Univention Bugzilla – Full Text Bug Listing |
Summary: | libvirt: Multiple issues (4.3) | ||
---|---|---|---|
Product: | UCS | Reporter: | Philipp Hahn <hahn> |
Component: | Security updates | Assignee: | Philipp Hahn <hahn> |
Status: | CLOSED FIXED | QA Contact: | Arvid Requate <requate> |
Severity: | normal | ||
Priority: | P3 | CC: | requate |
Version: | UCS 4.3 | ||
Target Milestone: | UCS 4.3-0-errata | ||
Hardware: | All | ||
OS: | Linux | ||
What kind of report is it?: | Security Issue | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | ||
Max CVSS v3 score: | 4.2 (CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L) |
Description
Philipp Hahn
2018-03-15 15:25:26 CET
[4.3-0] e88703a480 Bug #46676: libvirt_3.0.0-4+deb9u3A~4.3.0.201803150704 Imported from Debian-Stretch, Patches merged automatically, rebuild --- mirror/ftp/4.3/unmaintained/4.3-0/source/libvirt_3.0.0-4+deb9u1A~4.3.0.201711231149.dsc +++ apt/ucs_4.3-0-errata4.3-0/source/libvirt_3.0.0-4+deb9u3A~4.3.0.201803150704.dsc @@ -1,4 +1,4 @@ -3.0.0-4+deb9u1A~4.3.0.201711231149 [Thu, 23 Nov 2017 11:54:21 +0100] Univention builddaemon <buildd@univention.de>: +3.0.0-4+deb9u3A~4.3.0.201803150704 [Thu, 15 Mar 2018 15:20:21 +0100] Univention builddaemon <buildd@univention.de>: * UCS auto build. The following patches have been applied to the original source package 0001-Bug-35768-Bug-39685-Remove-UCS-dependencies @@ -10,6 +10,20 @@ 0025-Bug-40318-libvirt-Handle-qemu-kvm-1.1.2-migration-in 0026-Bug-21501-add-slash-screen-support +3.0.0-4+deb9u3 [Mon, 12 Mar 2018 19:11:51 +0100] Guido Günther <agx@sigxcpu.org>: + + * gbp: switch branch to stretch + * CVE-2018-1064: qemu: avoid denial of service reading from QEMU guest agent + * CVE-2018-6764: virlog: determine the hostname on startup + (Closes: #889839) + +3.0.0-4+deb9u2 [Sat, 20 Jan 2018 17:51:39 +0100] Guido Günther <agx@sigxcpu.org>: + + * CVE-2018-5748: qemu: avoid denial of service reading from QEMU monitor + (Closes: #887700) + * qemu: shared disks with cache=directsync should be safe for migration. + Thanks to Carsten Burkhardt (Closes: #883208) + 3.0.0-4+deb9u1 [Mon, 16 Oct 2017 22:48:55 +0200] Guido Günther <agx@sigxcpu.org>: * CVE-2017-1000256: qemu: ensure TLS clients always verify the server * UCS specific patches merged and applied during built * Comparison to previously shipped version ok * Binary package update Ok * Advisory: CVE-2018-5748 missing? (In reply to Arvid Requate from comment #3) > * Advisory: CVE-2018-5748 missing? Yes, added: [4.3-0] 89aab99e5b Bug #46676: libvirt 3.0.0-4+deb9u3 YAML fix doc/errata/staging/libvirt.yaml | 2 ++ 1 file changed, 2 insertions(+) |