Document changes and release 0.8.3-5+squeeze1
Guido Günther
13 years ago
| 0 | libvirt (0.8.3-5+squeeze1) stable-security; urgency=low | |
| 1 | ||
| 2 | * [0ee351f] [CVE-2011-1146] Add missing checks for read only connections. | |
| 3 | Some API forgot to check the read-only status of the connection for | |
| 4 | entry point which modify the state of the system or may lead to a remote | |
| 5 | execution using user data. | |
| 6 | The entry points concerned are: | |
| 7 | - virConnectDomainXMLToNative | |
| 8 | - virNodeDeviceDettach | |
| 9 | - virNodeDeviceReAttach | |
| 10 | - virNodeDeviceReset | |
| 11 | - virDomainRevertToSnapshot | |
| 12 | - virDomainSnapshotDelete | |
| 13 | src/libvirt.c: fix the above set of entry points to error on read-only | |
| 14 | (Closes: #617773) | |
| 15 | ||
| 16 | -- Guido Günther <agx@sigxcpu.org> Mon, 14 Mar 2011 21:33:33 +0100 | |
| 17 | ||
| 0 | 18 | libvirt (0.8.3-5+squeeze0) stable; urgency=low |
| 1 | 19 | |
| 2 | 20 | [ Laurent Léonard ] |