Important: libvirt security update
Date: Mon, 28 Jan 2013 14:39:37 -0600
Reply-To: Pat Riehecky
Sender: Security Errata for Scientific Linux
From: Pat Riehecky
Organization: Fermilab
Subject: Security ERRATA Important: libvirt on SL6.x i386/x86_64
MIME-Version: 1.0
Synopsis: Important: libvirt security update
Issue Date: 2013-01-28
CVE Numbers: CVE-2013-0170
--
A flaw was found in the way libvirtd handled connection cleanup (when a
connection was being closed) under certain error conditions. A remote
attacker
able to establish a read-only connection to libvirtd could use this flaw to
crash libvirtd or, potentially, execute arbitrary code with the
privileges of
the root user. (CVE-2013-0170)
After installing the updated packages, libvirtd will be restarted
automatically.
--
SL6
x86_64
libvirt-0.9.10-21.el6_3.8.x86_64.rpm
libvirt-client-0.9.10-21.el6_3.8.i686.rpm
libvirt-client-0.9.10-21.el6_3.8.x86_64.rpm
libvirt-debuginfo-0.9.10-21.el6_3.8.i686.rpm
libvirt-debuginfo-0.9.10-21.el6_3.8.x86_64.rpm
libvirt-python-0.9.10-21.el6_3.8.x86_64.rpm
libvirt-devel-0.9.10-21.el6_3.8.i686.rpm
libvirt-devel-0.9.10-21.el6_3.8.x86_64.rpm
libvirt-lock-sanlock-0.9.10-21.el6_3.8.x86_64.rpm
i386
libvirt-0.9.10-21.el6_3.8.i686.rpm
libvirt-client-0.9.10-21.el6_3.8.i686.rpm
libvirt-debuginfo-0.9.10-21.el6_3.8.i686.rpm
libvirt-python-0.9.10-21.el6_3.8.i686.rpm
libvirt-devel-0.9.10-21.el6_3.8.i686.rpm
- Scientific Linux Development Team
lastline