[CentOS-announce] CESA-2013:X014 Important Xen4CentOS libvirt Security Update

Mon Nov 25 14:27:37 UTC 2013
Johnny Hughes <johnny at centos.org>

CentOS Errata and Security Advisory 2013:X014 (Xen4CentOS)

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

-----------------------------
X86_64
-----------------------------

ab3a48f7c3dbd4f47cd4676fff16282f852ccc230653fdc64b1e7ec6864fb04d libvirt-0.10.2.8-5.el6.centos.alt.x86_64.rpm
780981c95cbe4dd352b8ecbfd23bcd04abacb6f9a522e45f5dd890acb4bab87a libvirt-client-0.10.2.8-5.el6.centos.alt.x86_64.rpm
bd57d22f0aff2276f3263fb0920614f3fa917a1b5baef37d1e411c131ae480a5 libvirt-daemon-0.10.2.8-5.el6.centos.alt.x86_64.rpm
fbbec7851f73e9fee1d036a080af2c64df42d443452cdf5e9943070bcf4579fc libvirt-daemon-config-network-0.10.2.8-5.el6.centos.alt.x86_64.rpm
df5b7c70bd4f2fa491701d092d29fc4ad8ce2a0cf0b349b0300d7452bdbfdde9 libvirt-daemon-config-nwfilter-0.10.2.8-5.el6.centos.alt.x86_64.rpm
c6b232073043d4829b91533c7ba32ab772aaf28139b5e7973342ecb2b98f97b7 libvirt-daemon-driver-interface-0.10.2.8-5.el6.centos.alt.x86_64.rpm
33b62166a71a086f1a61a096710aca65061fa750025e12899da5ef7e74bfdb16 libvirt-daemon-driver-libxl-0.10.2.8-5.el6.centos.alt.x86_64.rpm
fb1d37174690e4a96bfec95c2cabe56a65e185e0d096f3614fb435cc647e1c69 libvirt-daemon-driver-lxc-0.10.2.8-5.el6.centos.alt.x86_64.rpm
56d26c84705780c9c9c56f7469fb56d4ac7c9f801b406ff153878a4ddc6fb1d2 libvirt-daemon-driver-network-0.10.2.8-5.el6.centos.alt.x86_64.rpm
1fcadda32beaa6cb3d9059cb0ceaa04946f00947230faeede0d4a1b0b6f55af2 libvirt-daemon-driver-nodedev-0.10.2.8-5.el6.centos.alt.x86_64.rpm
39d8709453d808fea84257e6cc3c13c5e94e3b4cd0728c6f12653b9aed0fb416 libvirt-daemon-driver-nwfilter-0.10.2.8-5.el6.centos.alt.x86_64.rpm
940af268c17c9beaf891edb6df16361d7f5ba59665c4b6ab4a87b92ec6b5d6b2 libvirt-daemon-driver-qemu-0.10.2.8-5.el6.centos.alt.x86_64.rpm
d6ff73e1d643f904364b45f5476df098c6b7b81fc2f738cc8118e6977c8b58f0 libvirt-daemon-driver-secret-0.10.2.8-5.el6.centos.alt.x86_64.rpm
f67bf0653579994a919839de854ef6c90429ae150fc6f5d4231fe650c3d42caa libvirt-daemon-driver-storage-0.10.2.8-5.el6.centos.alt.x86_64.rpm
db24201784fa8704367b8e7b64fb2cad272262883b125a6e6fefe6d48f90a4c9 libvirt-daemon-driver-xen-0.10.2.8-5.el6.centos.alt.x86_64.rpm
1df91c45531c2eee12cbf477ece1056a66ea62f8a1190ac9c9c0006ef66eba10 libvirt-daemon-kvm-0.10.2.8-5.el6.centos.alt.x86_64.rpm
b53d71dc6ae1c45f251f2fa04566c4ced34be07278813fb4489ad1bf26a9d709 libvirt-daemon-lxc-0.10.2.8-5.el6.centos.alt.x86_64.rpm
95e0b80e8ab2327e06ad741d0eda8e54e3b62cf8e8707eacb5927c7aa753bae6 libvirt-daemon-xen-0.10.2.8-5.el6.centos.alt.x86_64.rpm
1f0b1021d167b73ff0e96bc13a4d0484eb005f0a551baa6265c79b8d93174bd4 libvirt-devel-0.10.2.8-5.el6.centos.alt.x86_64.rpm
5c968c67c0fd8864a37d27f076b2dda9309ceb20d9909bbb6a6552426f3dbe97 libvirt-docs-0.10.2.8-5.el6.centos.alt.x86_64.rpm
224f5f9faec54b970bf5694614d74bfe9fbb136dab84871881c5de88d22fd75f libvirt-lock-sanlock-0.10.2.8-5.el6.centos.alt.x86_64.rpm
214db0e8afe97848c741f195debd4a70864563963da71940e94c636cb57e4028 libvirt-python-0.10.2.8-5.el6.centos.alt.x86_64.rpm

-----------------------------
Source:
-----------------------------

0736cb1d219fa72766c235c46fc58e356e96eec4324ca1d6503911ad64746398 libvirt-0.10.2.8-5.el6.centos.alt.src.rpm

=====================================================

libvirt Changelog info from the SPEC file:

* Tue Nov 05 2013 Johnny Hughes <johnny at centos.org> 0.10.2.8-5.el6.centos.alt
- upgrade to upstream version 0.10.2.8
- reomve patches 403, 404, 405 as they are rolled in upstream
- added patch 406 from the from libvirt 0.10.2-maint channel
- CVE-2013-4296 is addressed in this update

=====================================================

The following Security issues are addressed in this release:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4296

--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos at irc.freenode.net