On 05/16/2013 08:03 AM, Ján Tomko wrote: > CVE-2013-1962 > > remoteDispatchStoragePoolListAllVolumes wasn't freeing the pool. > The pool also held a reference to the connection, preventing it from > getting freed and closing the netcf interface driver, which held two > sockets open. > --- > daemon/remote.c | 2 ++ > 1 file changed, 2 insertions(+) ACK. Embargo expired today; let's get this backported to v0.10.2-maint and beyond so we can cut new maintenance releases on the affected branch and make it easier for distros to ensure they have this CVE plugged. -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
Attachment:
signature.asc
Description: OpenPGP digital signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list