Mandriva Linux Security Advisory : libvirt (MDVSA-2015:035)
Low Nessus Plugin ID 81235
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionUpdated libvirt packages fix security vulnerability :
The XML getters for for save images and snapshots objects don't check ACLs for the VIR_DOMAIN_XML_SECURE flag and might possibly dump security sensitive information. A remote attacker able to establish a connection to libvirtd could use this flaw to cause leak certain limited information from the domain xml file (CVE-2015-0236).
SolutionUpdate the affected packages.