From 93cbbb2ce8b1e196e7a22fd43a31fe8c932b9605 Mon Sep 17 00:00:00 2001 From: Fabrice Fontaine Date: Wed, 15 Sep 2021 22:56:40 +0200 Subject: [PATCH] package/libvirt: security bump to version 7.7.0 - storage: Unlock pool objects on ACL check failures in storagePoolLookupByTargetPath (CVE-2021-3667) A logic bug in storagePoolLookupByTargetPath where the storage pool object was left locked after a failure of the ACL check could potentially deprive legitimate users access to a storage pool object by users who don't have access. - svirt: fix MCS label generation (CVE-2021-3631) A flaw in the way MCS labels were generated could result in a VM's resource not being fully protected from access by another VM were it to be compromised. https://gitlab.com/libvirt/libvirt/-/issues/153 - Disable Cloud-Hypervisor driver added by https://gitlab.com/libvirt/libvirt/-/commit/56fbabf1a1e272c6cc50adcb603996cf8e94ad08 - Update indentation in hash file (two spaces) https://gitlab.com/libvirt/libvirt/-/blob/v7.7.0/NEWS.rst Signed-off-by: Fabrice Fontaine Signed-off-by: Yann E. MORIN --- package/libvirt/libvirt.hash | 4 ++-- package/libvirt/libvirt.mk | 3 ++- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/package/libvirt/libvirt.hash b/package/libvirt/libvirt.hash index ec96dfc62c..e8cbb34e2a 100644 --- a/package/libvirt/libvirt.hash +++ b/package/libvirt/libvirt.hash @@ -1,3 +1,3 @@ # locally computed -sha256 b366d73dee6ce77a226bedef592e0620ceb8e22e5998f60768017f79fc4ead26 libvirt-7.4.0.tar.xz -sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING +sha256 1b616099c18d14b9424a622f2a0bd3e0cfa286414f3416bd1a8173621b2252b2 libvirt-7.7.0.tar.xz +sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING diff --git a/package/libvirt/libvirt.mk b/package/libvirt/libvirt.mk index f30baaab71..0f6c7cef7f 100644 --- a/package/libvirt/libvirt.mk +++ b/package/libvirt/libvirt.mk @@ -4,7 +4,7 @@ # ################################################################################ -LIBVIRT_VERSION = 7.4.0 +LIBVIRT_VERSION = 7.7.0 LIBVIRT_SITE = https://libvirt.org/sources LIBVIRT_SOURCE = libvirt-$(LIBVIRT_VERSION).tar.xz LIBVIRT_LICENSE = LGPL-2.1+ @@ -35,6 +35,7 @@ LIBVIRT_CONF_OPTS = \ -Dapparmor=disabled \ -Ddocs=disabled \ -Ddriver_bhyve=disabled \ + -Ddriver_ch=disabled \ -Ddriver_esx=disabled \ -Ddriver_hyperv=disabled \ -Ddriver_interface=enabled \ -- 2.30.2