[ubuntu/raring-security] libvirt 1.0.2-0ubuntu11.13.04.4 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Wed Sep 18 13:33:38 UTC 2013
libvirt (1.0.2-0ubuntu11.13.04.4) raring-security; urgency=low
* SECURITY UPDATE: possible privilege escalation via pkcheck race.
- debian/patches/CVE-2013-4311.patch: add uid to pkcheck call in
configure.ac, daemon/remote.c, src/locking/lock_daemon.c,
src/rpc/virnetserverclient.*, src/rpc/virnetsocket.*,
src/util/virprocess.*, src/util/virstring.*.
- debian/rules: use DEB_AUTO_UPDATE_AUTOCONF and
DEB_AUTO_UPDATE_AUTOHEADER.
- debian/control: specify version of policykit-1 security update, add
libpolkit-gobject-1-dev to Build-Depends.
- CVE-2013-4311
* SECURITY UPDATE: denial of service in remoteDispatchDomainMemoryStats
- debian/patches/CVE-2013-4296.patch: properly initialize stats in
daemon/remote.c.
- CVE-2013-4296
* SECURITY UPDATE: denial of service via bitmap string out of bounds
- debian/patches/CVE-2013-5651.patch: replace virBitmapIsSet usage in
src/util/virbitmap.c, properly handle errors in
- CVE-2013-5651
Date: 2013-09-13 18:19:14.129350+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/raring/+source/libvirt/1.0.2-0ubuntu11.13.04.4
-------------- next part --------------
Sorry, changesfile not available.
More information about the Raring-changes
mailing list