(RHSA-2021:4703) Important: RHV Engine and Host Common Packages security update [ovirt-4.4.9]

The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning.

The ovirt.ovirt package (previously ovirt-ansible-collection) manages all oVirt Ansible modules.

The ovirt-ansible-hosted-engine-setup package provides an Ansible role for deploying Red Hat Virtualization Hosted-Engine.

otopi is a standalone, plug-in based installation framework to be used to set up system components. The plug-in nature provides simplicity to add new installation functionality without the complexity of the state and transaction management.

Security Fix(es):

• Ansible: ansible-connection module discloses sensitive info in traceback error message (CVE-2021-3620)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

• A playbook executed by Ansible Engine 2.9.25 inside a virtual machine running on Red Hat Virtualization 4.4.9 correctly detects that this is a virtual machine running on Red Hat Virtualization by using Ansible facts. (BZ#1904085)

• Red Hat Virtualization now supports Ansible-2.9.27 for internal usage. (BZ#2003671)

• Previously, upgrading from Red Hat Virtualization 4.3 failed when using an isolated network during IPv6 deployment. In this release, a forward network is used instead of an isolated network during an IPv6 deployment. As a result, upgrade from Red Hat Virtualization 4.3 using IPv6 now succeeds. (BZ#1947709)