Summary: | <app-emulation/libvirt-6.1.0: Denial of service via memory leak in domstats command (CVE-2020-12430) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | tamiko, virtualization |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
See Also: | https://bugs.gentoo.org/show_bug.cgi?id=711524 | ||
Whiteboard: | B3 [noglsa cve] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 718094 | ||
Bug Blocks: |
Description
Sam James
2020-04-28 20:51:22 UTC
@maintainer(s), please advise if ready for stabilisation, or call yourself. @maintainer(s), please cleanup The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=501ec32e4825e536fe36c691dfc01d9a2346276a commit 501ec32e4825e536fe36c691dfc01d9a2346276a Author: Marek Szuba <marecki@gentoo.org> AuthorDate: 2020-07-21 17:25:04 +0000 Commit: Marek Szuba <marecki@gentoo.org> CommitDate: 2020-07-21 18:10:40 +0000 app-emulation/libvirt: remove old Includes versions vulnerable to CVE-2020-12430. Approved by tamiko on IRC. Bug: https://bugs.gentoo.org/719962 Signed-off-by: Marek Szuba <marecki@gentoo.org> app-emulation/libvirt/Manifest | 2 - ...irt-1.2.16-fix_paths_in_libvirt-guests_sh.patch | 19 -- .../libvirt-5.2.0-fix-paths-for-apparmor.patch | 116 ------- ...d-the-agent-job-in-qemuDomainSetTimeAgent.patch | 39 --- app-emulation/libvirt/files/libvirtd.init-r18 | 33 -- app-emulation/libvirt/files/virtlockd.init-r1 | 23 -- app-emulation/libvirt/files/virtlogd.init-r1 | 23 -- app-emulation/libvirt/libvirt-6.0.0-r3.ebuild | 360 --------------------- app-emulation/libvirt/libvirt-6.1.0-r1.ebuild | 358 -------------------- app-emulation/libvirt/metadata.xml | 3 - 10 files changed, 976 deletions(-) |