{"affected":[{"ecosystem_specific":{"binaries":[{"libvirt":"1.2.5-21.1","libvirt-client":"1.2.5-21.1","libvirt-client-32bit":"1.2.5-21.1","libvirt-daemon":"1.2.5-21.1","libvirt-daemon-config-network":"1.2.5-21.1","libvirt-daemon-config-nwfilter":"1.2.5-21.1","libvirt-daemon-driver-interface":"1.2.5-21.1","libvirt-daemon-driver-libxl":"1.2.5-21.1","libvirt-daemon-driver-lxc":"1.2.5-21.1","libvirt-daemon-driver-network":"1.2.5-21.1","libvirt-daemon-driver-nodedev":"1.2.5-21.1","libvirt-daemon-driver-nwfilter":"1.2.5-21.1","libvirt-daemon-driver-qemu":"1.2.5-21.1","libvirt-daemon-driver-secret":"1.2.5-21.1","libvirt-daemon-driver-storage":"1.2.5-21.1","libvirt-daemon-lxc":"1.2.5-21.1","libvirt-daemon-qemu":"1.2.5-21.1","libvirt-daemon-xen":"1.2.5-21.1","libvirt-doc":"1.2.5-21.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Desktop 12","name":"libvirt","purl":"pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Desktop%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.2.5-21.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libvirt-devel":"1.2.5-21.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Software Development Kit 12","name":"libvirt","purl":"pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.2.5-21.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libvirt":"1.2.5-21.1","libvirt-client":"1.2.5-21.1","libvirt-daemon":"1.2.5-21.1","libvirt-daemon-config-network":"1.2.5-21.1","libvirt-daemon-config-nwfilter":"1.2.5-21.1","libvirt-daemon-driver-interface":"1.2.5-21.1","libvirt-daemon-driver-libxl":"1.2.5-21.1","libvirt-daemon-driver-lxc":"1.2.5-21.1","libvirt-daemon-driver-network":"1.2.5-21.1","libvirt-daemon-driver-nodedev":"1.2.5-21.1","libvirt-daemon-driver-nwfilter":"1.2.5-21.1","libvirt-daemon-driver-qemu":"1.2.5-21.1","libvirt-daemon-driver-secret":"1.2.5-21.1","libvirt-daemon-driver-storage":"1.2.5-21.1","libvirt-daemon-lxc":"1.2.5-21.1","libvirt-daemon-qemu":"1.2.5-21.1","libvirt-daemon-xen":"1.2.5-21.1","libvirt-doc":"1.2.5-21.1","libvirt-lock-sanlock":"1.2.5-21.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12","name":"libvirt","purl":"pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Server%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.2.5-21.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libvirt":"1.2.5-21.1","libvirt-client":"1.2.5-21.1","libvirt-daemon":"1.2.5-21.1","libvirt-daemon-config-network":"1.2.5-21.1","libvirt-daemon-config-nwfilter":"1.2.5-21.1","libvirt-daemon-driver-interface":"1.2.5-21.1","libvirt-daemon-driver-libxl":"1.2.5-21.1","libvirt-daemon-driver-lxc":"1.2.5-21.1","libvirt-daemon-driver-network":"1.2.5-21.1","libvirt-daemon-driver-nodedev":"1.2.5-21.1","libvirt-daemon-driver-nwfilter":"1.2.5-21.1","libvirt-daemon-driver-qemu":"1.2.5-21.1","libvirt-daemon-driver-secret":"1.2.5-21.1","libvirt-daemon-driver-storage":"1.2.5-21.1","libvirt-daemon-lxc":"1.2.5-21.1","libvirt-daemon-qemu":"1.2.5-21.1","libvirt-daemon-xen":"1.2.5-21.1","libvirt-doc":"1.2.5-21.1","libvirt-lock-sanlock":"1.2.5-21.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12","name":"libvirt","purl":"pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.2.5-21.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libvirt-client-32bit":"1.2.5-21.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Workstation Extension 12","name":"libvirt","purl":"pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.2.5-21.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"libvirt was updated to fix security issues and bugs.\n\nThese security issues were fixed:\n- Fixed denial of service flaw in libvirt's virConnectListAllDomains() function (CVE-2014-3657).\n- Information leak with flag VIR_DOMAIN_XML_MIGRATABLE (CVE-2014-7823).\n- local denial of service in qemu driver (CVE-2014-8136)\n\nThese non-security issues were fixed:\n- Get /proc/sys/net/ipv[46] read-write for wicked to work in containers (bsc#904432).\n- libxl: Several migration improvements (bsc#903756).\n- libxl: allow libxl to find pygrub binary (bdo#770485).\n- Fix Qemu AppArmor abstraction (bsc#904426).\n- AppArmor confined kvm domains couldn't find the apparmor profile template (bnc#902976).\n- Backport commit c110cdb2 to fix non-raw storage format error (bnc#900587).\n- qemu: use systemd's TerminateMachine to kill all processes (bsc#899334).\n- Transformed Errors into warnings in detect_scsi_host_caps.\n- Fix a missing cleanup for lxc containers.\n- Adding network configuration to containers. bsc#904432\n","id":"SUSE-SU-2015:0241-1","modified":"2015-01-08T09:48:42Z","published":"2015-01-08T09:48:42Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2015/suse-su-20150241-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/891936"},{"type":"REPORT","url":"https://bugzilla.suse.com/899334"},{"type":"REPORT","url":"https://bugzilla.suse.com/899484"},{"type":"REPORT","url":"https://bugzilla.suse.com/900587"},{"type":"REPORT","url":"https://bugzilla.suse.com/902976"},{"type":"REPORT","url":"https://bugzilla.suse.com/903756"},{"type":"REPORT","url":"https://bugzilla.suse.com/904176"},{"type":"REPORT","url":"https://bugzilla.suse.com/904426"},{"type":"REPORT","url":"https://bugzilla.suse.com/904432"},{"type":"REPORT","url":"https://bugzilla.suse.com/909828"},{"type":"REPORT","url":"https://bugzilla.suse.com/910862"},{"type":"REPORT","url":"https://bugzilla.suse.com/911737"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-3657"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-7823"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-8136"}],"related":["CVE-2014-3657","CVE-2014-7823","CVE-2014-8136"],"summary":"Security update for libvirt","upstream":["CVE-2014-3657","CVE-2014-7823","CVE-2014-8136"]}