{"affected":[{"ecosystem_specific":{"binaries":[{"libvirt":"1.0.5.9-21.5.1","libvirt-client":"1.0.5.9-21.5.1","libvirt-doc":"1.0.5.9-21.5.1","libvirt-lock-sanlock":"1.0.5.9-21.5.1","libvirt-python":"1.0.5.9-21.5.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Point of Sale 11 SP3","name":"libvirt","purl":"pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.0.5.9-21.5.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libvirt":"1.0.5.9-21.5.1","libvirt-client":"1.0.5.9-21.5.1","libvirt-client-32bit":"1.0.5.9-21.5.1","libvirt-doc":"1.0.5.9-21.5.1","libvirt-lock-sanlock":"1.0.5.9-21.5.1","libvirt-python":"1.0.5.9-21.5.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 11 SP3-LTSS","name":"libvirt","purl":"pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.0.5.9-21.5.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libvirt":"1.0.5.9-21.5.1","libvirt-client":"1.0.5.9-21.5.1","libvirt-client-32bit":"1.0.5.9-21.5.1","libvirt-doc":"1.0.5.9-21.5.1","libvirt-lock-sanlock":"1.0.5.9-21.5.1","libvirt-python":"1.0.5.9-21.5.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 11 SP3-TERADATA","name":"libvirt","purl":"pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATA"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.0.5.9-21.5.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for libvirt fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2017-5715: Spectre fixes for libvirt (bsc#1079869, bsc#1088147, bsc#1087887).\n- CVE-2018-1064: Avoid denial of service reading from QEMU guest agent (bsc#1083625).\n- CVE-2018-5748: Avoid denial of service reading from QEMU monitor (bsc#1076500).\n\nBug fixes:\n\n- bsc#1025340: Use xend for nodeGetFreeMemory API.\n- bsc#960742: Allow read access to script directories in libvirtd AppArmor profile.\n- bsc#936233: Introduce qemuDomainDefCheckABIStability.\n","id":"SUSE-SU-2018:1295-1","modified":"2018-05-15T13:11:23Z","published":"2018-05-15T13:11:23Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2018/suse-su-20181295-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1025340"},{"type":"REPORT","url":"https://bugzilla.suse.com/1076500"},{"type":"REPORT","url":"https://bugzilla.suse.com/1079869"},{"type":"REPORT","url":"https://bugzilla.suse.com/1083625"},{"type":"REPORT","url":"https://bugzilla.suse.com/1087887"},{"type":"REPORT","url":"https://bugzilla.suse.com/1088147"},{"type":"REPORT","url":"https://bugzilla.suse.com/936233"},{"type":"REPORT","url":"https://bugzilla.suse.com/960742"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5715"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-1064"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-5748"}],"related":["CVE-2017-5715","CVE-2018-1064","CVE-2018-5748"],"summary":"Security update for libvirt","upstream":["CVE-2017-5715","CVE-2018-1064","CVE-2018-5748"]}