[Pkg-libvirt-maintainers] Bug#714699: Bug#714699: libvirt: CVE-2013-2218: crash when listing network interfaces with filters
Guido Günther
agx at sigxcpu.org
Mon Jul 1 21:17:36 UTC 2013
On Mon, Jul 01, 2013 at 10:43:07PM +0200, Salvatore Bonaccorso wrote:
> Package: libvirt
> Version: 1.0.6-1
> Severity: grave
> Tags: security upstream patch fixed-upstream
>
> Hi,
>
> the following vulnerability was published for libvirt.
>
> CVE-2013-2218[0]:
> crash when listing network interfaces with filters
>
> The issue was fixed with commit [1] and introduced previously with
> [2].
This will be fixed with 1.1 and only affect 1.0.6. Since 1.0.6 won't
migrate due to other rc bugs were "safe" in testing.
Cheers,
-- Guido
>
> If you fix the vulnerability please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
>
> For further information see:
>
> [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2218
> http://security-tracker.debian.org/tracker/CVE-2013-2218
> [1] http://libvirt.org/git/?p=libvirt.git;a=commit;h=244e0b8cf15ca2ef48d82058e728656e6c4bad11
> [2] http://libvirt.org/git/?p=libvirt.git;a=commit;h=7ac2c4fe624f30f2c8270116513fa2ddab07631f
>
> Regards,
> Salvatore
>
> _______________________________________________
> Pkg-libvirt-maintainers mailing list
> Pkg-libvirt-maintainers at lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-libvirt-maintainers
>
More information about the Pkg-libvirt-maintainers
mailing list