-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : libvirt Version : 0.9.12.3-1+deb7u3 CVE ID : CVE-2018-1064 CVE-2018-5748 Debian Bug : 887700
Daniel P. Berrange and Peter Krempa of Red Hat discovered a flaw in libvirt, a virtualization API. A lack of restriction for the amount of data read by QEMU Monitor socket can lead to a denial of service by exhaustion of memory resources. For Debian 7 "Wheezy", these problems have been fixed in version 0.9.12.3-1+deb7u3. We recommend that you upgrade your libvirt packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlq2e89fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeQrWw//YvHnxjcWM7ajvyf1OUWPdc1mpAEgI9RB2GBEiPDY8Ysmj6wfW8spvqdD llNBxj9tRtVS7nk82j4J6bEJp2iPV/abs8mNIMVimhGdOeUDJfRGFbcF+Qx9AHN1 E85P141f//kQK7qF4WyJLLnHqMH26byq3218HYOi/EVqfPL81zefvRjJP2NkFbuN AkaK/1OBK+gV54v4s8CSQawUbbYJz7SY30t+yIGehpIfrxG0k4dLNUfebnpFlJgO 2WRPbnz/FPb2gGmdDqx1i8vk0zvFYg7EwQchfsrN8JSQO6/TA/0LC0weghdCLUt3 Y5QkgLxJWK9TVGZ0ZZAJIvTj1Y/B/jCPPvrYchwYhytlzfKI5ZbCp8ugBpQbqOV1 wONIdpJxSu2hBE0O8Fm/OpEVUKcO7QOMj1mAyfSBtFKCkKcJkjzRISxQ5WFhSA4/ 8kf43cHgkGJXftP2eEepmNeGf0moA5IKV/SROlHtch1ZVqcj+2WyG05RMXKWSn5V l8cs8U8xZW70oqguLEHixWxkPZ0RIBHSEqRyoO+ISXg/L/fsMXlU1E8Z2OTgBi3T PmCX1TirJhLGHiyIuZdGNASAT2r80vm/4Byp5+aYVQavwBRO5BKfQkGk3T6mOsvx cSVa9gX1nlpShf6n9GsO7HJR076a/Du+ccI16FJ5ifyjOrR53bU= =Kqni -----END PGP SIGNATURE-----
