| libvirt-daemon-kvm-4.5.0-36.el7_9.3.x86_64
              [201 KiB] | Changelog
              by Jiri Denemark (2020-10-20): - rpc: gendispatch: handle empty flags (CVE-2020-25637)
- rpc: add support for filtering @acls by uint params (CVE-2020-25637)
- rpc: require write acl for guest agent in virDomainInterfaceAddresses (CVE-2020-25637)
- qemu: agent: set ifname to NULL after freeing (CVE-2020-25637)
- conf: properly clear out autogenerated macvtap names when formatting/parsing (rhbz#1868549) | 
            | libvirt-daemon-kvm-4.5.0-36.el7.x86_64
              [200 KiB] | Changelog
              by Jiri Denemark (2020-05-13): - virDevMapperGetTargetsImpl: Be tolerant to kernels without DM support (rhbz#1823976)
- virDevMapperGetTargetsImpl: quit early if device is not a devmapper target (rhbz#1823976) | 
            | libvirt-daemon-kvm-4.5.0-23.el7.x86_64
              [194 KiB] | Changelog
              by Jiri Denemark (2019-06-20): - api: disallow virDomainSaveImageGetXMLDesc on read-only connections (CVE-2019-10161)
- api: disallow virDomainManagedSaveDefineXML on read-only connections (CVE-2019-10166)
- api: disallow virConnectGetDomainCapabilities on read-only connections (CVE-2019-10167)
- api: disallow virConnect*HypervisorCPU on read-only connections (CVE-2019-10168) | 
            | libvirt-daemon-kvm-4.5.0-10.el7_6.12.x86_64
              [183 KiB] | Changelog
              by Jiri Denemark (2019-06-18): - api: disallow virDomainSaveImageGetXMLDesc on read-only connections (CVE-2019-10161)
- api: disallow virDomainManagedSaveDefineXML on read-only connections (CVE-2019-10166)
- api: disallow virConnectGetDomainCapabilities on read-only connections (CVE-2019-10167)
- api: disallow virConnect*HypervisorCPU on read-only connections (CVE-2019-10168) | 
            | libvirt-daemon-kvm-4.5.0-10.el7_6.10.x86_64
              [183 KiB] | Changelog
              by Jiri Denemark (2019-05-16): - virnwfilterbindingobj: Introduce and use virNWFilterBindingObjStealDef (rhbz#1702173)
- admin: reject clients unless their UID matches the current UID (CVE-2019-10132)
- locking: restrict sockets to mode 0600 (CVE-2019-10132)
- logging: restrict sockets to mode 0600 (CVE-2019-10132) | 
            | libvirt-daemon-kvm-4.5.0-10.el7_6.9.x86_64
              [183 KiB] | Changelog
              by Jiri Denemark (2019-04-16): - qemu: Don't cache microcode version (CVE-2018-12127, CVE-2018-12126, CVE-2018-12130) | 
            | libvirt-daemon-kvm-4.5.0-10.el7.x86_64
              [179 KiB] | Changelog
              by Jiri Denemark (2018-09-18): - conf: correct false boot order error during domain parse (rhbz#1601318) | 
            | libvirt-daemon-kvm-3.9.0-14.el7_5.6.x86_64
              [172 KiB] | Changelog
              by Jiri Denemark (2018-06-05): - logging: Don't inhibit shutdown in system daemon (rhbz#1573268)
- util: don't check for parallel iteration in hash-related functions (rhbz#1581364)
- cpu: define the 'virt-ssbd' CPUID feature bit (CVE-2018-3639)
- virNumaGetHugePageInfo: Return page_avail and page_free as ULL (rhbz#1582418) | 
            | libvirt-daemon-kvm-3.9.0-14.el7_5.5.x86_64
              [171 KiB] | Changelog
              by Jiri Denemark (2018-05-10): - cpu: define the 'ssbd' CPUID feature bit (CVE-2018-3639) | 
            | libvirt-daemon-kvm-3.9.0-14.el7_5.4.x86_64
              [171 KiB] | Changelog
              by Jiri Denemark (2018-04-13): - lxc: Drop useless check in live device update (rhbz#1557922)
- Pass oldDev to virDomainDefCompatibleDevice on device update (rhbz#1557922)
- qemu: Fix updating device with boot order (rhbz#1557922)
- conf: Fix crash in virDomainDefCompatibleDevice (rhbz#1557922)
- vmx: check for present/enabled devices earlier (rhbz#1566524)
- vmx: allocate space for network interfaces if needed (rhbz#1566524)
- internal: add STRCASEPREFIX (rhbz#1566524)
- vmx: convert any amount of NICs (rhbz#1566524)
- qemu: Use dynamic buffer for storing PTY aliases (rhbz#1566525)
- qemu: avoid denial of service reading from QEMU monitor (CVE-2018-5748) (CVE-2018-5748)
- qemu: avoid denial of service reading from QEMU guest agent (CVE-2018-1064) (CVE-2018-1064) | 
            | libvirt-daemon-kvm-3.2.0-14.el7_4.7.x86_64
              [156 KiB] | Changelog
              by Jiri Denemark (2017-12-19): - qemu: Properly store microcode version in QEMU caps cache (CVE-2017-5715) | 
            | libvirt-daemon-kvm-2.0.0-10.el7.x86_64
              [134 KiB] | Changelog
              by Jiri Denemark (2016-09-21): - virtlogd: Don't stop or restart along with libvirtd (rhbz#1372576) |