Issued:: 2018-05-15
Updated:: 2018-05-15

RHSA-2018:1524 - Important: redhat-virtualization-host bug fix and enhancement update

Synopsis

Important: redhat-virtualization-host bug fix and enhancement update

Type/Severity

Security Advisory Important

Topic

Updated redhat-virtualization-host packages that fix several bugs and add various enhancements are now available.

Description

The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.

Includes GlusterFS fixes for CVE-2018-1088, dhcp fixes for CVE-2018-1111, kernel fixes for CVE-2018-1087, and kernel fixes for CVE-2018-8897.

A list of bugs fixed in this update is available in the Technical Notes book: https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.2/html/technical_notes/

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/2974891

Affected Products

Product	Version	Arch
Red Hat Virtualization	4	x86_64
Red Hat Virtualization Host	4	x86_64

Updated Packages

redhat-virtualization-host-4.2-20180508.0.el7_5.src.rpm
redhat-virtualization-host-image-update-4.2-20180508.0.el7_5.noarch.rpm
imgbased-1.0.16-0.1.el7ev.noarch.rpm
ovirt-node-ng-nodectl-4.2.0-0.20170814.0.el7.noarch.rpm
redhat-virtualization-host-image-update-placeholder-4.2-3.0.el7.noarch.rpm
python-imgbased-1.0.16-0.1.el7ev.noarch.rpm
imgbased-1.0.16-0.1.el7ev.src.rpm
ovirt-node-ng-4.2.0-0.20170814.0.el7.src.rpm
redhat-release-virtualization-host-4.2-3.0.el7.src.rpm
redhat-release-virtualization-host-4.2-3.0.el7.x86_64.rpm

Fixes

CVEs

References

https://access.redhat.com/security/updates/classification/#important

Additional information

The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.