Debian alert DSA-2650-2 (libvirt)
| From: | Yves-Alexis Perez <corsac@debian.org> | |
| To: | debian-security-announce@lists.debian.org | |
| Subject: | [SECURITY] [DSA 2650-2] libvirt regression update | |
| Date: | Sun, 17 Mar 2013 23:01:58 +0100 | |
| Message-ID: | <20130317220154.GA25535@scapa.corsac.net> | |
| Archive‑link: | Article |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2650-2 security@debian.org http://www.debian.org/security/ Yves-Alexis Perez March 17, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libvirt Vulnerability : files and device nodes ownership change to kvm group Problem type : local Debian-specific: yes CVE ID : CVE-2013-1766 Debian Bug : 701649 The recent security update for libvirt was found to cause a regression. The kvm/qemu processes weren't run as the `kvm` user anymore in order to fix the file/device ownership changes, but the processes where not correctly configured to use the `kvm` group either. When the user would try to run a virtual machine, the process was denied access to the /dev/kvm device node, preventing the virtual machine to run. For the stable distribution (squeeze), this problem has been fixed in version 0.8.3-5+squeeze5. We recommend that you upgrade your libvirt packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iQEcBAEBCgAGBQJRRj1OAAoJEG3bU/KmdcCltXgH/15HV8NfOc8zjnHfbmGoG0ZV ihcLP6zdBOlrdnfl54sGyGXWh2Gw95O8anrYuIUPSlduhHh5XxNXq2nl/+qYORo5 ltpFp82dQuUz0B93QuQ8bYyg6BfM7pXE8G7FkWYbPvd6LzAOp8F1ldTjLwLjWDLP tFQ+YoNK+IW8ZxB7cXxO/szgdblby4ZwHS2tUfNB4+J1/+pwdxKcEoHf43ap528q brEbFq5EcFqPAxnY7f127J5zyFjX6BM/+NmEgNb4NiVW4JqeBguHOed0XmTAIFwt RIzt/kipO/GVGbtk2faMyrTZOvxchq1Kq2wnCgFGJTkP9rS0g44JlnIdIkqqVck= =+lg6 -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org Archive: http://lists.debian.org/20130317220154.GA25535@scapa.cors...