ROSA Linux Bugzilla – Bug 1521
[UPDATE REQUEST] [UPSTREAM UPDATE] libvirt
Last modified: 2013-02-08 18:39:14 MSK
Updated libvirt from RHEL6 upstream.
A flaw was found in the way libvirtd handled connection cleanup (when a
connection was being closed) under certain error conditions. A remote
attacker able to establish a read-only connection to libvirtd could use
this flaw to crash libvirtd or, potentially, execute arbitrary code with
the privileges of the root user. (CVE-2013-0170)
Sorry, I've already published it. My mistake.
Please let me know if something wrong with this update, then I'll do roll-back.