oVirt Node 4.5.0.1 Async update
On April 26th 2022 the oVirt project released an async update of oVirt Node (4.5.0.1) delivering important impact security fixes, several bug fixes and enhancements.
The update is already available on resources.ovirt.org and should land on oVirt mirrors within 24 hours.
Security fixes included in oVirt Node NG 4.5.0 Async1 compared to latest oVirt 4.5.0 GA:
CVE-2022-1015 - important - kernel: arbitrary code execution in linux/net/netfilter/nf_tables_api.c
CVE-2022-0435 - important - kernel: remote stack overflow via kernel panic on systems using TIPC may lead to DoS
CVE-2022-25636 - important - kernel: heap out of bounds write in nf_dup_netdev.c
CVE-2021-4028 - important - kernel: use-after-free in RDMA listen()
CVE-2022-1016 - moderate - kernel: uninitialized registers on stack in nft_do_chain can cause kernel pointer leakage to UM
oVirt Node has been updated, including:
Ansible Core 2.12.3: https://github.com/ansible/ansible/blob/stable-2.12/changelogs/CHANGELOG-v2.12.rst#v2123
CentOS Stream 8 latest updates
Full list of changes compared to oVirt Node 4.5.0 GA:
4.5.0 GA 4.5.0 Async #1
ansible-core 2.12.2-2.el8 2.12.3-1.el8
binutils 2.30-113.el8 2.30-114.el8
fribidi 1.0.4-8.el8 1.0.4-9.el8
ipa-client 4.9.8-2.module_el8.6.0+1054+cdb51b28 4.9.8-6.module_el8.6.0+1104+ba556574
ipa-client-common 4.9.8-2.module_el8.6.0+1054+cdb51b28 4.9.8-6.module_el8.6.0+1104+ba556574
ipa-common 4.9.8-2.module_el8.6.0+1054+cdb51b28 4.9.8-6.module_el8.6.0+1104+ba556574
ipa-selinux 4.9.8-2.module_el8.6.0+1054+cdb51b28 4.9.8-6.module_el8.6.0+1104+ba556574
ipxe-roms-qemu 20181214-8.git133f4c47.el8 20181214-9.git133f4c47.el8
kernel 4.18.0-373.el8 4.18.0-383.el8
kernel-core 4.18.0-373.el8 4.18.0-383.el8
kernel-modules 4.18.0-373.el8 4.18.0-383.el8
kernel-tools 4.18.0-373.el8 4.18.0-383.el8
kernel-tools-libs 4.18.0-373.el8 4.18.0-383.el8
krb5-libs 1.18.2-14.el8 1.18.2-17.el8
krb5-workstation 1.18.2-14.el8 1.18.2-17.el8
libestr 0.1.10-1.el8 0.1.10-3.el8
libkadm5 1.18.2-14.el8 1.18.2-17.el8
nmstate 1.2.1-1.el8 1.3.0-0.alpha.20220407.el8
nmstate-plugin-ovsdb 1.2.1-1.el8 1.3.0-0.alpha.20220407.el8
openvswitch2.15 2.15.0-81.el8s 2.15.0-88.el8s
openvswitch2.15-ipsec 2.15.0-81.el8s 2.15.0-88.el8s
ovirt-node-ng-image-update-placeholder 4.5.0-4.el8 4.5.0.1-1.el8
ovirt-release-host-node 4.5.0-4.el8 4.5.0.1-1.el8
python3-ipaclient 4.9.8-2.module_el8.6.0+1054+cdb51b28 4.9.8-6.module_el8.6.0+1104+ba556574
python3-ipalib 4.9.8-2.module_el8.6.0+1054+cdb51b28 4.9.8-6.module_el8.6.0+1104+ba556574
python3-libnmstate 1.2.1-1.el8 1.3.0-0.alpha.20220407.el8
python3-openvswitch2.15 2.15.0-81.el8s 2.15.0-88.el8s
python3-perf 4.18.0-373.el8 4.18.0-383.el8
python3-sanlock 3.8.4-1.el8 3.8.4-3.el8
rsyslog 8.2102.0-7.el8 8.2102.0-9.el8
rsyslog-elasticsearch 8.2102.0-7.el8 8.2102.0-9.el8
rsyslog-mmjsonparse 8.2102.0-7.el8 8.2102.0-9.el8
rsyslog-mmnormalize 8.2102.0-7.el8 8.2102.0-9.el8
rsyslog-openssl 8.2102.0-7.el8 8.2102.0-9.el8
sanlock 3.8.4-1.el8 3.8.4-3.el8
sanlock-lib 3.8.4-1.el8 3.8.4-3.el8
virt-install 3.2.0-3.el8 3.2.0-4.el8
virt-manager-common 3.2.0-3.el8 3.2.0-4.el8
virt-what 1.18-13.el8 1.18-14.el8
Additional resources:
Read more about the oVirt 4.5.0 release highlights: https://www.ovirt.org/release/4.5.0/
Get more oVirt project updates on Twitter: https://twitter.com/ovirt
Check out the latest project news on the oVirt blog: https://blogs.ovirt.org/
Sandro Bonazzola
MANAGER, SOFTWARE ENGINEERING, EMEA R&D RHV