On 4 January 2018 at 09:24, Marcel Hanke <marcel.hanke@1und1.de> wrote:
Hi, besides the kernel and microcode updates are there also updates of ovirt- engine and vdsm nessessary and if so, is there a timeline when the patches can be expected? If there are Patches nessessary will there also be updates for ovirt 4.1 or only 4.2?
Looking at the relevant Red Hat announcement: https://access.redhat.com/security/vulnerabilities/speculativeexecution It seems that no packages that are derived directly from oVirt were updated. You can see qemu-kvm-rhev there, which is quemu-kvm-ev in CentOS - that used to be distributed by oVirt, but these days its is shipped as part of the CentOS VirtSIG repo. AFAIK none of those components were released on CentOS yet, so if you're running oVirt on CentOS you'll need to wait. I suppose oVirt packages and install scripts will be updated over the next few days to require the newer packages, but you do not need to wait for those updates to patch your systems, you can probably patch as soon as the updates are made available. Once updates are available, a new node and engine-apppliance images will probably also be built and released. Please note that the above as mostly a rough estimate based on my familiarity with the processes involved, I am not directly affiliated with any of the teams handling the response to these CVEs. -- Barak Korren RHV DevOps team , RHCE, RHCi Red Hat EMEA redhat.com | TRIED. TESTED. TRUSTED. | redhat.com/trusted