Bug#687598: marked as done (libvirt: CVE-2012-4423)

[Debian Bug Tracking System]

Your message dated Fri, 14 Sep 2012 21:17:56 +0000
with message-id <e1tcdgu-0001hm...@franck.debian.org>
and subject line Bug#687598: fixed in libvirt 0.9.12-5
has caused the Debian Bug report #687598,
regarding libvirt: CVE-2012-4423
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
687598: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687598
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: libvirt
Severity: grave
Tags: security
Justification: user security hole

This has been assigned CVE-2012-4423:
https://www.redhat.com/archives/libvir-list/2012-September/msg00843.html

Cheers,
        Moritz

--- End Message ---

--- Begin Message ---

Source: libvirt
Source-Version: 0.9.12-5

We believe that the bug you reported is fixed in the latest version of
libvirt, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 687...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Guido Günther <a...@sigxcpu.org> (supplier of updated libvirt package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 14 Sep 2012 22:35:08 +0200
Source: libvirt
Binary: libvirt-bin libvirt0 libvirt0-dbg libvirt-doc libvirt-dev python-libvirt
Architecture: source all i386
Version: 0.9.12-5
Distribution: unstable
Urgency: high
Maintainer: Debian Libvirt Maintainers 
<pkg-libvirt-maintain...@lists.alioth.debian.org>
Changed-By: Guido Günther <a...@sigxcpu.org>
Description: 
 libvirt-bin - programs for the libvirt library
 libvirt-dev - development files for the libvirt library
 libvirt-doc - documentation for the libvirt library
 libvirt0   - library for interfacing with different virtualization systems
 libvirt0-dbg - library for interfacing with different virtualization systems
 python-libvirt - libvirt Python bindings
Closes: 687598
Changes: 
 libvirt (0.9.12-5) unstable; urgency=high
 .
   * Setting urgency to high since it's a security only fix
   * [c0f4995] New patch security-Fix-libvirtd-crash-possibility.patch.
     Fix libvirtd crash possibility (CVE-2012-4423)
     Thanks to Martin Kletzander (Closes: #687598)
Checksums-Sha1: 
 e23a6c39a628d7cd6bb23b240a1403949e08c2ed 2276 libvirt_0.9.12-5.dsc
 345ef89809d95487151948f27364ce9fb9a76d78 36917 libvirt_0.9.12-5.debian.tar.gz
 b57b4ec59c63d1423c2bf843032335fb7d2186f1 2173792 libvirt-doc_0.9.12-5_all.deb
 7fc4ceba018facd1a86cc9e5872205b598675fea 2333308 libvirt-bin_0.9.12-5_i386.deb
 75b4f749e82ca26614624dbd158048dbc5799fbd 2122112 libvirt0_0.9.12-5_i386.deb
 f6b87e0dcc492407d3f8e8ab9785f5f6ba6bf978 7473766 libvirt0-dbg_0.9.12-5_i386.deb
 f201b3be1187f448dbae121820b4e0d9c8546148 2503194 libvirt-dev_0.9.12-5_i386.deb
 9ee0152d23950405b63efa2f9c0d2cc343942c14 1420456 
python-libvirt_0.9.12-5_i386.deb
Checksums-Sha256: 
 33dc630df824ca118c9817c7379a51445e2a881451188363e3bb1a6f3697bcb8 2276 
libvirt_0.9.12-5.dsc
 2491abb168e0b7f743a65bc935d9613e85286eede59ce8843c84776633e104f4 36917 
libvirt_0.9.12-5.debian.tar.gz
 fa55f628c3b87fe1be4b1ba2d08337239832840612e8181b5498eb705336a594 2173792 
libvirt-doc_0.9.12-5_all.deb
 81751ef7a275594b889acb9f0af1a8332c0476921cb6e01d6600d33c9555fb38 2333308 
libvirt-bin_0.9.12-5_i386.deb
 1b1482682b6d5d32c7b33c4a4905ab0b4c70493662c718652ecdee86372a3ea6 2122112 
libvirt0_0.9.12-5_i386.deb
 cd93e25d5204fb0d1d22ddfe2b4eb6e6c19e8d4cbb23c82b10104d424ad6cbcc 7473766 
libvirt0-dbg_0.9.12-5_i386.deb
 da959529cfd3fa1bbe936597aac5d17849e6bfa39cacba6cd77e23e9e8d7d473 2503194 
libvirt-dev_0.9.12-5_i386.deb
 33443b1ce9791136dc62f009e3757bf0e54f4f2b187fe2765824b7f65c33fd60 1420456 
python-libvirt_0.9.12-5_i386.deb
Files: 
 83a70b0cd02c0a72718c0099c60b452c 2276 libs optional libvirt_0.9.12-5.dsc
 0453e25ba3934182887626a21660cad3 36917 libs optional 
libvirt_0.9.12-5.debian.tar.gz
 18859ac5d8f82efa079e80ed6843df22 2173792 doc optional 
libvirt-doc_0.9.12-5_all.deb
 da7e3dc2c5d994c3c9c7754f68f87acd 2333308 admin optional 
libvirt-bin_0.9.12-5_i386.deb
 debbfeedb3fda8db1cf5ef2c22290494 2122112 libs optional 
libvirt0_0.9.12-5_i386.deb
 2b5bdc4a693fa0014a37a5ad6037adb5 7473766 debug extra 
libvirt0-dbg_0.9.12-5_i386.deb
 dd1988d629fdb92260a40105277407df 2503194 libdevel optional 
libvirt-dev_0.9.12-5_i386.deb
 d12e182dab4650298a67b900afaba311 1420456 python optional 
python-libvirt_0.9.12-5_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFQU5rQn88szT8+ZCYRAgx3AJ0cDei+OyJxKxF+8WNqL94oXlXbJACcDKS0
01iAEq2d440/kzUM3jzCuVE=
=qQ1m
-----END PGP SIGNATURE-----

--- End Message ---