Source: libvirt Version: 1.0.0-1 Severity: important Tags: security upstream patch fixed-upstream
Hi, the following vulnerability was published for libvirt, opening a but in the BTS to have track of it in BTS additionally to security-tracker. CVE-2014-7823[0]: dumpxml: information leak with migratable flag AFAICS [1] applies from a quick look, but the first hunk is in libvirt.c. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2014-7823 [1] http://libvirt.org/git/?p=libvirt.git;a=commit;h=b1674ad5a97441b7e1bd5f5ebaff498ef2fbb11b Regards, Salvatore _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-team
