Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15:Update
libvirt.11701
CVE-2019-3886-remote.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2019-3886-remote.patch of Package libvirt.11701
commit 9737baf530d80eff19d46a5feb130d3064d47d64 Author: Daniel P. Berrangé <berrange@redhat.com> Date: Wed Apr 3 15:00:50 2019 +0100 remote: enforce ACL write permission for getting guest time & hostname Getting the guest time and hostname both require use of guest agent commands. These must not be allowed for read-only users, so the permissions check must validate "write" permission not "read". Fixes CVE-2019-3886 Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Index: libvirt-4.0.0/src/remote/remote_protocol.x =================================================================== --- libvirt-4.0.0.orig/src/remote/remote_protocol.x +++ libvirt-4.0.0/src/remote/remote_protocol.x @@ -5405,7 +5405,7 @@ enum remote_procedure { /** * @generate: both - * @acl: domain:read + * @acl: domain:write */ REMOTE_PROC_DOMAIN_GET_HOSTNAME = 277, @@ -5800,7 +5800,7 @@ enum remote_procedure { /** * @generate: none - * @acl: domain:read + * @acl: domain:write */ REMOTE_PROC_DOMAIN_GET_TIME = 337,
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
