| Name: | libvirt-nss |
|---|---|
| Version: | 4.5.0 |
| Release: | 24.3.0.1.module+el8.0.0+5339+ebcc8ca7 |
| Architecture: | i686 |
| Module: | virt-devel:ol:8000020190828150510:0ef15cf1 |
| Group: | Unspecified |
| Size: | 786332 |
| License: | LGPLv2+ |
| RPM: | libvirt-nss-4.5.0-24.3.0.1.module+el8.0.0+5339+ebcc8ca7.i686.rpm |
| Source RPM: | libvirt-4.5.0-24.3.0.1.module+el8.0.0+5339+ebcc8ca7.src.rpm |
| Build Date: | Mon Sep 16 2019 |
| Build Host: | jenkins-10-147-72-125-9a95183b-fc42-493c-aff0-9dc271726145.appad1iad.osdevelopmeniad.oraclevcn.com |
| Vendor: | Oracle America |
| URL: | https://libvirt.org/ |
| Summary: | Libvirt plugin for Name Service Switch |
| Description: | Libvirt plugin for NSS for translating domain names into IP addresses. |
- added librbd1 as dependency (Keshav Sharma)
- Rebuild all virt packages to fix RHEL's upgrade path - Resolves: rhbz#1696354 (Ensure modular RPM upgrade path [ZStream Clone] [rhel-8.0.0.z])
- api: disallow virDomainSaveImageGetXMLDesc on read-only connections (CVE-2019-10161) - api: disallow virDomainManagedSaveDefineXML on read-only connections (CVE-2019-10166) - api: disallow virConnectGetDomainCapabilities on read-only connections (CVE-2019-10167) - api: disallow virConnect*HypervisorCPU on read-only connections (CVE-2019-10168)
- admin: reject clients unless their UID matches the current UID (CVE-2019-10132) - locking: restrict sockets to mode 0600 (CVE-2019-10132) - logging: restrict sockets to mode 0600 (CVE-2019-10132)
- cpu_x86: Do not cache microcode version (CVE-2018-12130, CVE-2018-12126, CVE-2018-11091, CVE-2018-12127) - qemu: Don't cache microcode version (CVE-2018-12130, CVE-2018-12126, CVE-2018-11091, CVE-2018-12127) - cputest: Add data for Intel(R) Xeon(R) CPU E3-1225 v5 (CVE-2018-12130, CVE-2018-12126, CVE-2018-11091, CVE-2018-12127) - cpu_map: Define md-clear CPUID bit (CVE-2018-12130, CVE-2018-12126, CVE-2018-11091, CVE-2018-12127)
- network: explicitly allow icmp/icmpv6 in libvirt zonefile (rhbz#1650320)
- util: fix memory leak in virFirewallDInterfaceSetZone() (rhbz#1650320)
- docs: Drop /dev/net/tun from the list of shared devices (rhbz#1665400) - qemu: conf: Remove /dev/sev from the default cgroup device acl list (rhbz#1665400) - qemu: cgroup: Expose /dev/sev/ only to domains that require SEV (rhbz#1665400) - qemu: domain: Add /dev/sev into the domain mount namespace selectively (rhbz#1665400) - security: dac: Relabel /dev/sev in the namespace (rhbz#1665400) - qemu: caps: Use CAP_DAC_OVERRIDE for probing to avoid permission issues (rhbz#1665400) - qemu: caps: Don't try to ask for CAP_DAC_OVERRIDE if non-root (rhbz#1665400) - Revert "RHEL: Require firewalld-filesystem for firewalld rpm macros" (rhbz#1650320) - Revert "RHEL: network: regain guest network connectivity after firewalld switch to nftables" (rhbz#1650320) - configure: change HAVE_FIREWALLD to WITH_FIREWALLD (rhbz#1650320) - util: move all firewalld-specific stuff into its own files (rhbz#1650320) - util: new virFirewallD APIs + docs (rhbz#1650320) - configure: selectively install a firewalld 'libvirt' zone (rhbz#1650320) - network: set firewalld zone of bridges to "libvirt" zone when appropriate (rhbz#1650320) - network: allow configuring firewalld zone for virtual network bridge device (rhbz#1650320) - util: remove test code accidentally committed to virFirewallDZoneExists (rhbz#1650320) - qemu: command: Don't skip 'readonly' and throttling info for empty drive (rhbz#1670337)
- RHEL: qemu: Fix crash trying to use iSCSI hostdev (rhbz#1669424)
- qemu: Fix logic error in qemuSetUnprivSGIO (rhbz#1666605) - tests: qemuxml2argv: Add test case for empty CDROM with cache mode (rhbz#1553255) - qemu: command: Don't format image properties for empty -drive (rhbz#1553255)