New Debian libvirt 3.0.0-4+deb9u4A~4.3.4.201906241341 fixes: This update addresses the following issues: * arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (CVE-2019-10161) * arbitrary command execution via virConnectGetDomainCapabilities API (CVE-2019-10167)
*** This bug has been marked as a duplicate of bug 49717 ***