FS#68562 - [libvirt] [Security] arbitrary code execution (CVE-2020-25637)
Attached to Project:
Community Packages
Opened by Norbert Cserpnyák (enpi) - Sunday, 08 November 2020, 08:39 GMT
Last edited by Morten Linderud (Foxboron) - Sunday, 08 November 2020, 14:43 GMT
Opened by Norbert Cserpnyák (enpi) - Sunday, 08 November 2020, 08:39 GMT
Last edited by Morten Linderud (Foxboron) - Sunday, 08 November 2020, 14:43 GMT
|
Details
Summary
======= The package libvirt is vulnerable to arbitrary code execution via CVE-2020-25637. Guidance ======== <give a short guidance for the maintainer.. what shall he/she do? include a patch? Just upgrade?> References ========== https://security.archlinux.org/AVG-1240 https://www.openwall.com/lists/oss-security/2020/10/02/1 https://libvirt.org/git/?p=libvirt.git;a=commit;h=955029bd0ad7ef96000f529ac38204a8f4a96401 https://libvirt.org/git/?p=libvirt.git;a=commit;h=50864dcda191eb35732dbd80fb6ca251a6bba923 https://libvirt.org/git/?p=libvirt.git;a=commit;h=e4116eaa44cb366b59f7fe98f4b88d04c04970ad https://libvirt.org/git/?p=libvirt.git;a=commit;h=a63b48c5ecef077bf0f909a85f453a605600cf05 |
This task depends upon
Closed by Morten Linderud (Foxboron)
Sunday, 08 November 2020, 14:43 GMT
Reason for closing: Not a bug
Sunday, 08 November 2020, 14:43 GMT
Reason for closing: Not a bug
FS#68058