Re: [CentOS-virt] qemu-kvm-ev: usb: out-of-bounds r/w(CVE-2020-14364)

2021-03-28 Thread rj...@vip.qq.com 
I have  reported on bugzilla, link: 
https://bugzilla.redhat.com/show_bug.cgi?id=1943399; But this seems to only 
support ovirt.
Then,opened an issue on CentOS community;link: 
https://bugs.centos.org/view.php?id=18131; 
Thanks.




jasonrao
 
From: centos-virt-request
Date: 2021-03-16 20:00
To: centos-virt
Subject: CentOS-virt Digest, Vol 159, Issue 2
Send CentOS-virt mailing list submissions to
centos-virt@centos.org
 
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.centos.org/mailman/listinfo/centos-virt
or, via email, send a message with subject or body 'help' to
centos-virt-requ...@centos.org
 
You can reach the person managing the list at
centos-virt-ow...@centos.org
 
When replying, please edit your Subject line so it is more specific
than "Re: Contents of CentOS-virt digest..."
 
 
Today's Topics:
 
   1. Re: qemu-kvm-ev: usb: out-of-bounds r/w(CVE-2020-14364)
  (Sandro Bonazzola)
   2. Unable to Login to AWS AMI With SSH Key - aarch64 (David Lemcoe)
   3. Re: Unable to Login to AWS AMI With SSH Key - aarch64
  (David Lemcoe)
 
 
--
 
Message: 1
Date: Mon, 15 Mar 2021 17:30:44 +0100
From: Sandro Bonazzola 
To: Discussion about the virtualization on CentOS

Subject: Re: [CentOS-virt] qemu-kvm-ev: usb: out-of-bounds
r/w(CVE-2020-14364)
Message-ID:

Content-Type: text/plain; charset="utf-8"
 
Il giorno mer 3 mar 2021 alle ore 09:56 rj...@vip.qq.com 
ha scritto:
 
> Hello
> I saw that qemu-kvm-rhev has fixed the issue, but  CentOS
> community hasn't updated the repaired version of qemu-kvm-ev;
> will it be fixed in the future?
>
 
Can you please open a BZ on
https://bugzilla.redhat.com/enter_bug.cgi?product=ovirt-distribution=qemu-kvm-ev
?
Thanks
 
 
 
> thanks
> ___
> CentOS-virt mailing list
> CentOS-virt@centos.org
> https://lists.centos.org/mailman/listinfo/centos-virt
>
 
 
-- 
 
Sandro Bonazzola
 
MANAGER, SOFTWARE ENGINEERING, EMEA R RHV
 
Red Hat EMEA <https://www.redhat.com/>
 
sbona...@redhat.com
<https://www.redhat.com/>
 
*Red Hat respects your work life balance. Therefore there is no need to
answer this email out of your office hours.*
-- next part --
An HTML attachment was scrubbed...
URL: 
<http://lists.centos.org/pipermail/centos-virt/attachments/20210315/52e2ec49/attachment-0001.html>
 
--
 
Message: 2
Date: Mon, 15 Mar 2021 12:36:42 -0400
From: David Lemcoe 
To: centos-virt@centos.org
Subject: [CentOS-virt] Unable to Login to AWS AMI With SSH Key -
aarch64
Message-ID: <12d7b36c-db26-41d6-be8f-779153eca...@delcoe.com>
Content-Type: text/plain; charset="us-ascii"
 
When launching CentOS Stream for aarch64 in us-east-1 using the 
CentOS-sponsored AMI (ami-0a311be1169cd6581, found at 
https://wiki.centos.org/Cloud/AWS <https://wiki.centos.org/Cloud/AWS>) I am 
able to launch the EC2 instance using a Gravitron2 processor, as expected. 
However, when attempting to login to that instance, I get a password prompt for 
the ec2-user, centos, and root users. 
 
This behavior is not expected, because on the x86_64 AMIs the centos user is 
configured to use the SSH key selected in the AWS EC2 Launch Wizard, and a SSH 
login password is not required. 
 
In the aarch64 AMI, the centos and root usernames all prompt for password, and 
never seem to consider the provided SSH key.
 
This is the SSH command that I am using:
 
ssh -i ssh_key_selected_at_launch.pem centos@
 
This command results in a password prompt.
 
What is the process for connecting to the CentOS Stream AMI spun for aarch64?
 
Thank you!
 
David Lemcoe Jr.
 
-- next part --
An HTML attachment was scrubbed...
URL: 
<http://lists.centos.org/pipermail/centos-virt/attachments/20210315/1237a0c6/attachment-0001.html>
-- next part --
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 1481 bytes
Desc: not available
URL: 
<http://lists.centos.org/pipermail/centos-virt/attachments/20210315/1237a0c6/attachment-0001.p7s>
 
--
 
Message: 3
Date: Mon, 15 Mar 2021 12:46:49 -0400
From: David Lemcoe 
To: centos-virt@centos.org
Subject: Re: [CentOS-virt] Unable to Login to AWS AMI With SSH Key -
aarch64
Message-ID: 
Content-Type: text/plain; charset="utf-8"
 
I have resolved my ?issue.? It would appear that CentOS 8 Stream for aarch64 
does not support `t4g.nano` instance sizes. Once I moved to t4g.small, my SSH 
login worked as expected.
 
Sorry to bother!
-- next part --
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 1481 bytes
Desc: not available
URL: 
<http://lists.centos.org/pipermail/ce

Re: [CentOS-virt] qemu-kvm-ev: usb: out-of-bounds r/w(CVE-2020-14364)

2021-03-15 Thread Sandro Bonazzola 
Il giorno mer 3 mar 2021 alle ore 09:56 rj...@vip.qq.com 
ha scritto:

> Hello
> I saw that qemu-kvm-rhev has fixed the issue, but  CentOS
> community hasn't updated the repaired version of qemu-kvm-ev;
> will it be fixed in the future?
>

Can you please open a BZ on
https://bugzilla.redhat.com/enter_bug.cgi?product=ovirt-distribution=qemu-kvm-ev
 ?
Thanks



> thanks
> ___
> CentOS-virt mailing list
> CentOS-virt@centos.org
> https://lists.centos.org/mailman/listinfo/centos-virt
>


-- 

Sandro Bonazzola

MANAGER, SOFTWARE ENGINEERING, EMEA R RHV

Red Hat EMEA 

sbona...@redhat.com


*Red Hat respects your work life balance. Therefore there is no need to
answer this email out of your office hours.*
___
CentOS-virt mailing list
CentOS-virt@centos.org
https://lists.centos.org/mailman/listinfo/centos-virt

[CentOS-virt] qemu-kvm-ev: usb: out-of-bounds r/w(CVE-2020-14364)

2021-03-03 Thread rj...@vip.qq.com 
Hello
I saw that qemu-kvm-rhev has fixed the issue, but  CentOS community 
hasn't updated the repaired version of qemu-kvm-ev;
will it be fixed in the future?
thanks
___
CentOS-virt mailing list
CentOS-virt@centos.org
https://lists.centos.org/mailman/listinfo/centos-virt