Univention Bugzilla – Bug 49716
libvirt: Multiple issues (4.3)
Last modified: 2019-06-25 09:36:13 CEST
New Debian libvirt 3.0.0-4+deb9u4A~4.3.4.201906241341 fixes: This update addresses the following issues: * arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (CVE-2019-10161) * arbitrary command execution via virConnectGetDomainCapabilities API (CVE-2019-10167)
*** This bug has been marked as a duplicate of bug 49717 ***