Publishing details

Removed from disk on 2018-03-01.
Removal requested on 2018-03-01.
Superseded on 2018-02-28 by libvirt - 3.6.0-1ubuntu6.4~cloud0
Published on 2018-02-21

Changelog

libvirt (3.6.0-1ubuntu6.3~cloud0) xenial-pike; urgency=medium

  * New update for the Ubuntu Cloud Archive.

libvirt (3.6.0-1ubuntu6.3) artful-security; urgency=medium

  [ Leonidas S. Barbosa ]
  * SECURITY UPDATE: resource exhaustion resulting in DoS
    - debian/patches/CVE-2018-5748.patch: avoid DoS reading from
      QEMU monitor in src/qemu/qemu_monitor.c.
    - CVE-2018-5748
  * SECURITY UPDATE: Failure to validate SSL/TLS certificates
    - debian/patches/CVE-2017-1000256.patch: ensure TLS clients always verify
      the server certificate in src/qemu/qemu_command.c.
    - CVE-2017-1000256

  [ Marc Deslauriers ]
  * SECURITY UPDATE: code injection via libnss_dns.so
    - debian/patches/CVE-2018-6764-1.patch: determine the hostname on
      startup in src/util/virlog.c.
    - debian/patches/CVE-2018-6764-2.patch: fix syntax-check in
      src/util/virlog.c.
    - debian/patches/CVE-2018-6764-3.patch: fix deadlock obtaining hostname
      in cfg.mk, src/util/virlog.c.
    - CVE-2018-6764

 -- Openstack Ubuntu Testing Bot <email address hidden>  Tue, 20 Feb 2018 23:51:43 +0000

Publishing details

Changelog

Available diffs

Builds

Package files