Format: 1.8 Date: Mon, 17 Jun 2019 07:18:24 -0400 Source: libvirt Binary: libnss-libvirt libvirt-clients libvirt-daemon libvirt-daemon-driver-storage-gluster libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-zfs libvirt-daemon-system libvirt-dev libvirt-sanlock libvirt-wireshark libvirt0 Architecture: i386 i386_translations Version: 5.0.0-1ubuntu2.3 Distribution: disco Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: libnss-libvirt - nss plugin providing IP address resolution for virtual machines libvirt-clients - Programs for the libvirt library libvirt-daemon - Virtualization daemon libvirt-daemon-driver-storage-gluster - Virtualization daemon glusterfs storage driver libvirt-daemon-driver-storage-rbd - Virtualization daemon RBD storage driver libvirt-daemon-driver-storage-zfs - Virtualization daemon ZFS storage driver libvirt-daemon-system - Libvirt daemon configuration files libvirt-dev - development files for the libvirt library libvirt-sanlock - Sanlock plugin for virtlockd libvirt-wireshark - Wireshark dissector for the libvirt protocol libvirt0 - library for interfacing with different virtualization systems Changes: libvirt (5.0.0-1ubuntu2.3) disco-security; urgency=medium . * SECURITY UPDATE: DoS via incorrect permissions check - debian/patches/CVE-2019-3886-1.patch: disallow virDomainGetHostname for read-only connections in src/libvirt-domain.c. - debian/patches/CVE-2019-3886-2.patch: enforce ACL write permission for getting guest time & hostname in src/remote/remote_protocol.x. - CVE-2019-3886 * SECURITY UPDATE: privilege escalation via incorrect socket permissions - debian/patches/CVE-2019-10132-1.patch: reject clients unless their UID matches the current UID in src/admin/admin_server_dispatch.c. - debian/patches/CVE-2019-10132-2.patch: restrict sockets to mode 0600 in src/locking/virtlockd-admin.socket.in, src/locking/virtlockd.socket.in. - debian/patches/CVE-2019-10132-3.patch: restrict sockets to mode 0600 in src/logging/virtlogd-admin.socket.in, src/logging/virtlogd.socket.in. - CVE-2019-10132 Checksums-Sha1: 83da0e0517d36769309547592c20436cc200ef96 458616 libnss-libvirt-dbgsym_5.0.0-1ubuntu2.3_i386.ddeb bff69153d5266b5cc80fd1e8c7e06a5d11c1f294 165680 libnss-libvirt_5.0.0-1ubuntu2.3_i386.deb 560bef077b0df5ea60085e579bfe83e08e09a176 1820240 libvirt-clients-dbgsym_5.0.0-1ubuntu2.3_i386.ddeb 3e08450915030bba3b9bec27a727f5215483c5c3 672204 libvirt-clients_5.0.0-1ubuntu2.3_i386.deb 1bf4128236de720d7af645c46f6946f80fc040cc 11570044 libvirt-daemon-dbgsym_5.0.0-1ubuntu2.3_i386.ddeb 021efaca6ca465aff21224aa29158d7976183098 393868 libvirt-daemon-driver-storage-gluster-dbgsym_5.0.0-1ubuntu2.3_i386.ddeb 63f59b5c3081d64fd02b7e79499eadfa6c7ed43e 78056 libvirt-daemon-driver-storage-gluster_5.0.0-1ubuntu2.3_i386.deb 516b692dc3706a454b3bf8fb264bdafc63d795fd 230176 libvirt-daemon-driver-storage-rbd-dbgsym_5.0.0-1ubuntu2.3_i386.ddeb 58a91fb49eb24660b8711490c30d36569d643837 73420 libvirt-daemon-driver-storage-rbd_5.0.0-1ubuntu2.3_i386.deb e6f775307d03e83c2f573087158c3b22cd3fff86 201148 libvirt-daemon-driver-storage-zfs-dbgsym_5.0.0-1ubuntu2.3_i386.ddeb ab5b2732cb66dd16a3e6525f171e178282636966 67404 libvirt-daemon-driver-storage-zfs_5.0.0-1ubuntu2.3_i386.deb d08fbffd8c4fb3cc7e3bd263f836aa7c82141924 95032 libvirt-daemon-system-dbgsym_5.0.0-1ubuntu2.3_i386.ddeb 83cbd57adb641d0cdde89c04dd16e8a7e10014c3 76624 libvirt-daemon-system_5.0.0-1ubuntu2.3_i386.deb 9ffb294a1e0a4016b89441b00a21b8ca7039fdc9 1767924 libvirt-daemon_5.0.0-1ubuntu2.3_i386.deb 126b97f2555fa83e8b27de42b3ec2ca102bf9a65 146740 libvirt-dev_5.0.0-1ubuntu2.3_i386.deb 62f6393394b5f55f74d7785273e8ebcda4e5c01f 206540 libvirt-sanlock-dbgsym_5.0.0-1ubuntu2.3_i386.ddeb 04142a602a8778902f34d909d13cb290e359f7b8 72760 libvirt-sanlock_5.0.0-1ubuntu2.3_i386.deb 0eba085920bbb19c0a07779677c7adde85f25453 260356 libvirt-wireshark-dbgsym_5.0.0-1ubuntu2.3_i386.ddeb 76f66aa6ea9e0b20c8769e13bcea0d0fc4048c8e 80780 libvirt-wireshark_5.0.0-1ubuntu2.3_i386.deb 1836906381b45bdfa0d2f4d26335139f5cc05973 5237120 libvirt0-dbgsym_5.0.0-1ubuntu2.3_i386.ddeb 3ee7a90ef8f713c4cf6780bac8e783217aabd690 1470416 libvirt0_5.0.0-1ubuntu2.3_i386.deb e618bd5dd3028af79300634d3669c3a0e0e1c918 19997 libvirt_5.0.0-1ubuntu2.3_i386.buildinfo 068b76229ac2c7b6ba31313a2b2c82f1b3561f6f 19327646 libvirt_5.0.0-1ubuntu2.3_i386_translations.tar.gz Checksums-Sha256: d818d36c9fdd6c9db8b88eaeed694bb2b7e888e7e350226d111610ee00fcda11 458616 libnss-libvirt-dbgsym_5.0.0-1ubuntu2.3_i386.ddeb a2b2a1c2b8906678c0942e9abf978adf51f5b6432ed12b45acb68ea95bba7069 165680 libnss-libvirt_5.0.0-1ubuntu2.3_i386.deb cf249b1482ffb28600d5f4375c036252c4b3d2def4f3cfa392efa2832d6b625c 1820240 libvirt-clients-dbgsym_5.0.0-1ubuntu2.3_i386.ddeb f07ae32321c3b7ddb17ea968e77f87aff119dbba4ae1c90c7009f259b1565075 672204 libvirt-clients_5.0.0-1ubuntu2.3_i386.deb 4e7214dedff0621e115db30b02cbd0cd674031839f8297b83ea7cdf413ff7054 11570044 libvirt-daemon-dbgsym_5.0.0-1ubuntu2.3_i386.ddeb 08efb6aaed90a85f48226246922eca4f6c59d5a3ccbc2b7a9f5c8b61de1cecf0 393868 libvirt-daemon-driver-storage-gluster-dbgsym_5.0.0-1ubuntu2.3_i386.ddeb 17be684ba6a6a31b20736add87a1060eb72218d0a735be58edb8adbe6cad9e82 78056 libvirt-daemon-driver-storage-gluster_5.0.0-1ubuntu2.3_i386.deb 945dee0b35a56ed94ab486920cc3d292f7bb4d63ce3e3805a2d1766c20f2f6f3 230176 libvirt-daemon-driver-storage-rbd-dbgsym_5.0.0-1ubuntu2.3_i386.ddeb 6a640889be39bb9c9cc0fdbba587bdf0d3014da87e33dd54fca2c517aa78c8a0 73420 libvirt-daemon-driver-storage-rbd_5.0.0-1ubuntu2.3_i386.deb fb5cb7666464415de982f9e817321678d17d79225729c6f4d627fea807fcb333 201148 libvirt-daemon-driver-storage-zfs-dbgsym_5.0.0-1ubuntu2.3_i386.ddeb 7c4f5a566ca2ed1774e952c6dce9776dfb01a10071e928c93a7a79d515b9b1d5 67404 libvirt-daemon-driver-storage-zfs_5.0.0-1ubuntu2.3_i386.deb 4f8623924a69a58776706f089d2c46c360559703b2556e7d1f05a5dad40612d5 95032 libvirt-daemon-system-dbgsym_5.0.0-1ubuntu2.3_i386.ddeb 6f9dd16c572745d9348e2c1cc6fbd9c26fefaf9950482ece50e6fbf8c7f83fe0 76624 libvirt-daemon-system_5.0.0-1ubuntu2.3_i386.deb b7f9422b8ec34560449e46b1f7e76ba5ffc52ee6b7d734de11723f7a3fa02bf1 1767924 libvirt-daemon_5.0.0-1ubuntu2.3_i386.deb 63e5ecae9b55d2a2bbf370a342e42cd8f264d777fadd0b22fcf6db76aa885814 146740 libvirt-dev_5.0.0-1ubuntu2.3_i386.deb ef8aa58cd715f9571500423b1a17db8a78a5e16230bab84d6aaf4b064645b9aa 206540 libvirt-sanlock-dbgsym_5.0.0-1ubuntu2.3_i386.ddeb 202ca2c22098416c900ddd58b299eee9ac5aee45ac0be355dbee092e923f07a1 72760 libvirt-sanlock_5.0.0-1ubuntu2.3_i386.deb 2b1b69c95fcb36059c9b21ed02c48b53bea5d7a676d8a3443a9a8a7471f52d00 260356 libvirt-wireshark-dbgsym_5.0.0-1ubuntu2.3_i386.ddeb 7bf143a355546f55735cfe56e87b9d56ddfb8c6465bdd2ae37e25d731296e1eb 80780 libvirt-wireshark_5.0.0-1ubuntu2.3_i386.deb 60fc85657a931776a1021619084c95e0a62359a0d5b0385c89ddeead3eb8fd53 5237120 libvirt0-dbgsym_5.0.0-1ubuntu2.3_i386.ddeb 22da2a27e7517d7d3bcc059a186d0aac0d4d1d5191dece0a62502d6cd6167e6c 1470416 libvirt0_5.0.0-1ubuntu2.3_i386.deb 091b9926757edad7b322b03b06de8b77bef0df71c4b847583deb4b02f5fde47e 19997 libvirt_5.0.0-1ubuntu2.3_i386.buildinfo e526e11dd4aa18b2dd05711e39bc1c453ff85179fe15ea80484a3bc690625be8 19327646 libvirt_5.0.0-1ubuntu2.3_i386_translations.tar.gz Files: f315ba76727add4d8b41946e6ac23fe0 458616 debug optional libnss-libvirt-dbgsym_5.0.0-1ubuntu2.3_i386.ddeb 76948aa59ec3d07eeaf53e2ee401a522 165680 libs optional libnss-libvirt_5.0.0-1ubuntu2.3_i386.deb f4f086c5d88dc611c4e33372e2a69f3b 1820240 debug optional libvirt-clients-dbgsym_5.0.0-1ubuntu2.3_i386.ddeb bc65a60c7617783f19ddd51c054c1d71 672204 admin optional libvirt-clients_5.0.0-1ubuntu2.3_i386.deb 8df7102a45f50578e87df8dbe8026c6f 11570044 debug optional libvirt-daemon-dbgsym_5.0.0-1ubuntu2.3_i386.ddeb 6f1edd82f4f50fe0e2326b3c156d1770 393868 debug optional libvirt-daemon-driver-storage-gluster-dbgsym_5.0.0-1ubuntu2.3_i386.ddeb 29d408f797b18413ca03ec8b36ebca76 78056 admin optional libvirt-daemon-driver-storage-gluster_5.0.0-1ubuntu2.3_i386.deb 78c94c43bbeaf1504808d1f1e44d098a 230176 debug optional libvirt-daemon-driver-storage-rbd-dbgsym_5.0.0-1ubuntu2.3_i386.ddeb e5a96ee84a90e01ba0af4679cd832b71 73420 admin optional libvirt-daemon-driver-storage-rbd_5.0.0-1ubuntu2.3_i386.deb 29bf92fd6c9e95fb23b02123428cdebe 201148 debug optional libvirt-daemon-driver-storage-zfs-dbgsym_5.0.0-1ubuntu2.3_i386.ddeb 13418255d17b3bd487fc075d7bd9e100 67404 admin optional libvirt-daemon-driver-storage-zfs_5.0.0-1ubuntu2.3_i386.deb 2f0326fd1a0c89e487c34e31a126149a 95032 debug optional libvirt-daemon-system-dbgsym_5.0.0-1ubuntu2.3_i386.ddeb c6371bfb9cc1cbca8c30419c3b30a999 76624 admin optional libvirt-daemon-system_5.0.0-1ubuntu2.3_i386.deb a8697a35066f7686407559eba593828c 1767924 admin optional libvirt-daemon_5.0.0-1ubuntu2.3_i386.deb 16d2b54fe379dc7535a9508e1c3b5358 146740 libdevel optional libvirt-dev_5.0.0-1ubuntu2.3_i386.deb c4636f14fe7bbf996cccbc5540d6dd6c 206540 debug optional libvirt-sanlock-dbgsym_5.0.0-1ubuntu2.3_i386.ddeb b258f358fda6fab60ea59222edb94da3 72760 libs optional libvirt-sanlock_5.0.0-1ubuntu2.3_i386.deb d2471ec4f4b97409f89a740e44cc9a14 260356 debug optional libvirt-wireshark-dbgsym_5.0.0-1ubuntu2.3_i386.ddeb 611b0381bd19a15c1ee37a040a88e215 80780 libs optional libvirt-wireshark_5.0.0-1ubuntu2.3_i386.deb 8bbc630b4316b220dcea78a0a716eb53 5237120 debug optional libvirt0-dbgsym_5.0.0-1ubuntu2.3_i386.ddeb cb235bf7cd353a3084900012257e3fc0 1470416 libs optional libvirt0_5.0.0-1ubuntu2.3_i386.deb f7d0ca2a3f93e25d5ffdf87ae62ba427 19997 libs optional libvirt_5.0.0-1ubuntu2.3_i386.buildinfo 62ce7a5a61ca7623ad7cd493330b8e1b 19327646 raw-translations - libvirt_5.0.0-1ubuntu2.3_i386_translations.tar.gz Original-Maintainer: Debian Libvirt Maintainers