[ol8_appstream] libvirt-daemon-config-network-4.5.0-24.3.0.1.module+el8.0.0+5339+ebcc8ca7.x86_64

Default configuration files for setting up NAT based networking

Changelog (Show File list) (Show related packages)

• Thu Sep 12 2019 Edward Leung <edward.leung@oracle.com> - 4.5.0-24.3.0.1

  - added librbd1 as dependency (Keshav Sharma)

• Sun Jun 30 2019 Danilo de Paula <ddepaula@redhat.com> - 4.5.0-24.3

  - Rebuild all virt packages to fix RHEL's upgrade path
  - Resolves: rhbz#1696354
    (Ensure modular RPM upgrade path [ZStream Clone] [rhel-8.0.0.z])

• Tue Jun 18 2019 Jiri Denemark <jdenemar@redhat.com> - 4.5.0-23.3.el8

  - api: disallow virDomainSaveImageGetXMLDesc on read-only connections (CVE-2019-10161)
  - api: disallow virDomainManagedSaveDefineXML on read-only connections (CVE-2019-10166)
  - api: disallow virConnectGetDomainCapabilities on read-only connections (CVE-2019-10167)
  - api: disallow virConnect*HypervisorCPU on read-only connections (CVE-2019-10168)

• Thu May 16 2019 Jiri Denemark <jdenemar@redhat.com> - 4.5.0-23.2.el8

  - admin: reject clients unless their UID matches the current UID (CVE-2019-10132)
  - locking: restrict sockets to mode 0600 (CVE-2019-10132)
  - logging: restrict sockets to mode 0600 (CVE-2019-10132)

• Mon May 06 2019 Jiri Denemark <jdenemar@redhat.com> - 4.5.0-23.1.el8

  - cpu_x86: Do not cache microcode version (CVE-2018-12130, CVE-2018-12126, CVE-2018-11091, CVE-2018-12127)
  - qemu: Don't cache microcode version (CVE-2018-12130, CVE-2018-12126, CVE-2018-11091, CVE-2018-12127)
  - cputest: Add data for Intel(R) Xeon(R) CPU E3-1225 v5 (CVE-2018-12130, CVE-2018-12126, CVE-2018-11091, CVE-2018-12127)
  - cpu_map: Define md-clear CPUID bit (CVE-2018-12130, CVE-2018-12126, CVE-2018-11091, CVE-2018-12127)

• Fri Feb 15 2019 Jiri Denemark <jdenemar@redhat.com> - 4.5.0-23

  - network: explicitly allow icmp/icmpv6 in libvirt zonefile (rhbz#1650320)

• Fri Feb 15 2019 Jiri Denemark <jdenemar@redhat.com> - 4.5.0-22

  - util: fix memory leak in virFirewallDInterfaceSetZone() (rhbz#1650320)

• Fri Feb 08 2019 Jiri Denemark <jdenemar@redhat.com> - 4.5.0-21

  - docs: Drop /dev/net/tun from the list of shared devices (rhbz#1665400)
  - qemu: conf: Remove /dev/sev from the default cgroup device acl list (rhbz#1665400)
  - qemu: cgroup: Expose /dev/sev/ only to domains that require SEV (rhbz#1665400)
  - qemu: domain: Add /dev/sev into the domain mount namespace selectively (rhbz#1665400)
  - security: dac: Relabel /dev/sev in the namespace (rhbz#1665400)
  - qemu: caps: Use CAP_DAC_OVERRIDE for probing to avoid permission issues (rhbz#1665400)
  - qemu: caps: Don't try to ask for CAP_DAC_OVERRIDE if non-root (rhbz#1665400)
  - Revert "RHEL: Require firewalld-filesystem for firewalld rpm macros" (rhbz#1650320)
  - Revert "RHEL: network: regain guest network connectivity after firewalld switch to nftables" (rhbz#1650320)
  - configure: change HAVE_FIREWALLD to WITH_FIREWALLD (rhbz#1650320)
  - util: move all firewalld-specific stuff into its own files (rhbz#1650320)
  - util: new virFirewallD APIs + docs (rhbz#1650320)
  - configure: selectively install a firewalld 'libvirt' zone (rhbz#1650320)
  - network: set firewalld zone of bridges to "libvirt" zone when appropriate (rhbz#1650320)
  - network: allow configuring firewalld zone for virtual network bridge device (rhbz#1650320)
  - util: remove test code accidentally committed to virFirewallDZoneExists (rhbz#1650320)
  - qemu: command: Don't skip 'readonly' and throttling info for empty drive (rhbz#1670337)

• Mon Jan 28 2019 Jiri Denemark <jdenemar@redhat.com> - 4.5.0-20

  - RHEL: qemu: Fix crash trying to use iSCSI hostdev (rhbz#1669424)

• Thu Jan 24 2019 Jiri Denemark <jdenemar@redhat.com> - 4.5.0-19

  - qemu: Fix logic error in qemuSetUnprivSGIO (rhbz#1666605)
  - tests: qemuxml2argv: Add test case for empty CDROM with cache mode (rhbz#1553255)
  - qemu: command: Don't format image properties for empty -drive (rhbz#1553255)