Re: [libvirt] [PATCH] daemon: fix leak after listing all volumes
On 05/16/2013 08:03 AM, Ján Tomko wrote:
CVE-2013-1962
remoteDispatchStoragePoolListAllVolumes wasn't freeing the pool.
The pool also held a reference to the connection, preventing it from
getting freed and closing the netcf interface driver, which held two
sockets open.
---
daemon/remote.c | 2 ++
1 file changed, 2 insertions(+)
ACK. Embargo expired today; let's get this backported to v0.10.2-maint
and beyond so we can cut new maintenance releases on the affected branch
and make it easier for distros to ensure they have this CVE plugged.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
Attachments:
- signature.asc (application/pgp-signature — 621 bytes)