[Secure-testing-team] Bug#708647: libvirt: CVE-2013-1962: DoS (max count of open files exhaustion) due sockets leak in the storage pool
Salvatore Bonaccorso
carnil at debian.org
Fri May 17 13:56:36 UTC 2013
Package: libvirt
Version: 1.0.5-2
Severity: grave
Tags: security upstream patch
Hi,
the following vulnerability was published for libvirt.
CVE-2013-1962[0]:
DoS (max count of open files exhaustion) due sockets leak in the storage pool
Upstream patch can be found at [1].
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1962
http://security-tracker.debian.org/tracker/CVE-2013-1962
[1] http://libvirt.org/git/?p=libvirt.git;a=commit;h=ca697e90d5bd6a6dfb94bfb6d4438bdf9a44b739
Only experimental version should be affected. Note, the serverity
grave might be a bit overrated in this case, so if you do not agree
please downgrade to important.
Regards,
Salvatore
More information about the Secure-testing-team
mailing list