Test ID:	1.3.6.1.4.1.25623.1.0.121290
Category:	Gentoo Local Security Checks
Title:	Gentoo Security Advisory GLSA 201412-04
Summary:	Gentoo Linux Local Security Checks GLSA 201412-04
Description:	Summary: Gentoo Linux Local Security Checks GLSA 201412-04 Vulnerability Insight: Multiple vulnerabilities have been discovered in libvirt. Please review the CVE identifiers referenced below for details. Solution: Update the affected packages to the latest available version. CVSS Score: 8.5 CVSS Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2013-4292 60895 http://secunia.com/advisories/60895 GLSA-201412-04 http://security.gentoo.org/glsa/glsa-201412-04.xml [libvirt] 20130829 [PATCH 01/12] Add bounds checking on virDomainMigrate*Params RPC calls (CVE-2013-4292) http://www.mail-archive.com/libvir-list%40redhat.com/msg83332.html http://libvirt.org/news.html Common Vulnerability Exposure (CVE) ID: CVE-2013-4296 DSA-2764 http://www.debian.org/security/2013/dsa-2764 RHSA-2013:1272 http://rhn.redhat.com/errata/RHSA-2013-1272.html RHSA-2013:1460 http://rhn.redhat.com/errata/RHSA-2013-1460.html USN-1954-1 http://www.ubuntu.com/usn/USN-1954-1 http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=e7f400a110e2e3673b96518170bfea0855dd82c0 http://wiki.libvirt.org/page/Maintenance_Releases https://bugzilla.redhat.com/show_bug.cgi?id=1006173 openSUSE-SU-2013:1549 http://lists.opensuse.org/opensuse-updates/2013-10/msg00023.html openSUSE-SU-2013:1550 http://lists.opensuse.org/opensuse-updates/2013-10/msg00024.html Common Vulnerability Exposure (CVE) ID: CVE-2013-4297 http://libvirt.org/git/?p=libvirt.git%3Ba=commitdiff%3Bh=2dba0323ff0cec31bdcea9dd3b2428af297401f2 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4297 Common Vulnerability Exposure (CVE) ID: CVE-2013-4399 BugTraq ID: 62972 http://www.securityfocus.com/bid/62972 Common Vulnerability Exposure (CVE) ID: CVE-2013-4400 FEDORA-2013-20869 http://lists.fedoraproject.org/pipermail/package-announce/2013-November/121370.html http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=3e2f27e13b94f7302ad948bcacb5e02c859a25fc http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=8c3586ea755c40d5e01b22cb7b5c1e668cdec994 http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=b7fcc799ad5d8f3e55b89b94e599903e3c092467 https://bugzilla.redhat.com/show_bug.cgi?id=1015228 Common Vulnerability Exposure (CVE) ID: CVE-2013-4401 1029241 http://www.securitytracker.com/id/1029241 55210 http://secunia.com/advisories/55210 USN-2026-1 http://www.ubuntu.com/usn/USN-2026-1 http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=57687fd6bf7f6e1b3662c52f3f26c06ab19dc96c https://bugzilla.redhat.com/show_bug.cgi?id=1015259 Common Vulnerability Exposure (CVE) ID: CVE-2013-5651 http://www.openwall.com/lists/oss-security/2013/08/30/1 SuSE Security Announcement: openSUSE-SU-2013:1550 (Google Search) Common Vulnerability Exposure (CVE) ID: CVE-2013-6436 101485 http://osvdb.org/101485 56245 http://secunia.com/advisories/56245 USN-2093-1 http://www.ubuntu.com/usn/USN-2093-1 [libvirt] 20131220 SECURITY: CVE-2013-6436: libvirtd daemon crash when reading memory tunables for LXC guest in shutoff status https://www.redhat.com/archives/libvir-list/2013-December/msg01170.html http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=f8c1cb90213508c4f32549023b0572ed774e48aa openSUSE-SU-2014:0010 http://lists.opensuse.org/opensuse-updates/2014-01/msg00004.html Common Vulnerability Exposure (CVE) ID: CVE-2013-6456 56187 http://secunia.com/advisories/56187 56215 http://secunia.com/advisories/56215 65743 http://www.securityfocus.com/bid/65743 FEDORA-2014-2864 http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129199.html http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=5fc590ad9f4 http://security.libvirt.org/2013/0018.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=732394 https://bugzilla.redhat.com/show_bug.cgi?id=1045643 openSUSE-SU-2014:0593 http://lists.opensuse.org/opensuse-updates/2014-05/msg00004.html Common Vulnerability Exposure (CVE) ID: CVE-2013-6457 [libvirt] 20131220 [PATCH] libxl: avoid crashing if calling `virsh numatune' on inactive domain https://www.redhat.com/archives/libvir-list/2013-December/msg01176.html [libvirt] 20131224 CVE-2013-6457 Re: [PATCH] libxl: avoid crashing if calling `virsh numatune' on inactive domain https://www.redhat.com/archives/libvir-list/2013-December/msg01258.html https://bugzilla.redhat.com/show_bug.cgi?id=1048629 openSUSE-SU-2014:0268 http://lists.opensuse.org/opensuse-updates/2014-02/msg00060.html Common Vulnerability Exposure (CVE) ID: CVE-2013-6458 56186 http://secunia.com/advisories/56186 56446 http://secunia.com/advisories/56446 DSA-2846 http://www.debian.org/security/2014/dsa-2846 RHSA-2014:0103 http://rhn.redhat.com/errata/RHSA-2014-0103.html https://bugzilla.redhat.com/show_bug.cgi?id=1043069 openSUSE-SU-2014:0270 http://lists.opensuse.org/opensuse-updates/2014-02/msg00062.html Common Vulnerability Exposure (CVE) ID: CVE-2013-7336 http://www.openwall.com/lists/oss-security/2014/03/18/1 http://www.openwall.com/lists/oss-security/2014/03/18/3 SuSE Security Announcement: openSUSE-SU-2014:0593 (Google Search) Common Vulnerability Exposure (CVE) ID: CVE-2014-0028 [libvirt] 20140115 [PATCH 0/4] CVE-2014-0028: domain events vs. ACL filtering https://www.redhat.com/archives/libvir-list/2014-January/msg00684.html https://bugzilla.redhat.com/show_bug.cgi?id=1048637 Common Vulnerability Exposure (CVE) ID: CVE-2014-0179 DSA-3038 http://www.debian.org/security/2014/dsa-3038 RHSA-2014:0560 http://rhn.redhat.com/errata/RHSA-2014-0560.html USN-2366-1 http://www.ubuntu.com/usn/USN-2366-1 http://security.libvirt.org/2014/0003.html openSUSE-SU-2014:0650 http://lists.opensuse.org/opensuse-updates/2014-05/msg00048.html openSUSE-SU-2014:0674 http://lists.opensuse.org/opensuse-updates/2014-05/msg00052.html Common Vulnerability Exposure (CVE) ID: CVE-2014-1447 Debian Security Information: DSA-2846 (Google Search) RedHat Security Advisories: RHSA-2014:0103 http://www.securitytracker.com/id/1029695 http://secunia.com/advisories/56321 SuSE Security Announcement: openSUSE-SU-2014:0268 (Google Search) SuSE Security Announcement: openSUSE-SU-2014:0270 (Google Search) Common Vulnerability Exposure (CVE) ID: CVE-2014-3633 60291 http://secunia.com/advisories/60291 RHSA-2014:1352 http://rhn.redhat.com/errata/RHSA-2014-1352.html http://libvirt.org/git/?p=libvirt.git%3Ba=commitdiff%3Bh=3e745e8f775dfe6f64f18b5c2fe4791b35d3546b http://security.libvirt.org/2014/0004.html openSUSE-SU-2014:1290 http://lists.opensuse.org/opensuse-updates/2014-10/msg00014.html openSUSE-SU-2014:1293 http://lists.opensuse.org/opensuse-updates/2014-10/msg00017.html Common Vulnerability Exposure (CVE) ID: CVE-2014-5177 RedHat Security Advisories: RHSA-2014:0560 SuSE Security Announcement: openSUSE-SU-2014:0650 (Google Search) SuSE Security Announcement: openSUSE-SU-2014:0674 (Google Search) Common Vulnerability Exposure (CVE) ID: CVE-2014-7823 60010 http://secunia.com/advisories/60010 62058 http://secunia.com/advisories/62058 62303 http://secunia.com/advisories/62303 USN-2404-1 http://www.ubuntu.com/usn/USN-2404-1 http://security.libvirt.org/2014/0007.html openSUSE-SU-2014:1471 http://lists.opensuse.org/opensuse-updates/2014-11/msg00083.html
Copyright	Copyright (C) 2015 Eero Volotinen

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.