[Pkg-libvirt-maintainers] Bug#719533: libvirt: CVE-2013-4239: memory corruption in xenDaemonListDefinedDomains function
Salvatore Bonaccorso
carnil at debian.org
Mon Aug 12 20:49:21 UTC 2013
Package: libvirt
Version: 1.1.1-1
Severity: grave
Tags: security upstream patch
Hi,
the following vulnerability was published for libvirt.
(marking this as rc, to not have it enter testing, even there are
already rc bugs blocking the migration).
CVE-2013-4239[0]:
memory corruption in xenDaemonListDefinedDomains function
This was introduced only in 1.1.1-1 in commit [1] and there is a fix
for it in [2].
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4239
http://security-tracker.debian.org/tracker/CVE-2013-4239
[1] http://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=632180d1
[2] http://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=0e671a16
Regards,
Salvatore
More information about the Pkg-libvirt-maintainers
mailing list