On Mon, Jul 01, 2013 at 10:43:07PM +0200, Salvatore Bonaccorso wrote: > Package: libvirt > Version: 1.0.6-1 > Severity: grave > Tags: security upstream patch fixed-upstream > > Hi, > > the following vulnerability was published for libvirt. > > CVE-2013-2218[0]: > crash when listing network interfaces with filters > > The issue was fixed with commit [1] and introduced previously with > [2].
This will be fixed with 1.1 and only affect 1.0.6. Since 1.0.6 won't migrate due to other rc bugs were "safe" in testing. Cheers, -- Guido > > If you fix the vulnerability please also make sure to include the > CVE (Common Vulnerabilities & Exposures) id in your changelog entry. > > For further information see: > > [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2218 > http://security-tracker.debian.org/tracker/CVE-2013-2218 > [1] > http://libvirt.org/git/?p=libvirt.git;a=commit;h=244e0b8cf15ca2ef48d82058e728656e6c4bad11 > [2] > http://libvirt.org/git/?p=libvirt.git;a=commit;h=7ac2c4fe624f30f2c8270116513fa2ddab07631f > > Regards, > Salvatore > > _______________________________________________ > Pkg-libvirt-maintainers mailing list > [email protected] > http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-libvirt-maintainers > -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
