-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2014:195
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : libvirt
 Date    : October 3, 2014
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 Multiple vulnerabilities has been discovered and corrected in libvirt:
 
 An out-of-bounds read flaw was found in the way libvirt's
 qemuDomainGetBlockIoTune() function looked up the disk index in
 a non-persistent (live) disk configuration while a persistent disk
 configuration was being indexed. A remote attacker able to establish a
 read-only connection to libvirtd could use this flaw to crash libvirtd
 or, potentially, leak memory from the libvirtd process (CVE-2014-3633).
 
 A denial of service flaw was found in the wa