Package "libvirt-doc"
Name: |
libvirt-doc
|
Description: |
documentation for the libvirt library
|
Latest version: |
1.2.2-0ubuntu13.1.28 |
Release: |
trusty (14.04) |
Level: |
security |
Repository: |
main |
Head package: |
libvirt |
Homepage: |
http://libvirt.org |
Links
Download "libvirt-doc"
Other versions of "libvirt-doc" in Trusty
Changelog
libvirt (1.2.2-0ubuntu13.1.7) trusty-security; urgency=medium
* SECURITY UPDATE: denial of service via virConnectListAllDomains
- debian/patches/CVE-2014-3633.patch: fix domain deadlock in
src/conf/domain_conf.c.
- CVE-2014-3633
* SECURITY UPDATE: xml information leak with read-only connections
- debian/patches/CVE-2014-7823.patch: check for migratable flag in
src/libvirt.c, src/remote/remote_protocol.x.
- CVE-2014-3657
-- Marc Deslauriers <email address hidden> Mon, 10 Nov 2014 19:48:54 -0500
|
Source diff to previous version |
CVE-2014-3633 |
qemu: out-of-bounds read access in qemuDomainGetBlockIoTune() due to invalid index |
CVE-2014-7823 |
dumpxml: information leak with migratable flag |
CVE-2014-3657 |
The virDomainListPopulate function in conf/domain_conf.c in libvirt before 1.2.9 does not clean up the lock on the list of domains, which allows remo |
|
libvirt (1.2.2-0ubuntu13.1.5) trusty-security; urgency=medium
* SECURITY UPDATE: denial of service and possible information disclosure
via crafted XML document
- debian/patches/CVE-2014-0179.patch: don't expand entities when
parsing XML in src/util/virxml.c.
- CVE-2014-0179
- CVE-2014-5177
* SECURITY UPDATE: denial of service or information disclosure via
virDomainGetBlockIoTune
- debian/patches/CVE-2014-3633.patch: use correct definition when
looking up disk in src/qemu/qemu_driver.c.
- CVE-2014-3633
-- Marc Deslauriers <email address hidden> Mon, 29 Sep 2014 15:27:53 -0400
|
CVE-2014-0179 |
libvirt 0.7.5 through 1.2.x before 1.2.5 allows local users to cause a denial of service (read block and hang) via a crafted XML document containing |
CVE-2014-5177 |
libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access control is enabled, allows local users to read arbitrary files via a crafted XML d |
CVE-2014-3633 |
qemu: out-of-bounds read access in qemuDomainGetBlockIoTune() due to invalid index |
|
About
-
Send Feedback to @ubuntu_updates