CVE request -- vdsm: certificate generation upon node creation

[Petr Matousek <pmatouse () redhat com>]

When new node image is being created, vdsm.rpm is added to the node
image and self-signed key (and certificate) is created. This key/cert
allows vdsm to start and serve requests from anyone who has a matching
key/cert which could be anybody holding the node image.

Upstream fix:
http://gerrit.ovirt.org/#/c/8368/

Acknowledgements:

This issue was discovered by Dan Kenigsberg of Red Hat.

References:
https://bugzilla.redhat.com/show_bug.cgi?id=875367

Thanks,
-- 
Petr Matousek / Red Hat Security Response Team