Source: libvirt Version: 6.4.0-2 Severity: important Tags: security upstream X-Debbugs-Cc: Debian Security Team <t...@security.debian.org>
Hi, The following vulnerability was published for libvirt. CVE-2020-14339[0]: leak of /dev/mapper/control into QEMU guests If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2020-14339 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14339 [1] https://bugzilla.redhat.com/show_bug.cgi?id=1860069 [2] https://www.redhat.com/archives/libvir-list/2020-July/msg01500.html [3] https://www.redhat.com/archives/libvir-list/2020-July/msg01501.html Please adjust the affected versions in the BTS as needed. The issue though appers to be introduce in 6.2.0 only and guess 6.6.0 will contain all the neede depending bits as well. Regards, Salvatore
