[SECURITY] [DLA 4504-1] libvirt security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 4504-1] libvirt security update
From: Utkarsh Gupta <guptautkarsh2102@gmail.com>
Date: Fri, 20 Mar 2026 20:28:33 +0530
Message-id: <[🔎] CAPP0f96Eb2uWsfjdn4-fS5AWqioZL73wSHpLdLjJ5mDCL-KLYQ@mail.gmail.com>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -----------------------------------------------------------------------
Debian LTS Advisory DLA-4504-1              debian-lts@lists.debian.org
https://www.debian.org/lts/security/                      Utkarsh Gupta
March 20, 2026                              https://wiki.debian.org/LTS
- -----------------------------------------------------------------------

Package        : libvirt
Version        : 7.0.0-3+deb11u4
Debian Bug     : 1124549

The latest update to src:linux for bullseye (via DLA 4404-1) caused a
regression for libvirt (debian bug #1124549). This is due to libvirt
passing a previously undefined flag to netlink that is now checked
and rejected. This was fixed in libvirt 7.1.0 (upstream commit
81334002340b) so is not present in later Debian releases.

For Debian 11 bullseye, this problem has been fixed in version
7.0.0-3+deb11u4.

We recommend that you upgrade your libvirt packages.

For the detailed security status of libvirt please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libvirt

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAmm9YGUACgkQgj6WdgbD
S5ZidBAAu+ZZyMYt/D4EUX4X+7aJKBIvQUg38X8pUQCUs20PGCWc2LmhhUA22FEj
oPTUI1qX1h/O+/LMaWwZSEssEBfiaFd4E1EU5ttmA5/IjWENCQ7ZuPQV8hLaG5L4
Vt7Drxd1HzL0vCVc3dgJ1szUWuMJl4Z+svCaKpAUvKWipGC5aQM4DnArfpnxACob
2vAPK/7ykDONQnGMsbgTy+MuUV5gx0+fkJX/QJe6jEnQpY2qiYHOIA2Xhl4x5hYO
SuAb9+GeYD7Y6wdZo9JJlNTdCiCca0feARBJjpC9yLzAX0BYcNKKZE9/+44GXylK
KL9hZ5RBiisjZc77E5WjQwckA19Ut61XY6MlwWUibqfdJxdclymRy6aGIXpvGbuc
F254WN41Prc3JCmHDHXjMLBRpQu6gBqErnZfv+mJHeM3NSVVP1S2oPHrM7nMn7b6
wRW1cOITih7xnfx5jkKjHNfjwZwDaM9O2KokJNhH1zqGRsPt64dg6TxxRyMn+YAe
RmW60RptdBQUQof3xRIHW53DuDgHpkfjqQC1bvsxK9krpoiinLzc+/XI5isFVhR7
6s0y9gizTH9R9JFv1OTOCYdeVSHCK7ESjTpggnR45rI6ybtEdHva9NywHFfZ2Gnb
evuhgqmevROG+gmNkUHsaYq3WRTAJxrzxnDXJ1MaULouqDuLL94=
=jKhz
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 4503-1] evolution-data-server security update
Next by Date: [SECURITY] [DLA 4505-1] ruby-rack security update
Previous by thread: [SECURITY] [DLA 4503-1] evolution-data-server security update
Next by thread: [SECURITY] [DLA 4505-1] ruby-rack security update
Index(es):
- Date
- Thread