Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

libvirt: CVE-2014-0028

Related Vulnerabilities: CVE-2014-0028   CVE-2014-1447   CVE-2013-6457  

Source

Debian Bug report logs - #735676
libvirt: CVE-2014-0028

version graph

Package: libvirt; Maintainer for libvirt is Debian Libvirt Maintainers <pkg-libvirt-maintainers@lists.alioth.debian.org>;

Reported by: Moritz Muehlenhoff <jmm@inutil.org>

Date: Fri, 17 Jan 2014 11:54:01 UTC

Severity: important

Tags: security

Fixed in version libvirt/1.2.1-1

Done: Guido Günther <agx@sigxcpu.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian Libvirt Maintainers <pkg-libvirt-maintainers@lists.alioth.debian.org>:
Bug#735676; Package libvirt. (Fri, 17 Jan 2014 11:54:06 GMT) (full text, mbox, link).

Acknowledgement sent to Moritz Muehlenhoff <jmm@inutil.org>:
New Bug report received and forwarded. Copy sent to team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian Libvirt Maintainers <pkg-libvirt-maintainers@lists.alioth.debian.org>. (Fri, 17 Jan 2014 11:54:06 GMT) (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Moritz Muehlenhoff <jmm@inutil.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: libvirt: CVE-2014-0028
Date: Fri, 17 Jan 2014 12:42:19 +0100
Package: libvirt
Severity: important
Tags: security

This was assigned CVE-2014-0028:
https://www.redhat.com/archives/libvir-list/2014-January/msg00684.html

oldstable/stable not affected.

Cheers,
        Moritz

Reply sent to Guido Günther <agx@sigxcpu.org>:
You have taken responsibility. (Fri, 17 Jan 2014 18:36:29 GMT) (full text, mbox, link).

Notification sent to Moritz Muehlenhoff <jmm@inutil.org>:
Bug acknowledged by developer. (Fri, 17 Jan 2014 18:36:29 GMT) (full text, mbox, link).

Message #10 received at 735676-close@bugs.debian.org (full text, mbox, reply):

From: Guido Günther <agx@sigxcpu.org>
To: 735676-close@bugs.debian.org
Subject: Bug#735676: fixed in libvirt 1.2.1-1
Date: Fri, 17 Jan 2014 18:34:34 +0000
Source: libvirt
Source-Version: 1.2.1-1

We believe that the bug you reported is fixed in the latest version of
libvirt, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 735676@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Guido Günther <agx@sigxcpu.org> (supplier of updated libvirt package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 17 Jan 2014 06:16:29 +0100
Source: libvirt
Binary: libvirt-bin libvirt0 libvirt0-dbg libvirt-doc libvirt-dev libvirt-sanlock
Architecture: source i386 all
Version: 1.2.1-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Libvirt Maintainers <pkg-libvirt-maintainers@lists.alioth.debian.org>
Changed-By: Guido Günther <agx@sigxcpu.org>
Description: 
 libvirt-bin - programs for the libvirt library
 libvirt-dev - development files for the libvirt library
 libvirt-doc - documentation for the libvirt library
 libvirt-sanlock - library for interfacing with different virtualization systems
 libvirt0   - library for interfacing with different virtualization systems
 libvirt0-dbg - library for interfacing with different virtualization systems
Closes: 735676
Changes: 
 libvirt (1.2.1-1) unstable; urgency=medium
 .
   * Upload to unstable
   * [22e83d7] New upstream version 1.2.1.
     Fixes CVE-2014-0028, CVE-2014-1447, CVE-2013-6457
     (Closes: #735676)
Checksums-Sha1: 
 1b68d298a2ff71e23cc0cf0bb5a9045313d99906 2586 libvirt_1.2.1-1.dsc
 ea8e237e0df9f1828ff4a7a649c42aa45af7ecd7 27228694 libvirt_1.2.1.orig.tar.gz
 2019e90ef92c1ae8611fee1cf925fede961697e7 44218 libvirt_1.2.1-1.debian.tar.gz
 9149baf57173d857bc791323193b302785ab5044 3570636 libvirt-bin_1.2.1-1_i386.deb
 1b9fcbf840236ba7022a81ea52a77c3678b1450e 2518654 libvirt0_1.2.1-1_i386.deb
 049790f558e4b8937b662eec39f5c3ef8e407c10 7783324 libvirt0-dbg_1.2.1-1_i386.deb
 0ecd710c827bfce1d1fb1a43b852d7fff5483de0 2768956 libvirt-doc_1.2.1-1_all.deb
 255b57f2fbc0b3413413495a48d9bd76c8ddd7ec 1826464 libvirt-dev_1.2.1-1_i386.deb
 75abb399caa8e9764e8ea3b86be00cebb6f96d43 1759328 libvirt-sanlock_1.2.1-1_i386.deb
Checksums-Sha256: 
 15823f25790df6126be5a03ea34a6342e3d900ecd38b48bdc42405625d42b1d6 2586 libvirt_1.2.1-1.dsc
 bc29b5751bf36753c17e2fdbb75e70c7b07df3d9527586d3426e90f5f4abb898 27228694 libvirt_1.2.1.orig.tar.gz
 19318b63c9ecb1a3807531d2f2bc520c2fdab2581d32fcc4ec26cacc80bdd568 44218 libvirt_1.2.1-1.debian.tar.gz
 273c0917d082c6b26ecd84b895862640f354484c4dde10d5df4a19220c78f6d9 3570636 libvirt-bin_1.2.1-1_i386.deb
 d5ce55c095652f1b12b1a97300e7b997fa8905085591bf33043a9d78e53a4187 2518654 libvirt0_1.2.1-1_i386.deb
 1fda77bece795eaf01c85de17b9ed02cab381dba301fd9a2fe3df6ef71ae52b9 7783324 libvirt0-dbg_1.2.1-1_i386.deb
 8c3d2d59a1e4f9f390c13c6c8e973d7ea0366aa15c891b849bffe1cb8925e720 2768956 libvirt-doc_1.2.1-1_all.deb
 5ac7d242536eaf7d4c57ca8d12ba98e7768a3d942e4ac79521ceb2bb795fc4df 1826464 libvirt-dev_1.2.1-1_i386.deb
 f7885e476945afff4476d2d8b78fd235d3ccb4fa219c2bf0fdf0ce1871e3c715 1759328 libvirt-sanlock_1.2.1-1_i386.deb
Files: 
 a5da55ad46193a0b5c75bc484b207bb1 2586 libs optional libvirt_1.2.1-1.dsc
 cce374220f67895afb6331bd2ddedbfd 27228694 libs optional libvirt_1.2.1.orig.tar.gz
 d12b27762fa93b8ed99d921d31306f3d 44218 libs optional libvirt_1.2.1-1.debian.tar.gz
 d908b5135747d40eb02a7b20660481b3 3570636 admin optional libvirt-bin_1.2.1-1_i386.deb
 b4aed7e6724261c1e818752dc85de04d 2518654 libs optional libvirt0_1.2.1-1_i386.deb
 6b1a603d70e4cb7573f7b2f0ecfd5344 7783324 debug extra libvirt0-dbg_1.2.1-1_i386.deb
 7fb0a0a7e6f1f55d6a4804bfd98006b2 2768956 doc optional libvirt-doc_1.2.1-1_all.deb
 f5df41f613be2e2edaf9ee2b9baae93b 1826464 libdevel optional libvirt-dev_1.2.1-1_i386.deb
 c81daf1700ad2178d4d7ed97c956c93c 1759328 libs extra libvirt-sanlock_1.2.1-1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)

iD8DBQFS2XTJn88szT8+ZCYRArVtAJ0RmQrMc2Q3m8CkyDbxS6AEgQgGIQCbBagr
5jIkMKNE4cPmYXf8XP9qefE=
=C5hR
-----END PGP SIGNATURE-----

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Thu, 20 Feb 2014 07:34:50 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Wed Jun 19 15:44:06 2019; Machine Name: buxtehude

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started