- replace "fedora-13" machine type with "pc-0.14" to prepare
  systems for removal of "fedora-13" from qemu - Bug 754772
- don't add iptables rules for externally managed networks
  - Buf 765964 / CVE-2011-4600
- specfile changes
  - Bug 761329 don't use chkconfig --list
  - Bug 758896 mark directories in /var/run as ghosts
  - Bug 738725 fix logic bug in deciding to turn on cgconfig
  - Bug 754909 add dmidecode as a prerequisite
- new async-safe time API + make logging async signal sage wrt.
  time stamp generation - Bug 757382 (this required
  enabling autoconf during the build)
* Tue Oct 11 2011 Dan HorĂ¡k <dan[at]danny.cz> - 0.9.6-3
- xenlight available only on Xen arches (#745020)

  [ 1 ] Bug #754772 - Convert all uses of "fedora-13" machine type into "pc-0.14"
  [ 2 ] Bug #766104 - CVE-2011-4600 libvirt: unintended firewall port exposure after restarting libvirtd when defining a bridged forward-mode network [fedora-16]
  [ 3 ] Bug #761329 - should use systemctl instead of chkconfig --list
  [ 4 ] Bug #758896 - Please Update Spec File to use %ghost on files in /var/run and /var/lock
  [ 5 ] Bug #757382 - libvirt occasionally has a failure and is non-operational afterwards
  [ 6 ] Bug #738725 - installing libvirt issues warnings due to outdated spec file %postinstalls
  [ 7 ] Bug #754909 - libvirt: Failed to find path for dmidecode binary

This update can be installed with the "yum" update program.  Use 
su -c 'yum update libvirt' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at

More information about the package-announce mailing list