Libvirt is vulnerable to an automake security hole; anyone that runs 'make distcheck' on any existing libvirt release tarball risks a local exploit that can take advantage of world-writable permissions to inject the operation of attacker-controlled code under the capabilities of the developer testing the package. This security hole can be mitigated by either avoiding the use of 'make distcheck', or by setting a restrictive umask (such as 022) before running 'make distcheck'. Since few people beyond developers tend to run 'make distcheck', I'm not too worried about pushing out a new libvirt tarball any sooner than the regular release cycle. But we should definitely upgrade to the latest gnulib (it adds a syntax check to validate whether the vulnerability still exists), and ensure that the release of libvirt 0.10.0, as well as the next maintenance releases of v0.9.{6,11}-maint, have been built with patched automake. -- Eric Blake eblake@redhat.com +1-919-301-3266 Libvirt virtualization library http://libvirt.org