[ubuntu/trusty-security] libvirt 1.2.2-0ubuntu13.1.7 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Tue Nov 11 16:25:59 UTC 2014


libvirt (1.2.2-0ubuntu13.1.7) trusty-security; urgency=medium

  * SECURITY UPDATE: denial of service via virConnectListAllDomains
    - debian/patches/CVE-2014-3633.patch: fix domain deadlock in
      src/conf/domain_conf.c.
    - CVE-2014-3633
  * SECURITY UPDATE: xml information leak with read-only connections
    - debian/patches/CVE-2014-7823.patch: check for migratable flag in
      src/libvirt.c, src/remote/remote_protocol.x.
    - CVE-2014-3657

libvirt (1.2.2-0ubuntu13.1.6) trusty-proposed; urgency=medium

  * 9029-ovs-delete-port-if-it-exists-when-adding-new-one:  cherrypick commit
    33445ce from upstream (LP: #1343262)
  * fix migration failure with ssh password authentication (LP: #1365947)
    - 9030-virsh-add-keepalive-in-new-vshconnect-fn
    - 9031-cmdmigrate-move-vshconnect-before-vshwatchjob
    - 9032-virsh-initialize-vsh-data-in-cmdmigrate
  * libvirt-bin.postinst: check for confiles whichhave been removed rather
    than fail package install (LP: #1375910)
  * Support incoming migration from 12.04 hosts (LP: #1374622)
    - debian/patches/support-incoming-qemu-kvm: add a flag to
      /etc/libvirt/qemu.conf to specify whether pc-1.0 came from a 12.04 host
    - Add a note in README.Debian.

Date: 2014-11-11 14:18:38.328115+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/libvirt/1.2.2-0ubuntu13.1.7
-------------- next part --------------
Sorry, changesfile not available.


More information about the Trusty-changes mailing list