Publishing details
Changelog
libvirt (1.3.1-1ubuntu10.19) xenial-security; urgency=medium
[ Leonidas S. Barbosa ]
* SECURITY UPDATE: resource exhaustion resulting in DoS
- debian/patches/CVE-2018-5748.patch: avoid DoS reading from
QEMU monitor in src/qemu/qemu_monitor.c.
- CVE-2018-5748
* SECURITY UPDATE: Bypass authentication
- debian/patches/CVE-2016-5008.patch: let empty default VNC
password work as documented in src/qemu/qemu_hotplug.c.
- CVE-2016-5008
[ Marc Deslauriers ]
* SECURITY UPDATE: code injection via libnss_dns.so
- debian/patches/CVE-2018-6764-1.patch: determine the hostname on
startup in src/util/virlog.c.
- debian/patches/CVE-2018-6764-2.patch: fix syntax-check in
src/util/virlog.c.
- debian/patches/CVE-2018-6764-3.patch: fix deadlock obtaining hostname
in cfg.mk, src/util/virlog.c.
- CVE-2018-6764
-- Marc Deslauriers <email address hidden> Fri, 16 Feb 2018 07:51:15 -0500
Builds
Package files