Test ID:	1.3.6.1.4.1.25623.1.0.69924
Category:	Fedora Local Security Checks
Title:	Fedora Core 15 FEDORA-2011-9091 (libvirt)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to libvirt announced via advisory FEDORA-2011-9091. Update Information: Fix for CVE-2011-2178, regression introduced in disk probe logic, Fix for CVE-2011-2511, integer overflow in VirDomainGetVcpus Make commandtest more robust, Add ARM to NUMA excludes Add several build and runtime dependencies to specfile References: [ 1 ] Bug #680270 - libvirt-client is missing some dependencies https://bugzilla.redhat.com/show_bug.cgi?id=680270 [ 2 ] Bug #717204 - CVE-2011-2511 libvirt: integer overflow in VirDomainGetVcpus [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=717204 [ 3 ] Bug #709775 - CVE-2011-2178 libvirt: regression introduced in disk probe logic [fedora-15] https://bugzilla.redhat.com/show_bug.cgi?id=709775 Solution: Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update libvirt' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2011-9091 Risk factor : Medium CVSS Score: 4.4
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-2178 FEDORA-2011-9091 http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062515.html USN-1152-1 http://www.ubuntu.com/usn/USN-1152-1 [libvirt] 20110531 [PATCH] security: plug regression introduced in disk probe logic https://www.redhat.com/archives/libvir-list/2011-May/msg01935.html http://libvirt.org/news.html http://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-2178.html https://bugzilla.redhat.com/show_bug.cgi?id=709769 https://bugzilla.redhat.com/show_bug.cgi?id=709775 openSUSE-SU-2011:0643 http://lists.opensuse.org/opensuse-updates/2011-06/msg00030.html Common Vulnerability Exposure (CVE) ID: CVE-2011-2511 1025822 http://www.securitytracker.com/id?1025822 45375 http://secunia.com/advisories/45375 45441 http://secunia.com/advisories/45441 45446 http://secunia.com/advisories/45446 DSA-2280 http://www.debian.org/security/2011/dsa-2280 FEDORA-2011-9062 http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062855.html RHSA-2011:1019 http://www.redhat.com/support/errata/RHSA-2011-1019.html RHSA-2011:1197 http://www.redhat.com/support/errata/RHSA-2011-1197.html SUSE-SU-2011:0837 https://hermes.opensuse.org/messages/10027908 USN-1180-1 http://www.ubuntu.com/usn/USN-1180-1 [libvirt] 20110624 [PATCH 2/2] remote: protect against integer overflow https://www.redhat.com/archives/libvir-list/2011-June/msg01278.html [oss-security] 20110628 CVE request: libvirt: integer overflow in VirDomainGetVcpus http://www.openwall.com/lists/oss-security/2011/06/28/9 libvirt-virdomaingetvcpus-bo(68271) https://exchange.xforce.ibmcloud.com/vulnerabilities/68271
Copyright	Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.