On 08/05/2013 10:39 AM, Jim Fehlig wrote: > Commit 632180d1 introduced memory corruption in xenDaemonListDefinedDomains > by starting to populate the names array at index -1, causing all sorts > of havoc in libvirtd such as aborts like the following > > *** Error in `/usr/sbin/libvirtd': double free or corruption (out): 0x00007fffe00ccf20 *** This has been assigned CVE-2013-4239 (a read-only client can crash or otherwise interfere with read-write clients). v1.1.1 is the only impacted release, and only if you compiled with xen support; and v1.1.1-maint already includes the backport of this patch. Thanks again for a quick fix. -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
Attachment:
signature.asc
Description: OpenPGP digital signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list