[ Serge Hallyn ]
* 9036-util-prepare-uri-for-libxml2-2.9.2.patch: fix FTBFS against new
libxml 2.9.2 (LP: #1390637)
[ Marc Deslauriers ]
* SECURITY UPDATE: denial of service via virConnectListAllDomains
- debian/patches/CVE-2014-3657.patch: fix domain deadlock in
src/conf/domain_conf.c.
- CVE-2014-3657
* SECURITY UPDATE: xml information leak with read-only connections
- debian/patches/CVE-2014-7823.patch: check for migratable flag in
src/libvirt.c, src/remote/remote_protocol.x.
- CVE-2014-7823
-- Marc Deslauriers <email address hidden> Tue, 11 Nov 2014 13:14:00 -0500
This bug was fixed in the package libvirt - 1.2.8-0ubuntu14
---------------
libvirt (1.2.8-0ubuntu14) vivid; urgency=medium
[ Serge Hallyn ] prepare- uri-for- libxml2- 2.9.2.patch: fix FTBFS against new
* 9036-util-
libxml 2.9.2 (LP: #1390637)
[ Marc Deslauriers ] llDomains patches/ CVE-2014- 3657.patch: fix domain deadlock in conf/domain_ conf.c. patches/ CVE-2014- 7823.patch: check for migratable flag in libvirt. c, src/remote/ remote_ protocol. x.
* SECURITY UPDATE: denial of service via virConnectListA
- debian/
src/
- CVE-2014-3657
* SECURITY UPDATE: xml information leak with read-only connections
- debian/
src/
- CVE-2014-7823
-- Marc Deslauriers <email address hidden> Tue, 11 Nov 2014 13:14:00 -0500