Overview

File _patchinfo of Package patchinfo.42084

<patchinfo incident="42084">
  <issue tracker="cve" id="2025-12748"/>
  <issue tracker="cve" id="2025-13193"/>
  <issue tracker="bnc" id="1251822">The supportconfig plugin of libvirt, qemu, and virt-manager needs porting to supportconfig.rc</issue>
  <issue tracker="bnc" id="1253703">VUL-0: CVE-2025-13193: libvirt: Information disclosure via world-readable VM snapshots</issue>
  <issue tracker="bnc" id="1253278">VUL-0: CVE-2025-12748: libvirt: Denial of service in XML parsing</issue>
  <packager>jfehlig</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for libvirt</summary>
  <description>This update for libvirt fixes the following issues:

Security fixes:

  - CVE-2025-13193: Fixed umask for 'qemu-img' when creating external inactive snapshots (bsc#1253703)
  - CVE-2025-12748: Fixed check ACLs before parsing the whole domain XML (bsc#1253278)
  
Other fixes:

  - libvirt-supportconfig: Add support for supportconfig.rc (bsc#1251822)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places