[ubuntu/wily-updates] libvirt 1.2.16-2ubuntu11.15.10.2 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Tue Jan 12 18:58:25 UTC 2016
libvirt (1.2.16-2ubuntu11.15.10.2) wily-security; urgency=medium
* SECURITY UPDATE: denial of service via NFS pool volume creation failure
- debian/patches/CVE-2015-5247.patch: correct the mode check in
src/storage/storage_backend.c, handle failure from refreshVol in
src/storage/storage_driver.c, introduce virFileUnlink in
src/libvirt_private.syms, src/storage/storage_backend_fs.c,
src/util/virfile.c, src/util/virfile.h.
- CVE-2015-5247
* SECURITY UPDATE: ACL bypass using storage pool directory traversal
- debian/patches/CVE-2015-5313.patch: filter filesystem volume names in
src/storage/storage_backend_fs.c.
- CVE-2015-5313
Date: 2016-01-08 16:01:14.113620+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/libvirt/1.2.16-2ubuntu11.15.10.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Wily-changes
mailing list