[Secure-testing-team] Bug#633630: CVE-2011-2511 libvirt: integer overflow in VirDomainGetVcpus
Salvatore Bonaccorso
carnil at debian.org
Tue Jul 12 10:29:14 UTC 2011
Source: libvirt
Version: 0.9.2
Severity: important
Tags: security
Hi Guido
In [1] (CVE-2011-2511) an integer overflow in VirDomainGetVcpus for
libvirt is mentioned. This is fixed in new upstream 0.9.3. Here [2] is
the patch applied by upstream. Can/should there be an update to for
stable (if affected?).
[1] http://www.securityfocus.com/bid/48478/info
[2] https://www.redhat.com/archives/libvir-list/2011-June/msg01278.html
[3] http://security-tracker.debian.org/CVE-2011-2511
Regards
Salvatore
-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-5-amd64 (SMP w/8 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash
More information about the Secure-testing-team
mailing list