Vulnerabilities > CVE-2012-4423 - Unspecified vulnerability in Redhat Libvirt
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN redhat
nessus
Summary
The virNetServerProgramDispatchCall function in libvirt before 0.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and segmentation fault) via an RPC call with (1) an event as the RPC number or (2) an RPC number whose value is in a "gap" in the RPC dispatch table.
Vulnerable Configurations
Nessus
NASL family SuSE Local Security Checks NASL id OPENSUSE-2013-105.NASL description libvirt was updated to fix some bugs and security issues : Security issues fixed : - Fix crash on error paths of message dispatching, CVE-2013-0170 bnc#800976 - security: Fix libvirtd crash possibility CVE-2012-4423 bnc#780432 Also bugs were fixed : - qemu: Fix probing for guest capabilities bnc#772586 - xen-xm: Generate UUID if not specified bnc#773626 - xenParseXM: don last seen 2020-06-05 modified 2014-06-13 plugin id 74880 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/74880 title openSUSE Security Update : libvirt (openSUSE-SU-2013:0274-1) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2013-105. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(74880); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2012-4423", "CVE-2013-0170"); script_name(english:"openSUSE Security Update : libvirt (openSUSE-SU-2013:0274-1)"); script_summary(english:"Check for the openSUSE-2013-105 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "libvirt was updated to fix some bugs and security issues : Security issues fixed : - Fix crash on error paths of message dispatching, CVE-2013-0170 bnc#800976 - security: Fix libvirtd crash possibility CVE-2012-4423 bnc#780432 Also bugs were fixed : - qemu: Fix probing for guest capabilities bnc#772586 - xen-xm: Generate UUID if not specified bnc#773626 - xenParseXM: don't dereference NULL pointer when script is empty bnc#773621" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=772586" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=773621" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=773626" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=780432" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=800976" ); script_set_attribute( attribute:"see_also", value:"https://lists.opensuse.org/opensuse-updates/2013-02/msg00026.html" ); script_set_attribute( attribute:"solution", value:"Update the affected libvirt packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-client"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-client-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-client-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-client-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-devel-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-python"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-python-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:12.1"); script_set_attribute(attribute:"patch_publication_date", value:"2013/02/04"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE12\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "12.1", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE12.1", reference:"libvirt-0.9.6-3.13.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"libvirt-client-0.9.6-3.13.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"libvirt-client-debuginfo-0.9.6-3.13.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"libvirt-debuginfo-0.9.6-3.13.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"libvirt-debugsource-0.9.6-3.13.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"libvirt-devel-0.9.6-3.13.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"libvirt-python-0.9.6-3.13.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"libvirt-python-debuginfo-0.9.6-3.13.1") ) flag++; if ( rpm_check(release:"SUSE12.1", cpu:"x86_64", reference:"libvirt-client-32bit-0.9.6-3.13.1") ) flag++; if ( rpm_check(release:"SUSE12.1", cpu:"x86_64", reference:"libvirt-client-debuginfo-32bit-0.9.6-3.13.1") ) flag++; if ( rpm_check(release:"SUSE12.1", cpu:"x86_64", reference:"libvirt-devel-32bit-0.9.6-3.13.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libvirt"); }
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2012-1375.NASL description An updated rhev-hypervisor6 package that fixes one security issue and one bug is now available. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A flaw was found in the way socket buffers (skb) requiring TSO (TCP segment offloading) were handled by the sfc driver. If the skb did not fit within the minimum-size of the transmission queue, the network card could repeatedly reset itself. A remote attacker could use this flaw to cause a denial of service. (CVE-2012-3412) Red Hat would like to thank Ben Hutchings of Solarflare (tm) for reporting this issue. This updated package provides updated components that include a fix for one security issue. This issue had no security impact on Red Hat Enterprise Virtualization Hypervisor itself, however. The security fix included in this update addresses the following CVE number : CVE-2012-4423 (libvirt issue) This update also fixes the following bug : * A dependency issue was found between the rhev-hypervisor-tools and rhev-hypervisor6-tools packages. Every time a user with one of the -tools packages installed ran last seen 2020-06-01 modified 2020-06-02 plugin id 78938 published 2014-11-08 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/78938 title RHEL 6 : rhev-hypervisor6 (RHSA-2012:1375) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2012:1375. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(78938); script_version("1.12"); script_cvs_date("Date: 2019/10/24 15:35:36"); script_cve_id("CVE-2012-3412"); script_bugtraq_id(54763); script_xref(name:"RHSA", value:"2012:1375"); script_name(english:"RHEL 6 : rhev-hypervisor6 (RHSA-2012:1375)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "An updated rhev-hypervisor6 package that fixes one security issue and one bug is now available. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A flaw was found in the way socket buffers (skb) requiring TSO (TCP segment offloading) were handled by the sfc driver. If the skb did not fit within the minimum-size of the transmission queue, the network card could repeatedly reset itself. A remote attacker could use this flaw to cause a denial of service. (CVE-2012-3412) Red Hat would like to thank Ben Hutchings of Solarflare (tm) for reporting this issue. This updated package provides updated components that include a fix for one security issue. This issue had no security impact on Red Hat Enterprise Virtualization Hypervisor itself, however. The security fix included in this update addresses the following CVE number : CVE-2012-4423 (libvirt issue) This update also fixes the following bug : * A dependency issue was found between the rhev-hypervisor-tools and rhev-hypervisor6-tools packages. Every time a user with one of the -tools packages installed ran 'yum update', the -tools package they had installed was removed and the other one installed. Even though rhev-hypervisor-tools obsoleted rhev-hypervisor6-tools, this update includes an updated rhev-hypervisor6-tools package that corrects this issue. Note that the package does not have meaningful content, is only here to fix the dependency issue, and may be removed by a future update. (BZ#855391) This update includes the ovirt-node build from RHBA-2012:1374 : https://rhn.redhat.com/errata/RHBA-2012-1374.html Users of the Red Hat Enterprise Virtualization Hypervisor are advised to upgrade to this updated package, which fixes these issues." ); # https://rhn.redhat.com/errata/RHBA-2012-1374.html script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHBA-2012:1374" ); # https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/5/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?2be17ee0" ); # https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?b5caa05f" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2012:1375" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2012-3412" ); script_set_attribute( attribute:"solution", value: "Update the affected rhev-hypervisor6 and / or rhev-hypervisor6-tools packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rhev-hypervisor6"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rhev-hypervisor6-tools"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6"); script_set_attribute(attribute:"vuln_publication_date", value:"2012/10/03"); script_set_attribute(attribute:"patch_publication_date", value:"2012/10/18"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/11/08"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 6.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2012:1375"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL6", reference:"rhev-hypervisor6-6.3-20121012.0.el6_3")) flag++; if (rpm_check(release:"RHEL6", reference:"rhev-hypervisor6-tools-6.3-20121012.0.el6_3")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "rhev-hypervisor6 / rhev-hypervisor6-tools"); } }
NASL family Fedora Local Security Checks NASL id FEDORA_2012-15640.NASL description - Rebased to version 0.9.6.3 - CVE-2012-4423 Fix null dereference (bz #857135, bz #857133) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2012-10-17 plugin id 62569 published 2012-10-17 reporter This script is Copyright (C) 2012-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/62569 title Fedora 16 : libvirt-0.9.6.3-1.fc16 (2012-15640) NASL family Scientific Linux Local Security Checks NASL id SL_20121011_LIBVIRT_ON_SL6_X.NASL description The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. A flaw was found in libvirtd last seen 2020-03-18 modified 2012-10-12 plugin id 62506 published 2012-10-12 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/62506 title Scientific Linux Security Update : libvirt on SL6.x i386/x86_64 (20121011) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1708-1.NASL description Wenlong Huang discovered that libvirt incorrectly handled certain RPC calls. A remote attacker could exploit this and cause libvirt to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS. (CVE-2012-4423) Tingting Zheng discovered that libvirt incorrectly handled cleanup under certain error conditions. A remote attacker could exploit this and cause libvirt to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2013-0170). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 64289 published 2013-01-30 reporter Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/64289 title Ubuntu 12.04 LTS / 12.10 : libvirt vulnerabilities (USN-1708-1) NASL family SuSE Local Security Checks NASL id SUSE_11_LIBVIRT-201211-121102.NASL description libvirt received security and bugfixes : - Fixed a libvirt remote denial of service (crash) problem. The following bugs have been fixed :. (CVE-2012-4423) - qemu: Fix probing for guest capabilities - xen-xm: Generate UUID if not specified - xenParseXM: don last seen 2020-06-05 modified 2013-01-25 plugin id 64201 published 2013-01-25 reporter This script is Copyright (C) 2013-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/64201 title SuSE 11.2 Security Update : libvirt (SAT Patch Number 7015) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2012-1359.NASL description Updated libvirt packages that fix one security issue and multiple bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. A flaw was found in libvirtd last seen 2020-06-01 modified 2020-06-02 plugin id 62520 published 2012-10-15 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/62520 title CentOS 6 : libvirt (CESA-2012:1359) NASL family Fedora Local Security Checks NASL id FEDORA_2012-15634.NASL description - Rebased to version 0.9.11.6 - Fix LXC domain startup with selinux=disabled (bz #858104) - CVE-2012-4423 Fix null dereference (bz #857135, bz #857133) - dnsmasq: avoid forwarding queries without a domain (bz #849787) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2012-10-16 plugin id 62551 published 2012-10-16 reporter This script is Copyright (C) 2012-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/62551 title Fedora 17 : libvirt-0.9.11.6-1.fc17 (2012-15634) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2012-1359.NASL description From Red Hat Security Advisory 2012:1359 : Updated libvirt packages that fix one security issue and multiple bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. A flaw was found in libvirtd last seen 2020-06-01 modified 2020-06-02 plugin id 68637 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68637 title Oracle Linux 6 : libvirt (ELSA-2012-1359) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2012-1359.NASL description Updated libvirt packages that fix one security issue and multiple bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. A flaw was found in libvirtd last seen 2020-06-01 modified 2020-06-02 plugin id 62505 published 2012-10-12 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/62505 title RHEL 6 : libvirt (RHSA-2012:1359)
Redhat
advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
rpms |
|
References
- https://www.redhat.com/archives/libvir-list/2012-September/msg00843.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090121.html
- http://rhn.redhat.com/errata/RHSA-2012-1359.html
- http://www.openwall.com/lists/oss-security/2012/09/13/14
- https://bugzilla.redhat.com/show_bug.cgi?id=857133
- http://www.securitytracker.com/id?1027649
- http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089976.html
- http://www.securityfocus.com/bid/55541
- http://www.ubuntu.com/usn/USN-1708-1
- http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00001.html
- http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=b7ff9e696063189a715802d081d55a398663c15a
- http://libvirt.org/git/?p=libvirt.git%3Ba=commitdiff%3Bh=f8fbeb50d52520a109d71c8566fed2ea600650ec