[libvirt] [PATCH] daemon: fix leak after listing all volumes
Ján Tomko
jtomko at redhat.com
Thu May 16 14:09:03 UTC 2013
On 05/16/2013 04:06 PM, Eric Blake wrote:
> On 05/16/2013 08:03 AM, Ján Tomko wrote:
>> CVE-2013-1962
>>
>> remoteDispatchStoragePoolListAllVolumes wasn't freeing the pool.
>> The pool also held a reference to the connection, preventing it from
>> getting freed and closing the netcf interface driver, which held two
>> sockets open.
>> ---
>> daemon/remote.c | 2 ++
>> 1 file changed, 2 insertions(+)
>
> ACK. Embargo expired today; let's get this backported to v0.10.2-maint
> and beyond so we can cut new maintenance releases on the affected branch
> and make it easier for distros to ensure they have this CVE plugged.
>
Thanks, I've pushed it to master and all the maint branches from v0.10.2.
Jan
More information about the libvir-list
mailing list