First published: Thu Sep 08 2022(Updated: )
The ovirt-host package consolidates host package requirements into a single meta package.<br>Security Fix(es):<br><li> moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.<br>Bug Fix(es):<br><li> The hosted-engine-ha binaries have been moved from /usr/share to /usr/libexec. As a result, the hosted-engine --clean-metadata command fails. With this release, you must use the new path for the command to succeed: /usr/libexec/ovirt-hosted-engine-ha/ovirt-ha-agent (BZ#2105781)</li> <li> A new warning has been added to the vdsm-tool to protect users from using the unsupported user_friendly_names multipath configuration. The following is an example of the output:</li> $ vdsm-tool is-configured --module multipath<br>WARNING: Invalid configuration: 'user_friendly_names' is enabled in multipath configuration:<br> section1 {<br> key1 value1<br> user_friendly_names yes<br> key2 value2<br> }<br> section2 {<br> user_friendly_names yes<br> }<br>This configuration is not supported and may lead to storage domain corruption. (BZ#1793207)
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/cockpit-ovirt | <0.16.2-1.el8e | 0.16.2-1.el8e |
redhat/mom | <0.6.3-1.el8e | 0.6.3-1.el8e |
redhat/ovirt-host | <4.5.0-3.1.el8e | 4.5.0-3.1.el8e |
redhat/ovirt-hosted-engine-setup | <2.6.5-1.1.el8e | 2.6.5-1.1.el8e |
redhat/vdsm | <4.50.2.2-1.el8e | 4.50.2.2-1.el8e |
redhat/cockpit-ovirt-dashboard | <0.16.2-1.el8e | 0.16.2-1.el8e |
redhat/ovirt-host-dependencies | <4.5.0-3.1.el8e | 4.5.0-3.1.el8e |
redhat/vdsm-api | <4.50.2.2-1.el8e | 4.50.2.2-1.el8e |
redhat/vdsm-client | <4.50.2.2-1.el8e | 4.50.2.2-1.el8e |
redhat/vdsm-common | <4.50.2.2-1.el8e | 4.50.2.2-1.el8e |
redhat/vdsm-gluster | <4.50.2.2-1.el8e | 4.50.2.2-1.el8e |
redhat/vdsm-hook-checkips | <4.50.2.2-1.el8e | 4.50.2.2-1.el8e |
redhat/vdsm-hook-cpuflags | <4.50.2.2-1.el8e | 4.50.2.2-1.el8e |
redhat/vdsm-hook-ethtool-options | <4.50.2.2-1.el8e | 4.50.2.2-1.el8e |
redhat/vdsm-hook-extra-ipv4-addrs | <4.50.2.2-1.el8e | 4.50.2.2-1.el8e |
redhat/vdsm-hook-fcoe | <4.50.2.2-1.el8e | 4.50.2.2-1.el8e |
redhat/vdsm-hook-localdisk | <4.50.2.2-1.el8e | 4.50.2.2-1.el8e |
redhat/vdsm-hook-nestedvt | <4.50.2.2-1.el8e | 4.50.2.2-1.el8e |
redhat/vdsm-hook-openstacknet | <4.50.2.2-1.el8e | 4.50.2.2-1.el8e |
redhat/vdsm-hook-vhostmd | <4.50.2.2-1.el8e | 4.50.2.2-1.el8e |
redhat/vdsm-http | <4.50.2.2-1.el8e | 4.50.2.2-1.el8e |
redhat/vdsm-jsonrpc | <4.50.2.2-1.el8e | 4.50.2.2-1.el8e |
redhat/vdsm-network | <4.50.2.2-1.el8e | 4.50.2.2-1.el8e |
redhat/vdsm-python | <4.50.2.2-1.el8e | 4.50.2.2-1.el8e |
redhat/vdsm-yajsonrpc | <4.50.2.2-1.el8e | 4.50.2.2-1.el8e |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.