[SECURITY] [DLA 1315-1] libvirt security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Package : libvirt
Version : 0.9.12.3-1+deb7u3
CVE ID : CVE-2018-1064 CVE-2018-5748
Debian Bug : 887700
Daniel P. Berrange and Peter Krempa of Red Hat discovered a flaw in
libvirt, a virtualization API. A lack of restriction for the amount of
data read by QEMU Monitor socket can lead to a denial of service by
exhaustion of memory resources.
For Debian 7 "Wheezy", these problems have been fixed in version
0.9.12.3-1+deb7u3.
We recommend that you upgrade your libvirt packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlq2e89fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeQrWw//YvHnxjcWM7ajvyf1OUWPdc1mpAEgI9RB2GBEiPDY8Ysmj6wfW8spvqdD
llNBxj9tRtVS7nk82j4J6bEJp2iPV/abs8mNIMVimhGdOeUDJfRGFbcF+Qx9AHN1
E85P141f//kQK7qF4WyJLLnHqMH26byq3218HYOi/EVqfPL81zefvRjJP2NkFbuN
AkaK/1OBK+gV54v4s8CSQawUbbYJz7SY30t+yIGehpIfrxG0k4dLNUfebnpFlJgO
2WRPbnz/FPb2gGmdDqx1i8vk0zvFYg7EwQchfsrN8JSQO6/TA/0LC0weghdCLUt3
Y5QkgLxJWK9TVGZ0ZZAJIvTj1Y/B/jCPPvrYchwYhytlzfKI5ZbCp8ugBpQbqOV1
wONIdpJxSu2hBE0O8Fm/OpEVUKcO7QOMj1mAyfSBtFKCkKcJkjzRISxQ5WFhSA4/
8kf43cHgkGJXftP2eEepmNeGf0moA5IKV/SROlHtch1ZVqcj+2WyG05RMXKWSn5V
l8cs8U8xZW70oqguLEHixWxkPZ0RIBHSEqRyoO+ISXg/L/fsMXlU1E8Z2OTgBi3T
PmCX1TirJhLGHiyIuZdGNASAT2r80vm/4Byp5+aYVQavwBRO5BKfQkGk3T6mOsvx
cSVa9gX1nlpShf6n9GsO7HJR076a/Du+ccI16FJ5ifyjOrR53bU=
=Kqni
-----END PGP SIGNATURE-----
Reply to: