On Thu, Jun 12, 2014 at 08:24:42AM +0200, Boehme, Alfred wrote: > Hello, > > There is a vulnerability described in the gnuTLS library which is used in libvirt: > > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3466 > > > We are using libvirt 0.8.7 on Windows so my question is: > Is there already a windows version with a newer gnuTLS library > which has a fix for the mentioned vulnerability? If you're using libvirt 0.8.7 you've got far more than just the gnutls vuln to worry about - that's a libvirt more than 3 years old now. I'd suggest your upgrade everything to something modern. Any recent libvirt is capable of being built for Windows using the Mingw64 toolchain. We don't provide official builds ourself but you can get Fedora Mingw64 packages for libvirt & everything it depends on. Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| _______________________________________________ libvirt-users mailing list libvirt-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvirt-users
