SCIENTIFIC-LINUX-ERRATA Archives

January 2013

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Security ERRATA Important: libvirt on SL6.x i386/x86_64
From:
Pat Riehecky <[log in to unmask]>
Reply To:
Pat Riehecky <[log in to unmask]>
Date:
Mon, 28 Jan 2013 14:39:37 -0600
Content-Type:
text/plain
Parts/Attachments:
text/plain (37 lines) 
Synopsis:          Important: libvirt security update
Issue Date:        2013-01-28
CVE Numbers:       CVE-2013-0170
--

A flaw was found in the way libvirtd handled connection cleanup (when a
connection was being closed) under certain error conditions. A remote 
attacker
able to establish a read-only connection to libvirtd could use this flaw to
crash libvirtd or, potentially, execute arbitrary code with the 
privileges of
the root user. (CVE-2013-0170)

After installing the updated packages, libvirtd will be restarted
automatically.
--

SL6
   x86_64
     libvirt-0.9.10-21.el6_3.8.x86_64.rpm
     libvirt-client-0.9.10-21.el6_3.8.i686.rpm
     libvirt-client-0.9.10-21.el6_3.8.x86_64.rpm
     libvirt-debuginfo-0.9.10-21.el6_3.8.i686.rpm
     libvirt-debuginfo-0.9.10-21.el6_3.8.x86_64.rpm
     libvirt-python-0.9.10-21.el6_3.8.x86_64.rpm
     libvirt-devel-0.9.10-21.el6_3.8.i686.rpm
     libvirt-devel-0.9.10-21.el6_3.8.x86_64.rpm
     libvirt-lock-sanlock-0.9.10-21.el6_3.8.x86_64.rpm
   i386
     libvirt-0.9.10-21.el6_3.8.i686.rpm
     libvirt-client-0.9.10-21.el6_3.8.i686.rpm
     libvirt-debuginfo-0.9.10-21.el6_3.8.i686.rpm
     libvirt-python-0.9.10-21.el6_3.8.i686.rpm
     libvirt-devel-0.9.10-21.el6_3.8.i686.rpm

- Scientific Linux Development Team

ATOM RSS1 RSS2