26 matches found
SUSE: Security Advisory (SUSE-SU-2014:0785-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for libvirt FEDORA-2015-1883
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[USN-2366-1] libvirt vulnerabilities
========================================================================== Ubuntu Security Notice USN-2366-1 September 30, 2014 libvirt vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives:...
Ubuntu 14.04 LTS : libvirt vulnerabilities (USN-2366-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2366-1 advisory. Daniel P. Berrange and Richard Jones discovered that libvirt incorrectly handled XML documents containing XML external entity declarations. An attacker...
Debian: Security Advisory (DSA-3038-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 3038-1] libvirt security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3038-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso September 27, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3038-1] libvirt security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3038-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso September 27, 2014 http://www.debian.org/security/faq -...
CVE-2014-0179
libvirt 0.7.5 through 1.2.x before 1.2.5 allows local users to cause a denial of service read block and hang via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the 1 virConnectCompareCPU or 2 virConnectBaselineCPU API method, relate...
CVE-2014-0179
Libvirt vulnerability CVE-2014-0179 affects libvirt 0.7.5 through 1.2.x before 1.2.5. A crafted XML document containing an XML External Entity declaration with an entity reference to the virConnectCompareCPU or virConnectBaselineCPU API can be parsed due to XML_PARSE_NOENT behavior, allowing loca...
CVE-2014-0179
libvirt 0.7.5 through 1.2.x before 1.2.5 allows local users to cause a denial of service read block and hang via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the 1 virConnectCompareCPU or 2 virConnectBaselineCPU API method, relate...
RHEL 7 : libvirt (RHSA-2014:0914)
Updated libvirt packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
RedHat Update for libvirt RHSA-2014:0914-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 7 : libvirt (ELSA-2014-0914)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2014-0914 advisory. - LSN-2014-0003: Don't expand entities when parsing XML CVE-2014-0179 Tenable has extracted the preceding description block directly from the Oracle Linux...
libvirt security and bug fix update
1.1.1-29.0.1.el70.1 - Replace docs/et.png in tarball with blank image 1.1.1-29.el70.1 - LSN-2014-0003: Don't expand entities when parsing XML CVE-2014-0179 - virNetClientSetTLSSession: Restore original signal mask rhbz1112689 - Don't use AIADDRCONFIG when binding to wildcard addresses rhbz1112692...
openSUSE Security Update : libvirt (openSUSE-SU-2014:0674-1)
This update fixes the following issues with libvirt : - bnc875694: Fix migration with QEMU 1.6. QEMU 1.6.0 introduced new migration status: setup. Libvirt does not expect such string in QMP and refuses to migrate with error 'unexpected migration status in setup' - Patch to prevent expansion of...
openSUSE Security Update : libvirt (openSUSE-SU-2014:0650-1)
libvirt was patched to prevent expansion of entities when parsing XML files. This vulnerability allowed malicious users to read arbitrary files or cause a denial of service CVE-2014-0179. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...
Important: Red Hat Security Advisory: rhev-hypervisor6 security update
An updated rhev-hypervisor6 package that fixes two security issues is now available. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for each...
[ MDVSA-2014:097 ] libvirt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:097 http://www.mandriva.com/en/support/security/ Package : libvirt Date : May 16, 2014 Affected: Business Server 1.0 Problem Description: Multiple vulnerabilities has been discovered and corrected in libvirt...
Updated libvirt packages fix multiple vulnerabilities
Updated libvirt packages fix security vulnerabilities: The LXC driver lxc/lxcdriver.c in libvirt 1.0.1 through 1.2.1 allows local users to 1 delete arbitrary host devices via the virDomainDeviceDettach API and a symlink attack on /dev in the container; 2 create arbitrary nodes mknod via the...
CentOS 6 : libvirt (CESA-2014:0560)
Updated libvirt packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...