diff -Nru libvirt-2.1.0/debian/changelog libvirt-2.1.0/debian/changelog
--- libvirt-2.1.0/debian/changelog	2016-10-06 05:14:05.000000000 -0500
+++ libvirt-2.1.0/debian/changelog	2016-10-28 07:48:36.000000000 -0500
@@ -1,3 +1,11 @@
+libvirt (2.1.0-1ubuntu9uidgid1) UNRELEASED; urgency=medium
+
+  * Set libvirt-qemu UID & GID if available; don't fail otherwise. (LP: #)
+    - (debian) CVE-2013-1766: Use libvirt-qemu as group to run qemu/kvm instances
+    - debian/libvirt-bin.postinst: check/set UID and GID for libvirt-qemu
+
+ -- Mauricio Faria de Oliveira <mauricfo@linux.vnet.ibm.com>  Wed, 26 Oct 2016 11:05:38 -0200
+
 libvirt (2.1.0-1ubuntu9) yakkety; urgency=medium
 
   * Fix libvirt-guest.sh to handle multiple guests (LP: #1591695).
diff -Nru libvirt-2.1.0/debian/libvirt-daemon-system.postinst libvirt-2.1.0/debian/libvirt-daemon-system.postinst
--- libvirt-2.1.0/debian/libvirt-daemon-system.postinst	2016-10-06 05:14:05.000000000 -0500
+++ libvirt-2.1.0/debian/libvirt-daemon-system.postinst	2016-10-28 07:48:36.000000000 -0500
@@ -17,6 +17,10 @@
 # for details, see http://www.debian.org/doc/debian-policy/ or
 # the debian-policy package
 
+# Allocated UID and GID for libvirt-qemu
+libvirt_qemu_uid=64055
+libvirt_qemu_gid=64055
+
 add_users_groups()
 {
     if ! getent group libvirt >/dev/null; then
@@ -44,6 +48,13 @@
     fi
     # user and group libvirt runs qemu/kvm instances with
     if ! getent passwd libvirt-qemu >/dev/null; then
+
+	# set uid if available (expected); don't fail otherwise.
+	parameter_uid=''
+	if ! getent passwd $libvirt_qemu_uid >/dev/null; then
+		parameter_uid="--uid $libvirt_qemu_uid"
+	fi
+
         adduser --quiet \
             --system \
             --ingroup kvm \
@@ -53,10 +64,18 @@
             --home /var/lib/libvirt \
             --no-create-home \
             --gecos "Libvirt Qemu" \
+            $parameter_uid \
             libvirt-qemu
     fi
     if ! getent group libvirt-qemu >/dev/null; then
-        addgroup --quiet --system libvirt-qemu
+
+	# set gid if available (expected); don't fail otherwise.
+	parameter_gid=''
+	if ! getent group $libvirt_qemu_gid >/dev/null; then
+		parameter_gid="--gid $libvirt_qemu_gid"
+	fi
+
+        addgroup --quiet --system $parameter_gid libvirt-qemu
         adduser libvirt-qemu libvirt-qemu
     fi
     if ! getent passwd libvirt-dnsmasq >/dev/null; then
diff -Nru libvirt-2.1.0/debian/rules libvirt-2.1.0/debian/rules
--- libvirt-2.1.0/debian/rules	2016-10-06 05:14:05.000000000 -0500
+++ libvirt-2.1.0/debian/rules	2016-10-28 07:48:36.000000000 -0500
@@ -90,7 +90,7 @@
 	--disable-rpath          \
 	--with-qemu		 \
 	--with-qemu-user=libvirt-qemu  \
-	--with-qemu-group=kvm \
+	--with-qemu-group=libvirt-qemu \
 	$(WITH_OPENVZ)		 \
 	--with-avahi             \
 	--with-sasl              \