render / rpms / libvirt

Forked from rpms/libvirt 9 months ago
Clone
Source Code
GIT

a2479f libvirt-5.4.0-2.fc31

Authored and Committed by crobinso 5 years ago
raw patch tree parent
5 files changed. 210 lines added. 1 lines removed.
0001-api-disallow-virDomainSaveImageGetXMLDesc-on-read-on.patch
file added
+81
0002-api-disallow-virDomainManagedSaveDefineXML-on-read-o.patch
file added
+33
0003-api-disallow-virConnectGetDomainCapabilities-on-read.patch
file added
+31
0004-api-disallow-virConnect-HypervisorCPU-on-read-only-c.patch
file added
+39
libvirt.spec
file modified
+26 -1 
    libvirt-5.4.0-2.fc31
    
    CVE-2019-10161: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (bz #1722463, bz #1720115)
    CVE-2019-10166: virDomainManagedSaveDefineXML API exposed to readonly clients (bz #1722462, bz #1720114)
    CVE-2019-10167: arbitrary command execution via virConnectGetDomainCapabilities API (bz #1722464, bz #1720117)
    CVE-2019-10168: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs (bz #1722466, bz #1720118)
file added
+81
file added
+33
file added
+31
file added
+39
file modified
+26 -1

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation