[libvirt] [PATCH] daemon: fix leak after listing all volumes
Eric Blake
eblake at redhat.com
Thu May 16 14:06:25 UTC 2013
On 05/16/2013 08:03 AM, Ján Tomko wrote:
> CVE-2013-1962
>
> remoteDispatchStoragePoolListAllVolumes wasn't freeing the pool.
> The pool also held a reference to the connection, preventing it from
> getting freed and closing the netcf interface driver, which held two
> sockets open.
> ---
> daemon/remote.c | 2 ++
> 1 file changed, 2 insertions(+)
ACK. Embargo expired today; let's get this backported to v0.10.2-maint
and beyond so we can cut new maintenance releases on the affected branch
and make it easier for distros to ensure they have this CVE plugged.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 621 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20130516/837cf6e1/attachment-0001.sig>
More information about the libvir-list
mailing list