What I was asking is whether I should augment the last sentence from the impact description in comment #20 to clarify that this is only a risk with libvirt 1.3.4 and later. The host-based device connections mention was already there, but I can certainly take that out if you think there's also a distinct security risk even on deployments which aren't allowing host-based connections for root and ephemeral disk devices.
What I was asking is whether I should augment the last sentence from the impact description in comment #20 to clarify that this is only a risk with libvirt 1.3.4 and later. The host-based device connections mention was already there, but I can certainly take that out if you think there's also a distinct security risk even on deployments which aren't allowing host-based connections for root and ephemeral disk devices.