(RHSA-2019:1116) Important: redhat-virtualization-host security update

OVMF (Open Virtual Machine Firmware) is an EDK II (edk2) based project to enable UEFI support for Virtual Machines. The ovmf package contains a sample 64-bit UEFI firmware for QEMU and KVM, including the edk2 package.

The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host’s resources and performing administrative tasks.

Security Fix(es):

• edk2: Buffer Overflow in BlockIo service for RAM disk (CVE-2018-12180)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

• Previously, after upgrading Red Hat Virtualization Host from rhvh-4.1-0.20180425.0 to rhvh-4.2.4.3-0.20180627, the owner and group of sshd.conf were incorrectly changed from root:root to sssd:sssd. As a result, RHEL IdM accounts using sssd could not ssh into the host. The current release fixes this issue. (BZ#1608513)