-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 30 Jul 2024 21:35:28 +0200 Source: libvirt Architecture: source Version: 7.0.0-3+deb11u3 Distribution: bullseye Urgency: medium Maintainer: Debian Libvirt Maintainers Changed-By: Guilhem Moulin Closes: 990709 991594 1002535 1009075 1066058 1067461 Changes: libvirt (7.0.0-3+deb11u3) bullseye; urgency=medium . * Non-maintainer upload. * Fix CVE-2021-3631: SELinux MCS may be accessed by another machine. (Closes: #990709) * Fix CVE-2021-3667: Improper locking in the virStoragePoolLookupByTargetPath API. (Closes: #991594) * Fix CVE-2021-3975: Use-after-free vulnerability. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. * Fix CVE-2021-4147: Deadlock and crash in libxl driver. (Closes: #1002535) * libxl: Fix regression in domain shutdown. * Fix CVE-2022-0897: Missing locking in nwfilterConnectNumOfNWFilters. (Closes: #1009075) * Fix CVE-2024-1441: Off-by-one error in the udevListInterfacesByStatus() function. (Closes: #1066058) * Fix CVE-2024-2494: Missing check for negative array lengths in RPC server de-serialization routines. (Closes: #1067461) * Fix CVE-2024-2496: NULL pointer dereference in the udevConnectListAllInterfaces() function. Checksums-Sha1: 49201ecc0c3a396da145dddcc99df118454ecfea 5657 libvirt_7.0.0-3+deb11u3.dsc f1d332afd2e60ddc3a2ba1468b1d163b8c87519d 95084 libvirt_7.0.0-3+deb11u3.debian.tar.xz aa41d7bc4d30f0c348e36406f386ea6eab1f78df 26389 libvirt_7.0.0-3+deb11u3_amd64.buildinfo Checksums-Sha256: f82e170c9d231cb4ac691ba77be252538fef10e14b69f4a638f94cff480a8646 5657 libvirt_7.0.0-3+deb11u3.dsc 02d521ea49c54343ed52632f095c9fece300274b25d69dbda742bd7678109dac 95084 libvirt_7.0.0-3+deb11u3.debian.tar.xz 8abb49de2d3676cff87d7c82c4c28b887440f290ed84cee531c9ea2b2e7fc451 26389 libvirt_7.0.0-3+deb11u3_amd64.buildinfo Files: 218e555b41dd4e53cfdc615a04bcb561 5657 libs optional libvirt_7.0.0-3+deb11u3.dsc 9b575e56921ad7c7a086c8abc865d2d7 95084 libs optional libvirt_7.0.0-3+deb11u3.debian.tar.xz 21fa5ad3134d2052300694f7ceda1cb2 26389 libs optional libvirt_7.0.0-3+deb11u3_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmapQXwACgkQ05pJnDwh pVKZIRAAxfMA19zNfqKRXsk69gEejaXIDW8hqwVJexc6d7KcV/UVrn5jQrTpPDoC uIDJ2hvbgo2XYfObkOHEE/0VTtnqMKi0Xl7JjAiNe9h64O4NCkMiPwhC0u/yI/2R Sn/jfUZyzS6IgNDBqkPdmmC5otWXzIC8wDTuZxdQxPI9JTDSW47QFcYJig23WvyL 1GfDB9G+P+1PoTtXsipIUYRwmUUDdf78LTDGnqkFBWFz0LAFzHZKzQa9hwG8QcI0 sHif+kdlsBlamVUVrFnu9tLgR3sM6j2CrerRZt9Aatd81Z0euK0XzHujoTGTa3Dv CZm3z55cBNTulcedJbOl9UfFTJe/wKJHdjgLkmly4/j4rIPSB6eoj7VyJUv6lBhi bGq22yxr+7kPi4GgoV97KFJPoinx5hieGWmaZezpduP/MJSIxfG6KHdKFsgXCtw+ W5zDOL7nB1RALrC2ZuMRp9GrN7kLd0P/dg0R7xbebiew2sR/2mjOIDUUiptTLCsm q7qgNNBVgetzqUrEufRrZSnwT8HqFcmzV7bTFgQSvq0w2Oi/aeIT1Ua/d6E2jo1t NjFALtYCAtXvEBiRc0kbsehnpGQFNqGYL/dYfXqFzyOa+Ittt0BUWFh0YD4ye4gq wK+f/GrfRcPUzNc6ZD7I05ym9bgkFXLaSMPKPhu9JPCTNnM/iGg= =B7Ny -----END PGP SIGNATURE-----