[ubuntu/wily-security] libvirt 1.2.16-2ubuntu11.15.10.2 (Accepted)

Marc Deslauriers Tue, 12 Jan 2016 09:42:12 -0800

libvirt (1.2.16-2ubuntu11.15.10.2) wily-security; urgency=medium

  * SECURITY UPDATE: denial of service via NFS pool volume creation failure
    - debian/patches/CVE-2015-5247.patch: correct the mode check in
      src/storage/storage_backend.c, handle failure from refreshVol in
      src/storage/storage_driver.c, introduce virFileUnlink in
      src/libvirt_private.syms, src/storage/storage_backend_fs.c,
      src/util/virfile.c, src/util/virfile.h.
    - CVE-2015-5247
  * SECURITY UPDATE: ACL bypass using storage pool directory traversal
    - debian/patches/CVE-2015-5313.patch: filter filesystem volume names in
      src/storage/storage_backend_fs.c.
    - CVE-2015-5313


Date: 2016-01-08 16:01:14.113620+00:00
Changed-By: Marc Deslauriers <[email protected]>
https://launchpad.net/ubuntu/+source/libvirt/1.2.16-2ubuntu11.15.10.2

Sorry, changesfile not available.

-- 
Wily-changes mailing list
[email protected]
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/wily-changes

[ubuntu/wily-security] libvirt 1.2.16-2ubuntu11.15.10.2 (Accepted)

Reply via email to