Re: [Libguestfs] [LIBNBD SECURITY PATCH 0/1] NBD Protocol Downgrade Attack in libnbd
On 9/16/19 2:06 PM, Eric Blake wrote:
We discovered a possible Downgrade Attack in libnbd.
Lifecycle
---------
Reported: 2019-09-14 Fixed: 2019-09-16 Published: 2019-09-16
There is no CVE number assigned for this issue yet, but the bug is
being categorized and processed by Red Hat's security team which may
result in a CVE being published later.
CVE-2019-14842 has now been assigned.
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3226
Virtualization: qemu.org | libvirt.org
Attachments:
- signature.asc (application/pgp-signature — 488 bytes)