[USN-1008-3] libvirt update

Jamie Strandboge jamie at canonical.com
Sat Oct 23 14:39:20 UTC 2010


===========================================================
Ubuntu Security Notice USN-1008-3           October 23, 2010
libvirt update
https://launchpad.net/bugs/665182
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 10.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 10.04 LTS:
  libvirt-bin                     0.7.5-5ubuntu27.6
  libvirt0                        0.7.5-5ubuntu27.6

In general, a standard system update will make all the necessary changes.

Details follow:

USN-1008-1 fixed vulnerabilities in libvirt. The update for Ubuntu 10.04
LTS reverted a recent bug fix update. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

 It was discovered that libvirt would probe disk backing stores without
 consulting the defined format for the disk. A privileged attacker in the
 guest could exploit this to read arbitrary files on the host. This issue
 only affected Ubuntu 10.04 LTS. By default, guests are confined by an
 AppArmor profile which provided partial protection against this flaw.
 (CVE-2010-2237, CVE-2010-2238)
 
 It was discovered that libvirt would create new VMs without setting a
 backing store format. A privileged attacker in the guest could exploit this
 to read arbitrary files on the host. This issue did not affect Ubuntu 8.04
 LTS. In Ubuntu 9.10 and later guests are confined by an AppArmor profile
 which provided partial protection against this flaw. (CVE-2010-2239)
 
 Jeremy Nickurak discovered that libvirt created iptables rules with too
 lenient mappings of source ports. A privileged attacker in the guest could
 bypass intended restrictions to access privileged resources on the host.
 (CVE-2010-2242)


Updated packages for Ubuntu 10.04 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt_0.7.5-5ubuntu27.6.diff.gz
      Size/MD5:    78215 71ee1ea151a32295ec633a7f968f699c
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt_0.7.5-5ubuntu27.6.dsc
      Size/MD5:     2636 bd3f86b8a8ecc30aed7ffec0ef5b4cc0
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt_0.7.5.orig.tar.gz
      Size/MD5:  9343666 06eedba78d4848cede7ab1a6e48f6df9

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt-doc_0.7.5-5ubuntu27.6_all.deb
      Size/MD5:   756238 359eb3b1dfebf7ae8f2e34aa97550c28

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt-bin_0.7.5-5ubuntu27.6_amd64.deb
      Size/MD5:   595986 7d54c7a6bfa9e7bb529b8a8858f522f9
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt-dev_0.7.5-5ubuntu27.6_amd64.deb
      Size/MD5:   646450 97d149404f93bc87631ab46651a0e1a3
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt0-dbg_0.7.5-5ubuntu27.6_amd64.deb
      Size/MD5:  2324248 6a12631e174ce5be0348dbc9e1a1b646
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt0_0.7.5-5ubuntu27.6_amd64.deb
      Size/MD5:   645976 9e359722abdff97a48c3bb5839722efd
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/python-libvirt_0.7.5-5ubuntu27.6_amd64.deb
      Size/MD5:    57362 45a947194bf7c281fb780672f67f3596

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt-bin_0.7.5-5ubuntu27.6_i386.deb
      Size/MD5:   580124 e93a706831f50c5861a13f2a87843e81
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt-dev_0.7.5-5ubuntu27.6_i386.deb
      Size/MD5:   637668 afbe799b18412fd7368805edd20b9637
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt0-dbg_0.7.5-5ubuntu27.6_i386.deb
      Size/MD5:  2234436 243ef0bb32b3f2ccb1281b856661dcbd
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt0_0.7.5-5ubuntu27.6_i386.deb
      Size/MD5:   638638 7af0b516d514dd96f9b9aaf5edfe7d5d
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/python-libvirt_0.7.5-5ubuntu27.6_i386.deb
      Size/MD5:    55770 0dab08df63c45482a5a6c40320ccbdc3

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/libv/libvirt/libvirt-bin_0.7.5-5ubuntu27.6_powerpc.deb
      Size/MD5:   620808 c9fb13e5a70c3f8a882d4c16e5015a03
    http://ports.ubuntu.com/pool/main/libv/libvirt/libvirt-dev_0.7.5-5ubuntu27.6_powerpc.deb
      Size/MD5:   408264 ad027f50a091e87ae90d0107108fe3c9
    http://ports.ubuntu.com/pool/main/libv/libvirt/libvirt0-dbg_0.7.5-5ubuntu27.6_powerpc.deb
      Size/MD5:  1887452 cd1794391845d2c73069f2ccc9cd06b9
    http://ports.ubuntu.com/pool/main/libv/libvirt/libvirt0_0.7.5-5ubuntu27.6_powerpc.deb
      Size/MD5:   496036 fafb36561433e84ae0f20b2b71105491
    http://ports.ubuntu.com/pool/main/libv/libvirt/python-libvirt_0.7.5-5ubuntu27.6_powerpc.deb
      Size/MD5:    59372 9f5b65e61d17a0b68a50a8484b1fb48f



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20101023/65f9692a/attachment.sig>


More information about the ubuntu-security-announce mailing list