[ovirt-users] Are Ovirt updates nessessary after CVE-2017-5754 CVE-2017-5753 CVE-2017-5715

Yaniv Kaul ykaul at redhat.com
Thu Jan 4 16:21:44 UTC 2018


On Thu, Jan 4, 2018 at 12:31 PM, Barak Korren <bkorren at redhat.com> wrote:

> On 4 January 2018 at 09:24, Marcel Hanke <marcel.hanke at 1und1.de> wrote:
> > Hi,
> > besides the kernel and microcode updates are there also updates of ovirt-
> > engine and vdsm nessessary and if so, is there a timeline when the
> patches can
> > be expected?
> > If there are Patches nessessary will there also be updates for ovirt 4.1
> or
> > only 4.2?
>
> Looking at the relevant Red Hat announcement:
> https://access.redhat.com/security/vulnerabilities/speculativeexecution
>
> It seems that no packages that are derived directly from oVirt were
> updated.
> You can see qemu-kvm-rhev there, which is quemu-kvm-ev in CentOS -
> that used to be distributed by oVirt, but these days its is shipped as
> part of the CentOS VirtSIG repo.
>
> AFAIK none of those components were released on CentOS yet, so if
> you're running oVirt on CentOS you'll need to wait.
>

CentOS kernel, microcode_ctl and linux-firmware have been released.
See [1] for example. I'm sure others will follow.
Y.

[1]
https://lists.centos.org/pipermail/centos-announce/2018-January/022696.html


>
> I suppose oVirt packages and install scripts will be updated over the
> next few days to require the newer packages, but you do not need to
> wait for those updates to patch your systems, you can probably patch
> as soon as the updates are made available.
>
> Once updates are available, a new node and engine-apppliance images
> will probably also be built and released.
>
> Please note that the above as mostly a rough estimate based on my
> familiarity with the processes involved, I am not directly affiliated
> with any of the teams handling the response to these CVEs.
>
> --
> Barak Korren
> RHV DevOps team , RHCE, RHCi
> Red Hat EMEA
> redhat.com | TRIED. TESTED. TRUSTED. | redhat.com/trusted
> _______________________________________________
> Users mailing list
> Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20180104/818c6210/attachment.html>


More information about the Users mailing list