Red Hat Security Advisory 2018-3113-01 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. Issues addressed include a code injection vulnerability.
cbe6a31ece3c0b11795802e815af1e5c9d758cb697b8f1f1a7dcc38fe59ed8be
Gentoo Linux Security Advisory 201804-7 - Multiple vulnerabilities have been discovered in libvirt, the worst of which may result in the execution of arbitrary commands. Versions less than 4.1.0 are affected.
cb3f93c9b3e0a479b010f996073edf699e0fa20b3ce9bb33683651094342f1ff
Debian Linux Security Advisory 4137-1 - Several vulnerabilities were discovered in Libvirt, a virtualisation abstraction library.
2e28cb54079712a1c15c0369a23af4ed15a476264ecf631fe44b7482bc005d57
Ubuntu Security Notice 3576-1 - Vivian Zhang and Christoph Anton Mitterer discovered that libvirt incorrectly disabled password authentication when the VNC password was set to an empty string. A remote attacker could possibly use this issue to bypass authentication, contrary to expectations. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Daniel P. Berrange discovered that libvirt incorrectly handled validating SSL/TLS certificates. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 17.10. Various other issues were also addressed.
90c6d4cdd362e55904c6d76f4118ef039e8e85b0aab04a6669ee178da97eb658