Synopsis: Low: libguestfs security, bug fix, and enhancement update Issue Date: 2012-06-20 CVE Numbers: CVE-2012-2690 libguestfs is a library for accessing and modifying guest disk images. It was found that editing files with virt-edit left said files in a world-readable state (and did not preserve the file owner or Security-Enhanced Linux context). If an administrator on the host used virt-edit to edit a file inside a guest, the file would be left with world-readable permissions. This could lead to unprivileged guest users accessing files they would otherwise be unable to. (CVE-2012-2690) These updated libguestfs packages include numerous bug fixes and enhancements. Users of libguestfs are advised to upgrade to these updated packages, which fix these issues and add these enhancements. SL6: x86_64 libguestfs-1.16.19-1.el6.x86_64.rpm libguestfs-debuginfo-1.16.19-1.el6.x86_64.rpm libguestfs-devel-1.16.19-1.el6.x86_64.rpm libguestfs-java-1.16.19-1.el6.x86_64.rpm libguestfs-java-devel-1.16.19-1.el6.x86_64.rpm libguestfs-javadoc-1.16.19-1.el6.x86_64.rpm libguestfs-tools-1.16.19-1.el6.x86_64.rpm libguestfs-tools-c-1.16.19-1.el6.x86_64.rpm ocaml-libguestfs-1.16.19-1.el6.x86_64.rpm ocaml-libguestfs-devel-1.16.19-1.el6.x86_64.rpm perl-Sys-Guestfs-1.16.19-1.el6.x86_64.rpm python-libguestfs-1.16.19-1.el6.x86_64.rpm ruby-libguestfs-1.16.19-1.el6.x86_64.rpm - Scientific Linux Development Team