Fedora 20 Security Update: libvirt-1.1.3.8-1.fc20

Resolved Bugs
1160823 – CVE-2014-3633 libvirt: qemu: out-of-bounds read access in qemuDomainGetBlockIoTune() due to invalid index [fedora-all]
1141131 – CVE-2014-3633 libvirt: qemu: out-of-bounds read access in qemuDomainGetBlockIoTune() due to invalid index
1160824 – CVE-2014-3657 libvirt: domain_conf: domain deadlock DoS [fedora-all]
1145667 – CVE-2014-3657 libvirt: domain_conf: domain deadlock DoS
1160822 – CVE-2014-7823 libvirt: dumpxml: information leak with migratable flag [fedora-all]
1160817 – CVE-2014-7823 libvirt: dumpxml: information leak with migratable flag<br
* Rebased to version 1.1.3.8
* CVE-2014-3633: out-of-bounds read in blockiotune (bz #1160823)
* CVE-2014-3657: Potential deadlock in domain_conf (bz #1160824)
* CVE-2014-7823: information leak with migratable flag (bz #1160822)

Leave a Reply