Synopsis: Moderate: libvirt security update Advisory ID: SLSA-2019:1578-1 Issue Date: 2019-06-20 CVE Numbers: CVE-2019-10161 -- Security Fix(es): * libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (CVE-2019-10161) * libvirt: virDomainManagedSaveDefineXML API exposed to readonly clients (CVE-2019-10166) * libvirt: arbitrary command execution via virConnectGetDomainCapabilities API (CVE-2019-10167) * libvirt: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs (CVE-2019-10168) -- SL6 x86_64 libvirt-0.10.2-64.el6_10.2.x86_64.rpm libvirt-client-0.10.2-64.el6_10.2.i686.rpm libvirt-client-0.10.2-64.el6_10.2.x86_64.rpm libvirt-debuginfo-0.10.2-64.el6_10.2.i686.rpm libvirt-debuginfo-0.10.2-64.el6_10.2.x86_64.rpm libvirt-python-0.10.2-64.el6_10.2.x86_64.rpm libvirt-devel-0.10.2-64.el6_10.2.i686.rpm libvirt-devel-0.10.2-64.el6_10.2.x86_64.rpm libvirt-lock-sanlock-0.10.2-64.el6_10.2.x86_64.rpm i386 libvirt-0.10.2-64.el6_10.2.i686.rpm libvirt-client-0.10.2-64.el6_10.2.i686.rpm libvirt-debuginfo-0.10.2-64.el6_10.2.i686.rpm libvirt-python-0.10.2-64.el6_10.2.i686.rpm libvirt-devel-0.10.2-64.el6_10.2.i686.rpm - Scientific Linux Development Team