User: Password:
Subscribe / Log in / New account

Pardus alert 2011-102 (libvirt)

From:  Meltem Parmaksız <>
Subject:  [Pardus-security] [PLSA 2011-102] libvirt: Multiple Vulnerabilities
Date:  Thu, 4 Aug 2011 14:28:11 +0300
Message-ID:  <>
Archive-link:  Article, Thread

------------------------------------------------------------------------ Pardus Linux Security Advisory 2011-102 ------------------------------------------------------------------------ Date: 2011-08-04 Type: Remote ------------------------------------------------------------------------ Summary ======= Multiple vulnerabilities have been fixed in libvirt. Description =========== CVE-2011-1486: When several libvirtd threads are reporting errors at the same time, the errors can get mixed or corrupted, potentially leading to a libvirtd crash (DoS). CVE-2011-1146: It has been found that several libvirt API calls (virNodeDeviceDettach, virNodeDeviceReset, virDomainRevertToSnapshot, virDomainSnapshotDelete) did notm honour read-only connection. Remote attacker could use this flaw to crash the host server (DoS) Affected packages: Pardus 2009: libvirt, all before 0.8.7-14-8 Resolution ========== There are update(s) for libvirt. You can update them via Package Manager or with a single command from console: pisi up libvirt References ========== * * ------------------------------------------------------------------------ _______________________________________________ Pardus-Security mailing list

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds