[ubuntu/precise-security] libvirt 0.9.8-2ubuntu17.13 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Wed Sep 18 13:33:36 UTC 2013 

libvirt (0.9.8-2ubuntu17.13) precise-security; urgency=low

  * SECURITY UPDATE: possible privilege escalation via pkcheck race.
    - debian/patches/CVE-2013-4311.patch: add uid to pkcheck call in
      configure.ac, daemon/remote.c, src/Makefile.am,
      src/rpc/virnetserverclient.*, src/rpc/virnetsocket.c*,
      src/util/virprocess.*, src/util/virstring.*.
    - debian/patches/CVE-2013-4311-autotools.patch: autotools changes.
    - debian/control: specify version of policykit-1 security update, add
      libpolkit-gobject-1-dev to Build-Depends.
    - CVE-2013-4311
  * SECURITY UPDATE: denial of service in remoteDispatchDomainMemoryStats
    - debian/patches/CVE-2013-4296.patch: properly initialize stats in
      daemon/remote.c.
    - CVE-2013-4296

libvirt (0.9.8-2ubuntu17.10) precise-proposed; urgency=low

  * debian/libvirt-bin.{dirs,install}: install dnsmasq.d-available/libvirt-bin
    (LP: #1113821)

libvirt (0.9.8-2ubuntu17.9) precise-proposed; urgency=low

  * put libvirt-bin dnsmasq file into /etc/dnsmasq.d-available, and
    create a symlink in /etc/dnsmasq.d, to avoid problems when removing
    and re-installing libvirt-bin.  (LP: #1113821)

libvirt (0.9.8-2ubuntu17.8) precise-proposed; urgency=low

  [ Adam Conrad ]
  * libvirt-bin.postinst: also put admin group members into the libvirtd
    group, to support systems installed before precise.  (LP: #1124127)
  * libvirt-bin.postinst: use getent group instead of grep /etc/group

  [ Serge Hallyn ]
  * Update README.Debian:
    - we use libvirtd, not libvirt group (LP: #1095140)
    - we add users from sudo, not admin group, to libvirtd.
  * Handle two usb devices with same vendor/id (LP: #1082213)
    - ubuntu/qemu-Keep-list-of-USB-devices-attached-to-domains
    - ubuntu/usb-create-functions-to-search-usb-device
    - ubuntu/qemu-call-usb-search-function-for-hostdev

  [ Andres Lagar-Cavilla ]
  * Add RESUME event listener to qemu monitor (LP: #1097824)
    - ubuntu/handle_resume.patch

  [ Kirill Zaborsky ]
  * Add proper handling for EINTR signal (LP: #1092826)
    - ubuntu/fix-poll.patch

Date: 2013-09-13 18:38:13.324689+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/precise/+source/libvirt/0.9.8-2ubuntu17.13
-------------- next part --------------
Sorry, changesfile not available.

More information about the Precise-changes mailing list