libvirt is a C API for managing and interacting with the virtualizationcapabilities of Linux and other operating systems. libvirt also providestools for remotely managing virtualized systems.The libvirtd daemon was discovered to not properly check user connectionpermissions before performing certain privileged actions, such asrequesting migration of an unprivileged guest domain to another system. Alocal user able to establish a read-only connection to libvirtd could usethis flaw to perform actions that should be restricted to read-writeconnections. (CVE-2008-5086)libvirt_proxy, a setuid helper application allowing non-privileged users tocommunicate with the hypervisor, was discovered to not properly validateuser requests. Local users could use this flaw to cause a stack-basedbuffer overflow in libvirt_proxy, possibly allowing them to run arbitrarycode with root privileges. (CVE-2009-0036)All users are advised to upgrade to these updated packages, which containbackported patches which resolve these issues. After installing the update,libvirtd must be restarted manually (for example, by issuing a "servicelibvirtd restart" command), and guest systems rebooted, for this change totake effect.