Libvirt is vulnerable to an automake security hole; anyone that runs 'make distcheck' on any existing libvirt release tarball risks a local exploit that can take advantage of world-writable permissions to inject the operation of attacker-controlled code under the capabilities of the developer testing the package. This security hole can be mitigated by either avoiding the use of 'make distcheck', or by setting a restrictive umask (such as 022) before running 'make distcheck'.
Since few people beyond developers tend to run 'make distcheck', I'm not
too worried about pushing out a new libvirt tarball any sooner than the
regular release cycle. But we should definitely upgrade to the latest
gnulib (it adds a syntax check to validate whether the vulnerability
still exists), and ensure that the release of libvirt 0.10.0, as well as
the next maintenance releases of v0.9.{6,11}-maint, have been built with
patched automake.
--
Eric Blake [email protected] +1-919-301-3266
Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature
-- libvir-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/libvir-list
