FS#68562 : [libvirt] [Security] arbitrary code execution (CVE-2020-25637)

FS#68562 - [libvirt] [Security] arbitrary code execution (CVE-2020-25637)

Attached to Project: Community Packages
Opened by Norbert Cserpnyák (enpi) - Sunday, 08 November 2020, 08:39 GMT
Last edited by Morten Linderud (Foxboron) - Sunday, 08 November 2020, 14:43 GMT

Task Type	Bug Report
Category	Packages
Status	Closed
Assigned To	No-one
Architecture	All
Severity	Critical
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	1 Norbert Cserpnyák (enpi) (2020-11-08)
Private	No

Details

Summary
=======

The package libvirt is vulnerable to arbitrary code execution via CVE-2020-25637.

Guidance
========

<give a short guidance for the maintainer.. what shall he/she do? include a patch? Just upgrade?>

References
==========

https://security.archlinux.org/AVG-1240
https://www.openwall.com/lists/oss-security/2020/10/02/1
https://libvirt.org/git/?p=libvirt.git;a=commit;h=955029bd0ad7ef96000f529ac38204a8f4a96401
https://libvirt.org/git/?p=libvirt.git;a=commit;h=50864dcda191eb35732dbd80fb6ca251a6bba923
https://libvirt.org/git/?p=libvirt.git;a=commit;h=e4116eaa44cb366b59f7fe98f4b88d04c04970ad
https://libvirt.org/git/?p=libvirt.git;a=commit;h=a63b48c5ecef077bf0f909a85f453a605600cf05

This task depends upon

Closed by Morten Linderud (Foxboron)
Sunday, 08 November 2020, 14:43 GMT
Reason for closing: Not a bug

Comment by loqs (loqs) - Sunday, 08 November 2020, 12:34 GMT

~~FS#68058~~

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#68562 - [libvirt] [Security] arbitrary code execution (CVE-2020-25637)

Details

Loading...