[ubuntu/quantal-security] libvirt 0.9.13-0ubuntu12.5 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Wed Sep 18 13:33:37 UTC 2013


libvirt (0.9.13-0ubuntu12.5) quantal-security; urgency=low

  * SECURITY UPDATE: possible privilege escalation via pkcheck race.
    - debian/patches/CVE-2013-4311.patch: add uid to pkcheck call in
      configure.ac, daemon/remote.c, src/Makefile.am,
      src/rpc/virnetserverclient.*, src/rpc/virnetsocket.c*,
      src/util/virprocess.*, src/util/virstring.*.
    - debian/rules: use autoreconf.mk.
    - debian/control: specify version of policykit-1 security update, add
      libpolkit-gobject-1-dev, dh-autoreconf and autopoint to Build-Depends
    - CVE-2013-4311
  * SECURITY UPDATE: denial of service in remoteDispatchDomainMemoryStats
    - debian/patches/CVE-2013-4296.patch: properly initialize stats in
      daemon/remote.c.
    - CVE-2013-4296

libvirt (0.9.13-0ubuntu12.3) quantal-proposed; urgency=low

  * put libvirt-bin dnsmasq file into /etc/dnsmasq.d-available, and
    create a symlink in /etc/dnsmasq.d, to avoid problems when removing
    and re-installing libvirt-bin.  (LP: #1113821)
  * Add code to postinst to fix any double-migration of /etc/dnsmasq.
    (LP: #1157332)
  * debian/libvirt-bin.{dirs,install}: install dnsmasq.d-available/libvirt-bin

Date: 2013-09-14 02:41:20.270514+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/quantal/+source/libvirt/0.9.13-0ubuntu12.5
-------------- next part --------------
Sorry, changesfile not available.


More information about the Quantal-changes mailing list