Document changes and release 0.8.3-5+squeeze1
Guido Günther
13 years ago
0 | libvirt (0.8.3-5+squeeze1) stable-security; urgency=low | |
1 | ||
2 | * [0ee351f] [CVE-2011-1146] Add missing checks for read only connections. | |
3 | Some API forgot to check the read-only status of the connection for | |
4 | entry point which modify the state of the system or may lead to a remote | |
5 | execution using user data. | |
6 | The entry points concerned are: | |
7 | - virConnectDomainXMLToNative | |
8 | - virNodeDeviceDettach | |
9 | - virNodeDeviceReAttach | |
10 | - virNodeDeviceReset | |
11 | - virDomainRevertToSnapshot | |
12 | - virDomainSnapshotDelete | |
13 | src/libvirt.c: fix the above set of entry points to error on read-only | |
14 | (Closes: #617773) | |
15 | ||
16 | -- Guido Günther <agx@sigxcpu.org> Mon, 14 Mar 2011 21:33:33 +0100 | |
17 | ||
0 | 18 | libvirt (0.8.3-5+squeeze0) stable; urgency=low |
1 | 19 | |
2 | 20 | [ Laurent Léonard ] |