[libvirt] [PATCH 0/4] disallow multiple APIs on read-only connections
Ján Tomko
jtomko at redhat.com
Thu Jun 20 12:02:08 UTC 2019
One patch per CVE for:
CVE-2019-10161
CVE-2019-10166
CVE-2019-10167
CVE-2019-10168
Ján Tomko (4):
api: disallow virDomainSaveImageGetXMLDesc on read-only connections
api: disallow virDomainManagedSaveDefineXML on read-only connections
api: disallow virConnectGetDomainCapabilities on read-only connections
api: disallow virConnect*HypervisorCPU on read-only connections
src/libvirt-domain.c | 13 ++++---------
src/libvirt-host.c | 2 ++
src/qemu/qemu_driver.c | 2 +-
src/remote/remote_protocol.x | 3 +--
4 files changed, 8 insertions(+), 12 deletions(-)
Now pushed.
--
2.20.1
More information about the libvir-list
mailing list