6818 – libguestfs new security issue CVE-2012-2690

Bug 6818 - libguestfs new security issue CVE-2012-2690

Summary: libguestfs new security issue CVE-2012-2690

Status:	RESOLVED WONTFIX

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	Cauldron
Hardware:	i586 Linux

Priority:	Normal Severity: normal
Target Milestone:	---
Assignee:	Mageia Bug Squad
QA Contact:

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2012-07-18 12:35 CEST by David Walser
Modified:	2012-08-15 01:07 CEST (History)
CC List:	1 user (show)

See Also:
Source RPM:	libguestfs-1.5.21-1.mga1.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2012-07-18 12:35:09 CEST

RedHat has issued an advisory on June 20:
https://rhn.redhat.com/errata/RHSA-2012-0774.html

Mageia 1 and Mageia 2 are also affected.

It's fixed upstream in 1.18.0 and there's a link to a patch in RH bugzilla:
https://bugzilla.redhat.com/show_bug.cgi?id=831117

David Walser 2012-07-18 12:35:34 CEST

CC: (none) => saispo

Comment 1 David Walser 2012-08-15 00:06:42 CEST

There is also CVE-2010-3851:
http://lwn.net/Vulnerabilities/413075/

Comment 2 David Walser 2012-08-15 01:07:10 CEST

This was in SVN, but never built.  I moved it to obsolete.

Status: NEW => RESOLVED
Resolution: (none) => WONTFIX

Note You need to log in before you can comment on or make changes to this bug.