 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.1.4.2013.1642.1 |
| Category: | SuSE Local Security Checks |
| Title: | SUSE: Security Advisory (SUSE-SU-2013:1642-1) |
| Summary: | The remote host is missing an update for the 'libvirt' package(s) announced via the SUSE-SU-2013:1642-1 advisory. |
| Description: | Summary: The remote host is missing an update for the 'libvirt' package(s) announced via the SUSE-SU-2013:1642-1 advisory. Vulnerability Insight: libvirt has been updated to the 1.0.5.6 stable release that fixes bugs and security issues: * CVE-2013-4296: Fix crash in remoteDispatchDomainMemoryStats * CVE-2013-5651: virBitmapParse out-of-bounds read access Libvirt on SLES 11 SP3 is not affected: * CVE-2013-4311: Add support for using 3-arg pkcheck syntax for process () * CVE-2013-4291: security: provide supplemental groups even when parsing label () Changes in this version: * virsh: fix change-media bug on disk block type * Include process start time when doing polkit checks * qemuDomainChangeGraphics: Check listen address change by listen type * python: return dictionary without value in case of no blockjob * virbitmap: Refactor virBitmapParse to avoid access beyond bounds of array Also the following bug has been fixed: * Fix retrieval of SRIOV VF info, which prevented using some SRIOV virtual functions in guest domains with '' (bnc#837329) Security Issue references: * CVE-2013-4296 > * CVE-2013-5651 > Affected Software/OS: 'libvirt' package(s) on SUSE Linux Enterprise Desktop 11-SP3, SUSE Linux Enterprise Server 11-SP3, SUSE Linux Enterprise Software Development Kit 11-SP3. Solution: Please install the updated package(s). CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2013-4291 http://libvirt.org/git/?p=libvirt.git%3Ba=commitdiff%3Bh=fe11d34a6d46d6641ce90dc665164fda7bb6bff8 http://libvirt.org/news.html http://wiki.libvirt.org/page/Maintenance_Releases https://bugzilla.redhat.com/show_bug.cgi?id=1006509 Common Vulnerability Exposure (CVE) ID: CVE-2013-4296 60895 http://secunia.com/advisories/60895 DSA-2764 http://www.debian.org/security/2013/dsa-2764 GLSA-201412-04 http://security.gentoo.org/glsa/glsa-201412-04.xml RHSA-2013:1272 http://rhn.redhat.com/errata/RHSA-2013-1272.html RHSA-2013:1460 http://rhn.redhat.com/errata/RHSA-2013-1460.html USN-1954-1 http://www.ubuntu.com/usn/USN-1954-1 http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=e7f400a110e2e3673b96518170bfea0855dd82c0 https://bugzilla.redhat.com/show_bug.cgi?id=1006173 openSUSE-SU-2013:1549 http://lists.opensuse.org/opensuse-updates/2013-10/msg00023.html openSUSE-SU-2013:1550 http://lists.opensuse.org/opensuse-updates/2013-10/msg00024.html Common Vulnerability Exposure (CVE) ID: CVE-2013-4311 [oss-security] 20130918 Re: Fwd: [vs-plain] polkit races http://www.openwall.com/lists/oss-security/2013/09/18/6 Common Vulnerability Exposure (CVE) ID: CVE-2013-5651 http://www.openwall.com/lists/oss-security/2013/08/30/1 SuSE Security Announcement: openSUSE-SU-2013:1550 (Google Search) |
| Copyright | Copyright (C) 2021 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |