Package: libvirt Version: 1.1.1-1 Severity: grave Tags: security upstream patch
Hi, the following vulnerability was published for libvirt. (marking this as rc, to not have it enter testing, even there are already rc bugs blocking the migration). CVE-2013-4239[0]: memory corruption in xenDaemonListDefinedDomains function This was introduced only in 1.1.1-1 in commit [1] and there is a fix for it in [2]. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4239 http://security-tracker.debian.org/tracker/CVE-2013-4239 [1] http://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=632180d1 [2] http://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=0e671a16 Regards, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
