Synopsis:          Low: libvirt security update
Advisory ID:       SLSA-2018:1929-1
Issue Date:        2018-06-19
CVE Numbers:       CVE-2018-5748
                   CVE-2018-1064
--

Security Fix(es):

* libvirt: Resource exhaustion via qemuMonitorIORead() method
(CVE-2018-5748)

* libvirt: Incomplete fix for CVE-2018-5748 triggered by QEMU guest agent
(CVE-2018-1064)
--

SL6
  x86_64
    libvirt-0.10.2-64.el6.x86_64.rpm
    libvirt-client-0.10.2-64.el6.i686.rpm
    libvirt-client-0.10.2-64.el6.x86_64.rpm
    libvirt-debuginfo-0.10.2-64.el6.i686.rpm
    libvirt-debuginfo-0.10.2-64.el6.x86_64.rpm
    libvirt-python-0.10.2-64.el6.x86_64.rpm
    libvirt-devel-0.10.2-64.el6.i686.rpm
    libvirt-devel-0.10.2-64.el6.x86_64.rpm
    libvirt-lock-sanlock-0.10.2-64.el6.x86_64.rpm
  i386
    libvirt-0.10.2-64.el6.i686.rpm
    libvirt-client-0.10.2-64.el6.i686.rpm
    libvirt-debuginfo-0.10.2-64.el6.i686.rpm
    libvirt-python-0.10.2-64.el6.i686.rpm
    libvirt-devel-0.10.2-64.el6.i686.rpm

- Scientific Linux Development Team