[Pkg-libvirt-maintainers] Bug#762203: CVE-2014-3633: qemu: out-of-bounds read access in qemuDomainGetBlockIoTune() due to invalid index
Henri Salo
henri at nerv.fi
Fri Sep 19 14:17:26 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Package: libvirt
Version: 1.2.7-11
Severity: important
Tags: fixed-upstream, security
Please fix following vulnerability in libvirt, thank you.
CVE-2014-3633: qemu: out-of-bounds read access in qemuDomainGetBlockIoTune() due
to invalid index
When you fix the vulnerability please also make sure to include the CVE (Common
Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
Upstream fix: http://libvirt.org/git/?p=libvirt.git;a=commit;h=3e745e8f775dfe6f64f18b5c2fe4791b35d3546b
Introduced in: http://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=eca96694a7f992be633d48d5ca03cedc9bbc3c9a (v0.9.8)
RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3633
- ---
Henri Salo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iEYEARECAAYFAlQcOvYACgkQXf6hBi6kbk8AGwCgqs/OmHigrdQtI4GGTvjipEl7
vBoAmgPDROCumWtRTk/IqfICpHbhgSsQ
=7IAE
-----END PGP SIGNATURE-----
More information about the Pkg-libvirt-maintainers
mailing list