control: -1 +pending Hi, On Fri, May 03, 2024 at 09:10:23PM +0200, Salvatore Bonaccorso wrote: > Source: libvirt > Version: 10.2.0-1 > Severity: important > Tags: security upstream > X-Debbugs-Cc: car...@debian.org, Debian Security Team > <t...@security.debian.org> > > Hi, > > The following vulnerability was published for libvirt. > > CVE-2024-4418[0]: > | stack use-after-free in virNetClientIOEventLoop() > > > If you fix the vulnerability please also make sure to include the > CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
See https://salsa.debian.org/libvirt-team/libvirt/-/merge_requests/220 Cheers, -- Guido > > For further information see: > > [0] https://security-tracker.debian.org/tracker/CVE-2024-4418 > https://www.cve.org/CVERecord?id=CVE-2024-4418 > [1] https://bugzilla.redhat.com/show_bug.cgi?id=2278616 > [2] > https://gitlab.com/libvirt/libvirt/-/commit/8074d64dc2eca846d6a61efe1a9b7428a0ce1dd1 > > Please adjust the affected versions in the BTS as needed. > > Regards, > Salvatore > > _______________________________________________ > Pkg-libvirt-maintainers mailing list > pkg-libvirt-maintain...@alioth-lists.debian.net > https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-libvirt-maintainers >