Package "libvirt-dev"
Name: |
libvirt-dev
|
Description: |
development files for the libvirt library
|
Latest version: |
0.9.8-2ubuntu17.23 |
Release: |
precise (12.04) |
Level: |
security |
Repository: |
main |
Head package: |
libvirt |
Homepage: |
http://libvirt.org |
Links
Download "libvirt-dev"
Other versions of "libvirt-dev" in Precise
Changelog
libvirt (0.9.8-2ubuntu17.23) precise-security; urgency=medium
* SECURITY UPDATE: unintended firewall port exposure
- debian/patches/CVE-2011-4600.patch: don't add iptables rules for
externally managed networks in src/network/bridge_driver.c.
- CVE-2011-4600
-- Marc Deslauriers Fri, 08 Jan 2016 10:00:16 -0500
|
Source diff to previous version |
libvirt (0.9.8-2ubuntu17.20) precise-security; urgency=medium
* SECURITY UPDATE: denial of service via crafted XML document
- debian/patches/CVE-2014-0179.patch: don't expand entities when
parsing XML in src/util/xml.c.
- CVE-2014-0179
* SECURITY UPDATE: denial of service or information disclosure via
virDomainGetBlockIoTune
- debian/patches/CVE-2014-3633.patch: use correct definition when
looking up disk in src/qemu/qemu_driver.c.
- CVE-2014-3633
-- Marc Deslauriers <email address hidden> Mon, 29 Sep 2014 15:47:47 -0400
|
Source diff to previous version |
CVE-2014-0179 |
libvirt 0.7.5 through 1.2.x before 1.2.5 allows local users to cause a denial of service (read block and hang) via a crafted XML document containing |
CVE-2014-3633 |
qemu: out-of-bounds read access in qemuDomainGetBlockIoTune() due to invalid index |
|
libvirt (0.9.8-2ubuntu17.17) precise-security; urgency=medium
* SECURITY UPDATE: denial of service via job usage issues in several APIs
- debian/patches/CVE-2013-6458.patch: fix races in
src/qemu/qemu_driver.c. Backport virReportError macro to cfg.mk,
src/util/virterror_internal.h.
- CVE-2013-6458
* SECURITY UPDATE: denial of service via keepalive feature
- debian/patches/CVE-2014-1447.patch: make sure connection isn't closed
in src/rpc/virnetserverclient.c.
- CVE-2014-1447
-- Marc Deslauriers <email address hidden> Mon, 20 Jan 2014 15:15:03 -0500
|
Source diff to previous version |
CVE-2013-6458 |
Multiple race conditions in the (1) virDomainBlockStats, (2) ... |
CVE-2014-1447 |
Race condition in the virNetServerClientStartKeepAlive function in ... |
|
libvirt (0.9.8-2ubuntu17.13) precise-security; urgency=low
* SECURITY UPDATE: possible privilege escalation via pkcheck race.
- debian/patches/CVE-2013-4311.patch: add uid to pkcheck call in
configure.ac, daemon/remote.c, src/Makefile.am,
src/rpc/virnetserverclient.*, src/rpc/virnetsocket.c*,
src/util/virprocess.*, src/util/virstring.*.
- debian/patches/CVE-2013-4311-autotools.patch: autotools changes.
- debian/control: specify version of policykit-1 security update, add
libpolkit-gobject-1-dev to Build-Depends.
- CVE-2013-4311
* SECURITY UPDATE: denial of service in remoteDispatchDomainMemoryStats
- debian/patches/CVE-2013-4296.patch: properly initialize stats in
daemon/remote.c.
- CVE-2013-4296
-- Marc Deslauriers <email address hidden> Fri, 13 Sep 2013 14:20:26 -0400
|
Source diff to previous version |
|
libvirt (0.9.8-2ubuntu17.7) precise-security; urgency=low
* SECURITY UPDATE: denial of service via invalid RPC call
- debian/patches/CVE-2012-4423.patch: properly check func in
src/rpc/virnetserverprogram.c.
- CVE-2012-4423
* SECURITY UPDATE: denial of service and possible code execution via
uninitialized pointer
- debian/patches/CVE-2013-0170.patch: remove message from queue before
freeing in src/rpc/virnetserverclient.c.
- CVE-2013-0170
-- Marc Deslauriers <email address hidden> Mon, 28 Jan 2013 16:00:15 -0500
|
|
About
-
Send Feedback to @ubuntu_updates