oVirt Node 4.5.0.1 Async update On April 26th 2022 the oVirt project released an async update of oVirt Node (4.5.0.1) delivering important impact security fixes, several bug fixes and enhancements. The update is already available on resources.ovirt.org and should land on oVirt mirrors within 24 hours. Security fixes included in oVirt Node NG 4.5.0 Async1 compared to latest oVirt 4.5.0 GA: - CVE-2022-1015 <https://bugzilla.redhat.com/show_bug.cgi?id=2065323> - important - kernel: arbitrary code execution in linux/net/netfilter/nf_tables_api.c - CVE-2022-0435 <https://bugzilla.redhat.com/show_bug.cgi?id=2048738> - important - kernel: remote stack overflow via kernel panic on systems using TIPC may lead to DoS - CVE-2022-25636 <https://bugzilla.redhat.com/show_bug.cgi?id=2056830> - important - kernel: heap out of bounds write in nf_dup_netdev.c - CVE-2021-4028 <https://bugzilla.redhat.com/show_bug.cgi?id=2027201> - important - kernel: use-after-free in RDMA listen() - CVE-2022-1016 <https://bugzilla.redhat.com/show_bug.cgi?id=2066614> - moderate - kernel: uninitialized registers on stack in nft_do_chain can cause kernel pointer leakage to UM oVirt Node has been updated, including: - Ansible Core 2.12.3: https://github.com/ansible/ansible/blob/stable-2.12/changelogs/CHANGELOG-... - CentOS Stream 8 latest updates - Full list of changes compared to oVirt Node 4.5.0 GA: 4.5.0 GA 4.5.0 Async #1 ansible-core 2.12.2-2.el8 2.12.3-1.el8 binutils 2.30-113.el8 2.30-114.el8 fribidi 1.0.4-8.el8 1.0.4-9.el8 ipa-client 4.9.8-2.module_el8.6.0+1054+cdb51b28 4.9.8-6.module_el8.6.0+1104+ba556574 ipa-client-common 4.9.8-2.module_el8.6.0+1054+cdb51b28 4.9.8-6.module_el8.6.0+1104+ba556574 ipa-common 4.9.8-2.module_el8.6.0+1054+cdb51b28 4.9.8-6.module_el8.6.0+1104+ba556574 ipa-selinux 4.9.8-2.module_el8.6.0+1054+cdb51b28 4.9.8-6.module_el8.6.0+1104+ba556574 ipxe-roms-qemu 20181214-8.git133f4c47.el8 20181214-9.git133f4c47.el8 kernel 4.18.0-373.el8 4.18.0-383.el8 kernel-core 4.18.0-373.el8 4.18.0-383.el8 kernel-modules 4.18.0-373.el8 4.18.0-383.el8 kernel-tools 4.18.0-373.el8 4.18.0-383.el8 kernel-tools-libs 4.18.0-373.el8 4.18.0-383.el8 krb5-libs 1.18.2-14.el8 1.18.2-17.el8 krb5-workstation 1.18.2-14.el8 1.18.2-17.el8 libestr 0.1.10-1.el8 0.1.10-3.el8 libkadm5 1.18.2-14.el8 1.18.2-17.el8 nmstate 1.2.1-1.el8 1.3.0-0.alpha.20220407.el8 nmstate-plugin-ovsdb 1.2.1-1.el8 1.3.0-0.alpha.20220407.el8 openvswitch2.15 2.15.0-81.el8s 2.15.0-88.el8s openvswitch2.15-ipsec 2.15.0-81.el8s 2.15.0-88.el8s ovirt-node-ng-image-update-placeholder 4.5.0-4.el8 4.5.0.1-1.el8 ovirt-release-host-node 4.5.0-4.el8 4.5.0.1-1.el8 python3-ipaclient 4.9.8-2.module_el8.6.0+1054+cdb51b28 4.9.8-6.module_el8.6.0+1104+ba556574 python3-ipalib 4.9.8-2.module_el8.6.0+1054+cdb51b28 4.9.8-6.module_el8.6.0+1104+ba556574 python3-libnmstate 1.2.1-1.el8 1.3.0-0.alpha.20220407.el8 python3-openvswitch2.15 2.15.0-81.el8s 2.15.0-88.el8s python3-perf 4.18.0-373.el8 4.18.0-383.el8 python3-sanlock 3.8.4-1.el8 3.8.4-3.el8 rsyslog 8.2102.0-7.el8 8.2102.0-9.el8 rsyslog-elasticsearch 8.2102.0-7.el8 8.2102.0-9.el8 rsyslog-mmjsonparse 8.2102.0-7.el8 8.2102.0-9.el8 rsyslog-mmnormalize 8.2102.0-7.el8 8.2102.0-9.el8 rsyslog-openssl 8.2102.0-7.el8 8.2102.0-9.el8 sanlock 3.8.4-1.el8 3.8.4-3.el8 sanlock-lib 3.8.4-1.el8 3.8.4-3.el8 virt-install 3.2.0-3.el8 3.2.0-4.el8 virt-manager-common 3.2.0-3.el8 3.2.0-4.el8 virt-what 1.18-13.el8 1.18-14.el8 Additional resources: - Read more about the oVirt 4.5.0 release highlights: https://www.ovirt.org/release/4.5.0/ - Get more oVirt project updates on Twitter: https://twitter.com/ovirt - Check out the latest project news on the oVirt blog: https://blogs.ovirt.org/ -- Sandro Bonazzola MANAGER, SOFTWARE ENGINEERING, EMEA R&D RHV Red Hat EMEA <https://www.redhat.com/> sbonazzo(a)redhat.com <https://www.redhat.com/> *Red Hat respects your work life balance. Therefore there is no need to answer this email out of your office hours.*