[Users] oVirt Engine 3.2 Async Update due to security issue
mburns at redhat.com
Thu Sep 12 12:27:13 EDT 2013
A new version of oVirt Engine 3.2 was released today to deal with
security bug 1007482 .
A reflected cross-site scripting (XSS) flaw was found in oVirt Engine An
attacker could construct a carefully-crafted URL, which once visited by
an unsuspecting user, could cause the user's web browser to execute
malicious script in the context the of oVirt Engine domain. (CVE-2013-4181)
This update only fixes this one bug.
The oVirt Team
More information about the Users