[ubuntu/cosmic-security] libvirt 4.6.0-2ubuntu3.8 (Accepted)

Mon Jul 8 11:26:47 UTC 2019

libvirt (4.6.0-2ubuntu3.8) cosmic-security; urgency=medium

  * SECURITY UPDATE: virDomainSaveImageGetXMLDesc does not check for
    read-only connection
    - debian/patches/CVE-2019-10161.patch: add check to
      src/libvirt-domain.c, src/qemu/qemu_driver.c,
      src/remote/remote_protocol.x.
    - CVE-2019-10161
  * SECURITY UPDATE: virDomainManagedSaveDefineXML does not check for
    read-only connection
    - debian/patches/CVE-2019-10166.patch: add check to
      src/libvirt-domain.c.
    - CVE-2019-10166
  * SECURITY UPDATE: virConnectGetDomainCapabilities does not check for
    read-only connection
    - debian/patches/CVE-2019-10167.patch: add check to
      src/libvirt-domain.c.
    - CVE-2019-10167
  * SECURITY UPDATE: virConnect*HypervisorCPU do not check for read-only
    connection
    - debian/patches/CVE-2019-10168.patch: add checks to
      src/libvirt-host.c.
    - CVE-2019-10168

Date: 2019-07-02 14:03:20.155158+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/libvirt/4.6.0-2ubuntu3.8
-------------- next part --------------
Sorry, changesfile not available.