Nixpkgs security tracker

Permalink CVE-2013-4367

created 1 month, 3 weeks ago

ovirt-engine 3.2 running on Linux kernel 3.1 and newer creates …

ovirt-engine 3.2 running on Linux kernel 3.1 and newer creates certain files world-writeable due to an upstream kernel change which impacted how python's os.chmod() works when passed a mode of '-1'.

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4367 x_refsource_MISC
https://access.redhat.com/security/cve/cve-2013-4367 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4367 x_transferredx_refsource_MISC
https://access.redhat.com/security/cve/cve-2013-4367 x_transferredx_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4367 x_refsource_MISC
https://access.redhat.com/security/cve/cve-2013-4367 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4367 x_transferredx_refsource_MISC
https://access.redhat.com/security/cve/cve-2013-4367 x_transferredx_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4367 x_refsource_MISC
https://access.redhat.com/security/cve/cve-2013-4367 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4367 x_transferredx_refsource_MISC
https://access.redhat.com/security/cve/cve-2013-4367 x_transferredx_refsource_MISC

Affected products

ovirt-engine

==ovirt-engine 3.2 running on Linux kernel 3.1 and newer

Matching in nixpkgs

pkgs.rubyPackages.ovirt-engine-sdk

None

nixos-unstable 4.6.1
- nixpkgs-unstable 4.6.1
- nixos-unstable-small 4.6.1
nixos-25.11 4.6.1
- nixos-25.11-small 4.6.1
- nixpkgs-25.11-darwin 4.6.1

pkgs.rubyPackages_3_1.ovirt-engine-sdk

None

pkgs.rubyPackages_3_2.ovirt-engine-sdk

None

pkgs.rubyPackages_3_3.ovirt-engine-sdk

None

nixos-unstable 4.6.1
- nixpkgs-unstable 4.6.1
- nixos-unstable-small 4.6.1
nixos-25.11 4.6.1
- nixos-25.11-small 4.6.1
- nixpkgs-25.11-darwin 4.6.1

pkgs.rubyPackages_3_4.ovirt-engine-sdk

None

nixos-unstable 4.6.1
- nixpkgs-unstable 4.6.1
- nixos-unstable-small 4.6.1
nixos-25.11 4.6.1
- nixos-25.11-small 4.6.1
- nixpkgs-25.11-darwin 4.6.1

pkgs.rubyPackages_4_0.ovirt-engine-sdk

None

nixos-unstable 4.6.1
- nixpkgs-unstable 4.6.1
- nixos-unstable-small 4.6.1
nixos-25.11 4.6.1
- nixos-25.11-small 4.6.1
- nixpkgs-25.11-darwin 4.6.1

Permalink CVE-2015-1780

created 1 month, 3 weeks ago

oVirt users with MANIPULATE_STORAGE_DOMAIN permissions can attach a storage domain …

oVirt users with MANIPULATE_STORAGE_DOMAIN permissions can attach a storage domain to any data-center

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-1780 x_refsource_MISC
https://access.redhat.com/security/cve/cve-2015-1780 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-1780 x_transferredx_refsource_MISC
https://access.redhat.com/security/cve/cve-2015-1780 x_transferredx_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-1780 x_refsource_MISC
https://access.redhat.com/security/cve/cve-2015-1780 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-1780 x_transferredx_refsource_MISC
https://access.redhat.com/security/cve/cve-2015-1780 x_transferredx_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-1780 x_refsource_MISC
https://access.redhat.com/security/cve/cve-2015-1780 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-1780 x_transferredx_refsource_MISC
https://access.redhat.com/security/cve/cve-2015-1780 x_transferredx_refsource_MISC

Affected products

oVirt

==through 2015-03-06

Matching in nixpkgs

pkgs.libgovirt

GObject wrapper for the oVirt REST API

nixos-unstable 0.3.9
- nixpkgs-unstable 0.3.9
- nixos-unstable-small 0.3.9
nixos-25.11 0.3.9
- nixos-25.11-small 0.3.9
- nixpkgs-25.11-darwin 0.3.9

pkgs.stratovirt

Virtual Machine Manager from Huawei

nixos-unstable 2.4.0
- nixpkgs-unstable 2.4.0
- nixos-unstable-small 2.4.0
nixos-25.11 2.4.0
- nixos-25.11-small 2.4.0
- nixpkgs-25.11-darwin 2.4.0

pkgs.rubyPackages.ovirt-engine-sdk

None

nixos-unstable 4.6.1
- nixpkgs-unstable 4.6.1
- nixos-unstable-small 4.6.1
nixos-25.11 4.6.1
- nixos-25.11-small 4.6.1
- nixpkgs-25.11-darwin 4.6.1

pkgs.rubyPackages_3_1.ovirt-engine-sdk

None

pkgs.rubyPackages_3_2.ovirt-engine-sdk

None

pkgs.rubyPackages_3_3.ovirt-engine-sdk

None

nixos-unstable 4.6.1
- nixpkgs-unstable 4.6.1
- nixos-unstable-small 4.6.1
nixos-25.11 4.6.1
- nixos-25.11-small 4.6.1
- nixpkgs-25.11-darwin 4.6.1

pkgs.rubyPackages_3_4.ovirt-engine-sdk

None

nixos-unstable 4.6.1
- nixpkgs-unstable 4.6.1
- nixos-unstable-small 4.6.1
nixos-25.11 4.6.1
- nixos-25.11-small 4.6.1
- nixpkgs-25.11-darwin 4.6.1

pkgs.rubyPackages_4_0.ovirt-engine-sdk

None

nixos-unstable 4.6.1
- nixpkgs-unstable 4.6.1
- nixos-unstable-small 4.6.1
nixos-25.11 4.6.1
- nixos-25.11-small 4.6.1
- nixpkgs-25.11-darwin 4.6.1

Package maintainers

@amarshall Andrew Marshall <andrew@johnandrewmarshall.com>
@Atemu Atemu <nixpkgs@mail.atemu.net>
@astro Astro <astro@spaceboyz.net>

Suggestions search

References

Affected products

Matching in nixpkgs

pkgs.rubyPackages.ovirt-engine-sdk

pkgs.rubyPackages_3_1.ovirt-engine-sdk

pkgs.rubyPackages_3_2.ovirt-engine-sdk

pkgs.rubyPackages_3_3.ovirt-engine-sdk

pkgs.rubyPackages_3_4.ovirt-engine-sdk

pkgs.rubyPackages_4_0.ovirt-engine-sdk

References

Affected products

Matching in nixpkgs

pkgs.libgovirt

pkgs.stratovirt

pkgs.rubyPackages.ovirt-engine-sdk

pkgs.rubyPackages_3_1.ovirt-engine-sdk

pkgs.rubyPackages_3_2.ovirt-engine-sdk

pkgs.rubyPackages_3_3.ovirt-engine-sdk

pkgs.rubyPackages_3_4.ovirt-engine-sdk

pkgs.rubyPackages_4_0.ovirt-engine-sdk

Package maintainers