Important: Red Hat Virtualization security and bug fix update
Security Advisory: Important
Identify and remediate systems affected by this advisory.
An update is now available for Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8, Red Hat Virtualization 4 for Red Hat Enterprise Linux 8, and Red Hat Virtualization Engine 4.4.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
The VDSM service is required by a Virtualization Manager to manage the Linux hosts. VDSM manages and monitors the host's storage, memory and networks as well as virtual machine creation, other host administration tasks, statistics gathering, and log collection.
The following packages have been upgraded to a later upstream version: ovirt-dependencies (4.5.3), ovirt-engine (4.5.3.8), vdsm (4.50.3.8). (BZ#2180717)
Security Fix(es):
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
In this release, the check has been fixed in the Manager, and such hosts work properly. (BZ#2184623)
As a result, a Null Pointer Exception is thrown in the Administration Portal > Compute > Hosts > Network Interfaces tab.
With this release, null values are accepted, and there are no exceptions displayed in the Network Interfaces tab. (BZ#2180230)
In this release, RAW sparse volumes are extended as expected. (BZ#2210036)
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to: