Red Hat Bugzilla – Bug 709775
CVE-2011-2178 libvirt: regression introduced in disk probe logic [fedora-15]
Last modified: 2011-07-12 00:59:52 EDT
fedora-15 tracking bug for libvirt: see blocks bug list for full details of the security issue(s).
This bug is never intended to be made public, please put any public notes
in the 'blocks' bugs.
[bug automatically created by: add-tracking-bugs]
This upstream commit needs to be backported to F15:
Author: Eric Blake <firstname.lastname@example.org>
Date: Thu May 26 08:18:46 2011 -0600
security: plug regression introduced in disk probe logic
wrong sizeof operand meant that security manager private data
was overlaying the allowDiskFormatProbing member of struct
_virSecurityManager. This reopens disk probing, which was
supposed to be prevented by the solution to CVE-2010-2238.
(virSecurityManagerGetPrivateData): Use correct offset.
libvirt-0.8.8-7.fc15 has been submitted as an update for Fedora 15.
* should fix your issue,
* was pushed to the Fedora 15 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing libvirt-0.8.8-7.fc15'
as soon as you are able to.
Please go to the following url:
then log in and leave karma (feedback).
libvirt-0.8.8-7.fc15 has been pushed to the Fedora 15 stable repository. If problems still persist, please make note of it in this bug report.