[ubuntu/wily-security] libvirt 1.2.16-2ubuntu11.15.10.2 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Tue Jan 12 17:41:01 UTC 2016

libvirt (1.2.16-2ubuntu11.15.10.2) wily-security; urgency=medium

  * SECURITY UPDATE: denial of service via NFS pool volume creation failure
    - debian/patches/CVE-2015-5247.patch: correct the mode check in
      src/storage/storage_backend.c, handle failure from refreshVol in
      src/storage/storage_driver.c, introduce virFileUnlink in
      src/libvirt_private.syms, src/storage/storage_backend_fs.c,
      src/util/virfile.c, src/util/virfile.h.
    - CVE-2015-5247
  * SECURITY UPDATE: ACL bypass using storage pool directory traversal
    - debian/patches/CVE-2015-5313.patch: filter filesystem volume names in
    - CVE-2015-5313

Date: 2016-01-08 16:01:14.113620+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Wily-changes mailing list