From https://bugzilla.redhat.com/1809740 :
A flaw was found in the way Libvirtd daemon issued the 'suspend' command to a
QEMU guest-agent running inside a guest. It holds a monitor job while issuing
the 'suspend' command to a guest-agent. A malicious guest-agent may use this
flaw to block the Libvirt daemon indefinitely resulting in a DoS scenario.
@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Arches, please stabilize libvirt 6.0.0-r1
Maintainer(s), please cleanup.
Security, please vote.
*** Bug 713334 has been marked as a duplicate of this bug. ***
commit a555f5f3ce98327315d3c8fac20239b510a1a281 (HEAD -> master, origin/master, origin/HEAD)
Author: Matthias Maier <firstname.lastname@example.org>
Date: Wed Mar 18 22:37:13 2020 -0500
app-emulation/libvirt: drop old, bug #711524
Package-Manager: Portage-2.3.94, Repoman-2.3.21
Signed-off-by: Matthias Maier <email@example.com>
Unable to check for sanity:
> no match for package: app-emulation/libvirt-6.0.0-r1
@security: Please vote.