[Pkg-libvirt-maintainers] Bug#677496: Bug#677496: CVE-2012-2693
Guido Günther
agx at sigxcpu.org
Thu Jun 14 18:17:25 UTC 2012
On Thu, Jun 14, 2012 at 12:23:06PM +0200, Moritz Muehlenhoff wrote:
> Package: libvirt
> Severity: important
> Tags: security
>
> This is already fixed in experimental, but I'm not sure if 0.9.12 is targeted
> at Wheezy, so I'm filing a bug.
0.9.13 is targeted for wheezy (to be released in June) however I've
uploded 0.9.12 to fix this bug.
> There's a security issue in libvirt concerning USB handling, it was fixed by
> the patches listed in this Red Hat bug:
>
> https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2693
>
> The impact seems minor to me, so I don't think we need a DSA for Squeeze.
O.k. - in case this should become necessary just let me know. I'll try
to get a backport uploaded once we made the transition.
Cheers,
-- Guido
More information about the Pkg-libvirt-maintainers
mailing list