-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2015:023
http://www.mandriva.com/en/support/security/
_______________________________________________________________________
Package : libvirt
Date : January 15, 2015
Affected: Business Server 1.0
_______________________________________________________________________
Problem Description:
Updated libvirt packages fix security vulnerability:
The qemuDomainMigratePerform and qemuDomainMigrateFinish2 functions
in qemu/qemu_driver.c in libvirt do not unlock the domain when an
ACL check fails, which allow local users to cause a denial of service
via unspecified vectors (CVE-2014-8136).
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8136
http://advisories.mageia.org/MGASA-2015-0002.html
____________________________